Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
File:                     XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft (raw, json)
Hash identifier:          bnYHBb/tLhy6OsQ13gseYD0menYW8tZrvIchP9YEiec=
Subject key identifier:   98:D2:E1:C3:7E:76:64:91:80:CD:47:FB:E7:B8:95:43:2B:A2:63:8E
Authority key identifier: 5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47
Certificate issuer:       /CN=5e55afde34211bcee6a7fd992488a24927b46947
Certificate serial:       019D39777FAD6131FB072DEA0FE5FC40F023
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
Manifest number:          04D9
Signing time:             Sun 29 Mar 2026 12:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:25 +0000
Files and hashes:         1: XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl (hash: S5yJnQJJ9IbNSXUv0a5WH3Wi00kOzFDUWazenw/9LjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:7f:ad:61:31:fb:07:2d:ea:0f:e5:fc:40:f0:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e55afde34211bcee6a7fd992488a24927b46947
        Validity
            Not Before: Mar 29 12:00:25 2026 GMT
            Not After : Mar 30 12:00:25 2026 GMT
        Subject: CN=98d2e1c37e76649180cd47fbe7b895432ba2638e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:8f:f2:46:3f:06:9d:de:6d:8b:54:fd:6f:a0:
                    34:8e:d4:bd:15:e2:94:05:6e:06:36:40:0f:44:02:
                    d2:65:2f:33:1f:7c:7c:5c:35:1d:8c:2c:1b:41:4f:
                    a0:20:19:ca:a9:59:80:df:32:8e:79:19:0f:a7:b0:
                    6f:37:9e:e2:ae:d6:85:03:64:15:11:89:96:2c:42:
                    41:1d:75:cc:a8:f6:10:4e:da:73:14:bb:4e:1b:9b:
                    9c:ff:85:5a:55:ff:46:a4:17:dd:c8:c2:29:3d:8a:
                    b9:31:25:a6:e1:96:25:96:ab:f6:b2:73:5a:e7:d3:
                    e6:da:42:b8:b0:22:9f:d8:a8:17:1d:0f:09:73:42:
                    f9:ef:57:67:61:a6:31:ac:25:b8:92:d0:0c:dd:2a:
                    1e:66:af:91:54:30:39:7b:4c:c9:02:69:01:6c:0c:
                    2e:ec:3e:38:54:21:88:6e:e4:95:8c:74:eb:82:ff:
                    3a:44:57:84:5f:58:38:8e:87:82:06:ae:9a:3e:7d:
                    5d:98:59:88:fa:33:bb:33:ee:c0:10:f9:0a:5b:72:
                    73:40:68:2c:62:6e:1f:45:7b:5e:0c:70:76:73:21:
                    5c:a7:ae:e6:e4:95:13:7a:b4:41:18:3d:c3:87:b4:
                    8a:1a:25:b6:7c:a0:0d:71:6b:b4:38:a3:07:7c:31:
                    ab:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D2:E1:C3:7E:76:64:91:80:CD:47:FB:E7:B8:95:43:2B:A2:63:8E
            X509v3 Authority Key Identifier:
                keyid:5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:de:38:d7:ed:5f:44:c9:af:25:1f:26:9e:e3:f4:bc:b0:0f:
         6c:66:23:6f:29:9d:d5:39:ca:c9:47:e4:d6:75:e7:4b:b9:b1:
         d0:af:67:98:95:b0:1c:c1:fc:4b:02:91:e0:7c:56:c5:e2:29:
         40:d3:84:fa:03:59:d5:da:3f:64:fc:40:9a:08:15:4c:7d:c2:
         31:9c:5a:dc:9a:52:86:40:42:8f:ad:aa:fe:d5:e8:4d:56:27:
         fc:ae:b8:35:f3:76:7e:7f:39:ec:2a:2a:74:a5:1b:1f:b1:cf:
         54:13:3f:40:5a:f3:8a:83:c2:84:db:93:b4:4a:82:ca:1d:45:
         e2:9d:b4:c8:5a:56:49:ee:82:04:ee:c4:8c:04:81:d6:2f:58:
         f7:d2:4b:5d:55:43:74:d1:b8:5d:b9:e1:0f:23:25:db:f3:b3:
         a5:f0:d0:1a:08:05:49:ae:c7:0a:d0:58:c0:46:3e:8b:7b:e3:
         59:42:a0:67:74:b7:99:ed:cd:8b:93:ca:01:10:e4:dd:41:7e:
         39:cc:d4:43:59:12:e1:93:2c:59:27:c9:31:6d:a0:56:7c:53:
         e0:98:b9:a2:5a:1b:f0:6f:d0:19:bb:86:76:69:6f:fa:94:ff:
         20:ff:45:d3:d1:55:aa:64:14:33:ac:ca:1c:7d:98:73:12:8f:
         b8:2e:f7:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d3+tYTH7By3qD+X8QPAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTVhZmRlMzQyMTFiY2VlNmE3ZmQ5OTI0ODhhMjQ5Mjdi
NDY5NDcwHhcNMjYwMzI5MTIwMDI1WhcNMjYwMzMwMTIwMDI1WjAzMTEwLwYDVQQD
Eyg5OGQyZTFjMzdlNzY2NDkxODBjZDQ3ZmJlN2I4OTU0MzJiYTI2MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o/yRj8Gnd5ti1T9b6A0jtS9FeKU
BW4GNkAPRALSZS8zH3x8XDUdjCwbQU+gIBnKqVmA3zKOeRkPp7BvN57irtaFA2QV
EYmWLEJBHXXMqPYQTtpzFLtOG5uc/4VaVf9GpBfdyMIpPYq5MSWm4ZYllqv2snNa
59Pm2kK4sCKf2KgXHQ8Jc0L571dnYaYxrCW4ktAM3SoeZq+RVDA5e0zJAmkBbAwu
7D44VCGIbuSVjHTrgv86RFeEX1g4joeCBq6aPn1dmFmI+jO7M+7AEPkKW3JzQGgs
Ym4fRXteDHB2cyFcp67m5JUTerRBGD3Dh7SKGiW2fKANcWu0OKMHfDGrJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjS4cN+dmSRgM1H++e4lUMromOOMB8GA1UdIwQY
MBaAFF5Vr940IRvO5qf9mSSIokkntGlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMt
ZGU3YjQxNjc4YjZmLzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMtZGU3YjQxNjc4YjZm
LzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr9441+1f
RMmvJR8mnuP0vLAPbGYjbymd1TnKyUfk1nXnS7mx0K9nmJWwHMH8SwKR4HxWxeIp
QNOE+gNZ1do/ZPxAmggVTH3CMZxa3JpShkBCj62q/tXoTVYn/K64NfN2fn857Coq
dKUbH7HPVBM/QFrzioPChNuTtEqCyh1F4p20yFpWSe6CBO7EjASB1i9Y99JLXVVD
dNG4XbnhDyMl2/OzpfDQGggFSa7HCtBYwEY+i3vjWUKgZ3S3me3Ni5PKARDk3UF+
OczUQ1kS4ZMsWSfJMW2gVnxT4Ji5olob8G/QGbuGdmlv+pT/IP9F09FVqmQUM6zK
HH2YcxKPuC73cQ==
-----END CERTIFICATE-----