Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft
File:                     gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft (raw, json)
Hash identifier:          LNY0cMaQ0b4zYgmFQtpS38jFRCKhlkDBT3dQfEo8pu4=
Subject key identifier:   2A:74:2C:48:F9:2B:88:06:FB:E9:D4:35:B1:A8:5D:DD:0A:7B:28:69
Authority key identifier: 80:7C:5A:7B:04:1D:DE:40:EF:4A:35:9E:EB:21:99:D4:5A:33:D1:D3
Certificate issuer:       /CN=807c5a7b041dde40ef4a359eeb2199d45a33d1d3
Certificate serial:       019D39AF8309970B4DC387C18F9B51F03C63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft
Manifest number:          0174
Signing time:             Sun 29 Mar 2026 13:01:36 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:36 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:36 +0000
Files and hashes:         1: gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl (hash: nFensFepPOOpeR+kNlzMLT81YMUJcbHfia5T+ZKeBi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:83:09:97:0b:4d:c3:87:c1:8f:9b:51:f0:3c:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=807c5a7b041dde40ef4a359eeb2199d45a33d1d3
        Validity
            Not Before: Mar 29 13:01:36 2026 GMT
            Not After : Mar 30 13:01:36 2026 GMT
        Subject: CN=2a742c48f92b8806fbe9d435b1a85ddd0a7b2869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7d:6c:b5:9e:6e:ca:d2:91:86:fc:05:1c:ba:
                    86:86:32:70:73:3d:76:e5:df:45:bb:b9:2d:79:6b:
                    df:0a:96:8e:37:70:43:3d:af:1a:4f:66:5c:11:60:
                    50:4b:a9:74:5b:5f:f2:fc:2c:9a:7a:4c:49:4b:71:
                    96:25:57:7c:1c:db:8a:0a:96:b0:b0:9b:e8:e9:d1:
                    4d:24:7e:e5:97:06:55:99:e2:f6:09:c4:65:bd:53:
                    a3:68:95:55:7c:52:cc:7d:45:ae:5e:da:38:6c:85:
                    21:ea:a5:52:67:ab:ae:05:13:ef:bc:d2:e4:4d:31:
                    13:3e:b5:8e:99:dc:e1:86:de:f5:11:3a:85:53:94:
                    e9:87:07:84:12:72:5d:31:e5:87:60:cf:7b:cc:f1:
                    4f:b2:33:92:fc:44:24:2a:5a:75:4e:8c:de:86:07:
                    de:68:55:8f:7e:70:c0:6e:5b:53:98:25:f1:24:ae:
                    ee:d3:51:2f:2c:6e:0b:13:b9:cb:5d:d9:80:2b:58:
                    a8:1f:07:2b:81:ab:9b:82:24:a3:96:29:c0:e2:86:
                    4d:98:bc:da:70:d6:f9:39:1e:58:b6:c1:67:49:9b:
                    6c:6e:33:27:cd:12:6f:29:16:a1:70:f1:6e:01:3b:
                    32:a5:c3:b3:82:38:96:43:e3:12:d8:b8:50:6c:29:
                    a5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:74:2C:48:F9:2B:88:06:FB:E9:D4:35:B1:A8:5D:DD:0A:7B:28:69
            X509v3 Authority Key Identifier:
                keyid:80:7C:5A:7B:04:1D:DE:40:EF:4A:35:9E:EB:21:99:D4:5A:33:D1:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:63:89:10:3b:d7:4b:40:c2:e1:a3:3b:c2:4d:ce:91:63:34:
         e7:d0:f0:80:52:24:90:46:b4:f4:30:7c:5f:58:7d:54:48:8b:
         0f:ca:7b:07:49:96:32:b0:13:ac:78:26:d4:99:83:3d:43:ed:
         49:4d:91:d3:26:4a:3b:21:c4:88:a5:b5:84:78:6a:b3:e2:9c:
         d3:ac:d4:70:dd:4d:34:26:52:9c:34:fe:2f:33:86:73:49:9f:
         a8:86:a3:99:05:c0:b2:e6:8a:a6:8e:32:4c:85:af:7a:69:d3:
         94:18:43:e1:6b:86:7b:8c:30:e6:f6:bc:9f:54:b0:45:f8:99:
         84:a4:1b:da:21:68:00:5e:33:70:89:0b:9c:df:b1:e2:7c:e7:
         27:9f:f7:ae:7b:e5:58:d9:3e:02:b5:14:2f:d8:bd:9b:8a:15:
         f7:f9:5c:28:61:f1:9d:78:be:ca:e2:11:d7:b7:08:40:d6:93:
         43:49:c9:0c:b3:9d:28:a1:00:f1:75:9f:5f:60:c2:d4:17:ff:
         fd:ac:88:d7:04:15:44:ed:87:f6:94:dd:5c:6d:06:10:cd:52:
         0f:36:9a:b2:04:5f:f7:89:3c:de:e6:c1:38:ce:c7:3c:8e:50:
         6e:b3:20:b1:03:5f:b4:df:05:dd:8e:cd:4d:05:0c:6b:64:86:
         0f:44:1d:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r4MJlwtNw4fBj5tR8DxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwN2M1YTdiMDQxZGRlNDBlZjRhMzU5ZWViMjE5OWQ0NWEz
M2QxZDMwHhcNMjYwMzI5MTMwMTM2WhcNMjYwMzMwMTMwMTM2WjAzMTEwLwYDVQQD
EygyYTc0MmM0OGY5MmI4ODA2ZmJlOWQ0MzViMWE4NWRkZDBhN2IyODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw31stZ5uytKRhvwFHLqGhjJwcz12
5d9Fu7kteWvfCpaON3BDPa8aT2ZcEWBQS6l0W1/y/CyaekxJS3GWJVd8HNuKCpaw
sJvo6dFNJH7llwZVmeL2CcRlvVOjaJVVfFLMfUWuXto4bIUh6qVSZ6uuBRPvvNLk
TTETPrWOmdzhht71ETqFU5TphweEEnJdMeWHYM97zPFPsjOS/EQkKlp1Tozehgfe
aFWPfnDAbltTmCXxJK7u01EvLG4LE7nLXdmAK1ioHwcrgaubgiSjlinA4oZNmLza
cNb5OR5YtsFnSZtsbjMnzRJvKRahcPFuATsypcOzgjiWQ+MS2LhQbCmlRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCp0LEj5K4gG++nUNbGoXd0KeyhpMB8GA1UdIwQY
MBaAFIB8WnsEHd5A70o1nushmdRaM9HTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy82Y2ZjNTktNDU5NS00YmQzLThhMjIt
MDk2MTlmZTY0ZDczLzEvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy82Y2ZjNTktNDU5NS00YmQzLThhMjItMDk2MTlmZTY0ZDcz
LzEvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGOJEDvX
S0DC4aM7wk3OkWM059DwgFIkkEa09DB8X1h9VEiLD8p7B0mWMrATrHgm1JmDPUPt
SU2R0yZKOyHEiKW1hHhqs+Kc06zUcN1NNCZSnDT+LzOGc0mfqIajmQXAsuaKpo4y
TIWvemnTlBhD4WuGe4ww5va8n1SwRfiZhKQb2iFoAF4zcIkLnN+x4nznJ5/3rnvl
WNk+ArUUL9i9m4oV9/lcKGHxnXi+yuIR17cIQNaTQ0nJDLOdKKEA8XWfX2DC1Bf/
/ayI1wQVRO2H9pTdXG0GEM1SDzaasgRf94k83ubBOM7HPI5QbrMgsQNftN8F3Y7N
TQUMa2SGD0QdjQ==
-----END CERTIFICATE-----