Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File:                     D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier:          p9B5c9GBImPhyqcLTOdgXIrs1cW11EV5lTj82Sby9hE=
Subject key identifier:   DC:34:41:36:A0:9A:88:22:75:1B:69:8E:1A:75:B8:29:FA:20:39:52
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer:       /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial:       019CAC10502AEB8C808B001769C30CFBD9FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number:          092B
Signing time:             Mon 02 Mar 2026 01:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:16 +0000
Files and hashes:         1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: B5RsiQOnK3RtxtkwvOyc4hKB0FPetBGMcY536pTmY50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:50:2a:eb:8c:80:8b:00:17:69:c3:0c:fb:d9:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
        Validity
            Not Before: Mar  2 01:01:16 2026 GMT
            Not After : Mar  3 01:01:16 2026 GMT
        Subject: CN=dc344136a09a8822751b698e1a75b829fa203952
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2c:0e:ad:39:57:53:2e:b3:f0:04:a5:3c:71:
                    44:2a:2f:07:48:48:46:f7:61:b7:41:f9:c9:8a:56:
                    31:cd:47:3b:3c:72:e6:fc:fe:9a:2a:65:10:05:4d:
                    5b:2e:83:60:50:c8:43:80:e9:59:3c:df:df:a9:38:
                    4b:41:96:57:db:7a:b8:32:a1:bc:a3:c7:28:62:36:
                    6d:ab:dc:71:bd:46:04:f5:bb:a3:49:10:30:7b:1b:
                    df:84:4e:52:86:62:48:2c:b1:17:63:92:1a:97:92:
                    85:63:99:78:ee:7b:99:34:f0:7f:ff:c9:a7:ab:e0:
                    27:a7:66:e5:22:5c:69:d0:df:94:3e:89:da:c7:72:
                    94:3f:35:29:2c:51:7d:88:e8:c8:ba:c6:29:1c:e3:
                    37:03:a4:ec:bd:20:4a:91:9f:d7:73:57:56:7c:9e:
                    32:de:bd:c6:62:87:66:e2:b3:53:de:b0:39:8c:8a:
                    01:10:aa:6b:bb:fe:f1:9d:a5:00:8a:d9:b2:7c:16:
                    b1:81:4b:ff:1d:fb:fb:00:e6:0a:5d:1b:be:a5:b3:
                    27:17:84:aa:33:c0:05:1b:18:6b:3c:d1:86:5f:b7:
                    72:1b:fc:13:29:22:17:ac:6f:2c:e1:f5:3e:10:ce:
                    e6:38:49:a3:1a:d6:db:38:46:13:4f:50:ac:bf:ab:
                    d3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:34:41:36:A0:9A:88:22:75:1B:69:8E:1A:75:B8:29:FA:20:39:52
            X509v3 Authority Key Identifier:
                keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:f2:36:1a:3d:73:0e:ae:e0:c5:ea:b1:17:cb:73:77:f4:5e:
         67:6c:a8:44:1f:ac:e1:45:bf:34:77:2e:07:d4:bc:28:c1:c3:
         a9:25:31:7c:9b:01:d1:c9:8c:7f:33:49:b7:4d:31:be:e2:fa:
         70:ac:76:a6:f4:ae:88:68:36:2d:86:9c:86:9a:1d:f1:80:0f:
         d2:87:b3:03:b7:de:36:b3:4e:3c:c5:b5:29:6b:73:40:1a:b2:
         eb:5f:22:00:41:df:64:fc:35:3d:cd:17:1f:32:02:00:d1:ff:
         3b:32:34:aa:b5:e2:ae:3c:0d:28:8d:a9:d7:ee:e3:53:5a:00:
         cf:77:1a:91:57:34:1e:4e:db:29:35:e3:83:e8:9f:26:aa:22:
         70:5c:62:9b:cc:3e:5c:1f:a0:d8:c4:4f:a8:66:53:c4:bc:91:
         b7:86:03:e0:77:75:65:8e:5e:98:e0:2d:91:b7:ce:95:e9:e4:
         ba:36:33:af:6e:58:c6:ec:07:d0:76:53:0a:18:86:03:98:00:
         09:1e:a9:25:c8:60:c6:53:28:2a:25:1f:f7:08:a4:03:7e:69:
         0e:ce:bb:90:8f:b5:2e:2c:bf:d8:77:10:7e:e5:03:3d:7d:90:
         98:29:09:16:5b:fc:eb:cc:4e:35:f3:f8:6b:5f:fe:58:89:e5:
         77:2b:bb:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEFAq64yAiwAXacMM+9n8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjYwMzAyMDEwMTE2WhcNMjYwMzAzMDEwMTE2WjAzMTEwLwYDVQQD
EyhkYzM0NDEzNmEwOWE4ODIyNzUxYjY5OGUxYTc1YjgyOWZhMjAzOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCwOrTlXUy6z8ASlPHFEKi8HSEhG
92G3QfnJilYxzUc7PHLm/P6aKmUQBU1bLoNgUMhDgOlZPN/fqThLQZZX23q4MqG8
o8coYjZtq9xxvUYE9bujSRAwexvfhE5ShmJILLEXY5Ial5KFY5l47nuZNPB//8mn
q+Anp2blIlxp0N+UPonax3KUPzUpLFF9iOjIusYpHOM3A6TsvSBKkZ/Xc1dWfJ4y
3r3GYodm4rNT3rA5jIoBEKpru/7xnaUAitmyfBaxgUv/Hfv7AOYKXRu+pbMnF4Sq
M8AFGxhrPNGGX7dyG/wTKSIXrG8s4fU+EM7mOEmjGtbbOEYTT1Csv6vTDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNw0QTagmogidRtpjhp1uCn6IDlSMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADPI2Gj1z
Dq7gxeqxF8tzd/ReZ2yoRB+s4UW/NHcuB9S8KMHDqSUxfJsB0cmMfzNJt00xvuL6
cKx2pvSuiGg2LYachpod8YAP0oezA7feNrNOPMW1KWtzQBqy618iAEHfZPw1Pc0X
HzICANH/OzI0qrXirjwNKI2p1+7jU1oAz3cakVc0Hk7bKTXjg+ifJqoicFxim8w+
XB+g2MRPqGZTxLyRt4YD4Hd1ZY5emOAtkbfOlenkujYzr25YxuwH0HZTChiGA5gA
CR6pJchgxlMoKiUf9wikA35pDs67kI+1Liy/2HcQfuUDPX2QmCkJFlv868xONfP4
a1/+WInldyu70Q==
-----END CERTIFICATE-----