Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
File:                     5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json)
Hash identifier:          huTldSuCl0Jr7BEmxkUHnbIyC1WPa5W7cDpRp0dD+1w=
Subject key identifier:   C1:16:AF:AC:1B:93:7A:28:95:6E:7F:B9:8E:EA:0D:8B:0E:AE:8B:3F
Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90
Certificate issuer:       /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
Certificate serial:       019D3752FB5CC68B3CDE8D32FDA672489169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
Manifest number:          0532
Signing time:             Sun 29 Mar 2026 02:01:18 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:18 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:18 +0000
Files and hashes:         1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: J1fpcXFYJxhriaGc28smpU6AJlMUTo5jadVqEpnFwZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:fb:5c:c6:8b:3c:de:8d:32:fd:a6:72:48:91:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
        Validity
            Not Before: Mar 29 02:01:18 2026 GMT
            Not After : Mar 30 02:01:18 2026 GMT
        Subject: CN=c116afac1b937a28956e7fb98eea0d8b0eae8b3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:c0:bc:c4:b9:98:0e:f2:49:40:98:27:1f:c1:
                    5a:cc:ca:ab:c5:72:0a:02:4d:cc:bb:b3:4b:cb:15:
                    10:21:f6:b8:5f:83:95:7c:4a:67:f4:19:aa:e5:66:
                    44:e9:99:8e:16:d3:f4:dc:fb:0e:2b:4c:35:db:f7:
                    db:08:98:53:89:78:aa:d3:5e:08:86:fb:c5:f0:02:
                    82:70:d1:b1:99:48:0b:fc:3c:ba:c0:7c:c9:8c:c8:
                    5b:0e:f8:95:9d:19:87:51:6f:c4:3f:ea:d3:89:8b:
                    12:4f:8c:da:8b:69:a7:95:bb:1d:35:51:2a:dc:a0:
                    6b:1e:75:26:be:75:77:7b:dc:f1:36:dd:0c:1c:4d:
                    12:5a:8a:15:44:94:de:c4:c8:d3:c6:c4:0b:79:c9:
                    e7:d7:22:fc:6d:53:d2:6e:0d:37:7d:ec:f1:2a:b1:
                    10:12:5e:f1:e8:a9:f2:d9:b6:f2:52:2e:22:85:a6:
                    40:36:f1:3d:83:1e:5c:75:36:8e:38:df:a4:f5:58:
                    f5:f2:40:15:5f:9d:69:58:c0:b4:1f:61:a8:a1:70:
                    04:23:85:1e:41:ca:e7:7d:09:89:2b:8a:58:1e:fa:
                    3c:b9:bb:d8:c4:80:20:2b:a7:7e:9f:42:b7:db:ca:
                    57:c9:4b:0c:cd:bd:96:39:99:e6:d9:75:22:c7:d1:
                    d9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:16:AF:AC:1B:93:7A:28:95:6E:7F:B9:8E:EA:0D:8B:0E:AE:8B:3F
            X509v3 Authority Key Identifier:
                keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f2:57:0b:61:b4:f0:9d:5a:ff:b6:fe:1c:6d:49:1e:6e:e9:
         2b:46:9d:dd:d8:80:32:d8:fe:62:31:f4:ed:77:fb:15:b0:18:
         bc:c7:ab:bc:d3:dd:98:1a:03:4c:46:6a:87:ed:de:ea:0f:64:
         de:7b:cb:75:f7:4f:f5:95:30:1b:3a:31:3d:2e:f2:34:0a:ef:
         ef:f1:9d:02:24:38:5f:04:e8:da:cc:61:e4:ec:12:f0:c3:14:
         d0:6d:8d:90:06:64:67:25:45:1f:03:74:52:c7:f7:3b:7d:be:
         2a:44:cb:b4:4d:50:56:bd:3f:67:e3:35:6b:89:3f:e8:06:46:
         ba:67:13:b7:50:7f:b6:c9:ba:cf:33:34:07:b1:aa:63:2c:92:
         51:a8:d9:15:3b:6d:52:d2:d3:4c:94:9a:1a:12:4f:82:8e:8d:
         aa:f9:fe:8e:d6:89:b3:b3:68:00:99:be:0b:0f:52:8b:2e:5b:
         cc:9d:a1:6a:79:65:ba:dd:e9:c7:e8:43:76:74:20:1e:83:f7:
         13:6d:9c:58:f9:7d:61:5a:9f:37:98:39:81:b1:8b:d3:3f:17:
         d7:29:47:ed:ca:ea:4b:f5:22:7f:fa:e6:72:56:a0:a5:18:5f:
         92:8d:70:fc:23:12:63:7c:a7:80:5d:e2:77:ce:94:b1:b3:7c:
         d0:55:16:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uvtcxos83o0y/aZySJFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl
MmUwOTAwHhcNMjYwMzI5MDIwMTE4WhcNMjYwMzMwMDIwMTE4WjAzMTEwLwYDVQQD
EyhjMTE2YWZhYzFiOTM3YTI4OTU2ZTdmYjk4ZWVhMGQ4YjBlYWU4YjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MC8xLmYDvJJQJgnH8FazMqrxXIK
Ak3Mu7NLyxUQIfa4X4OVfEpn9Bmq5WZE6ZmOFtP03PsOK0w12/fbCJhTiXiq014I
hvvF8AKCcNGxmUgL/Dy6wHzJjMhbDviVnRmHUW/EP+rTiYsST4zai2mnlbsdNVEq
3KBrHnUmvnV3e9zxNt0MHE0SWooVRJTexMjTxsQLecnn1yL8bVPSbg03fezxKrEQ
El7x6Kny2bbyUi4ihaZANvE9gx5cdTaOON+k9Vj18kAVX51pWMC0H2GooXAEI4Ue
QcrnfQmJK4pYHvo8ubvYxIAgK6d+n0K328pXyUsMzb2WOZnm2XUix9HZaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMEWr6wbk3oolW5/uY7qDYsOros/MB8GA1UdIwQY
MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt
MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2
LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfJXC2G0
8J1a/7b+HG1JHm7pK0ad3diAMtj+YjH07Xf7FbAYvMervNPdmBoDTEZqh+3e6g9k
3nvLdfdP9ZUwGzoxPS7yNArv7/GdAiQ4XwTo2sxh5OwS8MMU0G2NkAZkZyVFHwN0
Usf3O32+KkTLtE1QVr0/Z+M1a4k/6AZGumcTt1B/tsm6zzM0B7GqYyySUajZFTtt
UtLTTJSaGhJPgo6Nqvn+jtaJs7NoAJm+Cw9Siy5bzJ2hanllut3px+hDdnQgHoP3
E22cWPl9YVqfN5g5gbGL0z8X1ylH7crqS/Uif/rmclagpRhfko1w/CMSY3yngF3i
d86UsbN80FUWcA==
-----END CERTIFICATE-----