Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          dIvEox000oAYzn/zTGQwtJCeM786Q1uxbjBlyToW7xk=
Subject key identifier:   56:87:60:48:9D:50:5D:37:AC:90:0E:70:AF:A1:77:5D:C3:E1:1D:28
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       019CAC478DE2768CCBD49B6AC40341A6DC77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          04B8
Signing time:             Mon 02 Mar 2026 02:01:36 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:36 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:36 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: y543jFy0LnrPq48kQif00aTvNON/tTPv8PxDzm3HzJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:8d:e2:76:8c:cb:d4:9b:6a:c4:03:41:a6:dc:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Mar  2 02:01:36 2026 GMT
            Not After : Mar  3 02:01:36 2026 GMT
        Subject: CN=568760489d505d37ac900e70afa1775dc3e11d28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:11:19:98:d1:df:fa:ef:6e:7a:e1:f7:47:69:
                    74:0c:ef:5a:83:41:b8:09:99:1b:19:07:48:7a:18:
                    fb:fa:67:e3:38:0e:f3:08:ed:04:0f:5b:12:f1:f2:
                    11:d4:80:ef:79:87:04:b6:ba:56:b9:c2:be:63:21:
                    be:2e:f7:39:88:30:40:1d:76:34:bd:cf:b8:e3:69:
                    29:12:f2:87:51:2c:3f:45:e8:e0:f5:72:21:7f:09:
                    a1:6b:93:46:49:71:2f:e4:f7:df:62:74:fe:45:12:
                    31:cf:ed:a6:ee:52:be:5a:94:1c:a1:39:54:78:9e:
                    2c:30:5e:39:62:0c:12:50:f8:84:38:53:94:f0:2c:
                    32:35:6b:62:de:59:c0:1d:3c:d4:7d:64:99:96:d7:
                    15:bf:6d:5a:9b:76:0d:7e:cb:97:06:e2:0e:ea:af:
                    83:e5:a0:b2:40:bf:ac:7a:53:b6:0a:2e:ee:e1:8b:
                    33:20:44:80:37:a8:1a:fe:bc:44:96:5c:02:6a:c0:
                    a2:f1:6e:95:43:32:9f:1a:8b:5e:12:f2:af:be:a7:
                    be:5b:b8:6f:73:f3:28:5a:b4:16:a8:ba:6d:1d:05:
                    12:ad:71:67:da:57:ae:d3:dc:8c:74:c5:ba:09:bb:
                    1c:6d:d6:ec:72:d6:c9:01:b3:5f:da:e5:1b:50:25:
                    2c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:87:60:48:9D:50:5D:37:AC:90:0E:70:AF:A1:77:5D:C3:E1:1D:28
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:ce:e1:82:79:79:67:6d:cc:cd:be:ca:48:5c:68:12:19:b6:
         a1:32:0a:87:08:91:03:b3:02:34:ba:97:b7:99:36:4f:09:a6:
         29:7d:f1:7d:bf:17:dd:4a:8c:1f:42:d6:5f:a5:70:61:51:a6:
         79:b6:02:cd:39:c5:43:36:a0:49:13:c8:95:cd:fc:df:4f:ba:
         48:41:1a:96:7c:bb:8d:66:b7:cb:ab:ad:6c:bc:8b:d2:c3:66:
         bb:32:b9:f6:7f:0c:f1:3d:e3:ba:70:9b:73:fa:55:21:98:58:
         b2:66:04:f5:f4:41:94:6a:ae:93:03:ee:8c:0f:42:71:ae:16:
         97:52:6b:27:70:0e:fe:b6:da:b6:53:10:d9:83:f0:bc:31:79:
         b9:e0:73:ab:d3:d0:8e:f7:90:25:06:ce:08:ab:4b:f3:e2:de:
         de:45:23:45:9e:52:4e:1b:c0:be:23:0a:8c:99:08:6c:3b:7d:
         d9:84:ae:62:89:27:ac:22:ad:46:ad:33:da:5a:79:ae:c1:d9:
         65:2e:3b:2c:b6:15:0a:58:c2:25:49:84:29:8a:38:8f:82:bd:
         07:04:7e:e2:ae:66:f7:af:b1:96:f6:da:05:b4:8e:d3:e2:ee:
         59:98:7e:a6:5e:60:89:0e:f3:74:46:70:70:20:aa:02:e0:76:
         84:54:87:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR43idozL1JtqxANBptx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjYwMzAyMDIwMTM2WhcNMjYwMzAzMDIwMTM2WjAzMTEwLwYDVQQD
Eyg1Njg3NjA0ODlkNTA1ZDM3YWM5MDBlNzBhZmExNzc1ZGMzZTExZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvREZmNHf+u9ueuH3R2l0DO9ag0G4
CZkbGQdIehj7+mfjOA7zCO0ED1sS8fIR1IDveYcEtrpWucK+YyG+Lvc5iDBAHXY0
vc+442kpEvKHUSw/Rejg9XIhfwmha5NGSXEv5PffYnT+RRIxz+2m7lK+WpQcoTlU
eJ4sMF45YgwSUPiEOFOU8CwyNWti3lnAHTzUfWSZltcVv21am3YNfsuXBuIO6q+D
5aCyQL+selO2Ci7u4YszIESAN6ga/rxEllwCasCi8W6VQzKfGoteEvKvvqe+W7hv
c/MoWrQWqLptHQUSrXFn2leu09yMdMW6CbscbdbsctbJAbNf2uUbUCUsvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaHYEidUF03rJAOcK+hd13D4R0oMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAms7hgnl5
Z23Mzb7KSFxoEhm2oTIKhwiRA7MCNLqXt5k2TwmmKX3xfb8X3UqMH0LWX6VwYVGm
ebYCzTnFQzagSRPIlc3830+6SEEalny7jWa3y6utbLyL0sNmuzK59n8M8T3junCb
c/pVIZhYsmYE9fRBlGqukwPujA9Cca4Wl1JrJ3AO/rbatlMQ2YPwvDF5ueBzq9PQ
jveQJQbOCKtL8+Le3kUjRZ5SThvAviMKjJkIbDt92YSuYoknrCKtRq0z2lp5rsHZ
ZS47LLYVCljCJUmEKYo4j4K9BwR+4q5m96+xlvbaBbSO0+LuWZh+pl5giQ7zdEZw
cCCqAuB2hFSHCg==
-----END CERTIFICATE-----