Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          //ESJylLl9Sn8d+nrID1RKh7kTFJIRMhCcDdoMyQOAQ=
Subject key identifier:   CF:20:64:BE:29:AE:4E:17:75:6C:D9:78:A5:85:42:E7:30:7D:2B:98
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       019D38659D85736FCA006240E40FB4BBB028
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          1895
Signing time:             Sun 29 Mar 2026 07:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:16 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: hm83LlOsKRb/G4WOsXD21T2c/1G22WUSdu3HqBSPKc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:9d:85:73:6f:ca:00:62:40:e4:0f:b4:bb:b0:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Mar 29 07:01:16 2026 GMT
            Not After : Mar 30 07:01:16 2026 GMT
        Subject: CN=cf2064be29ae4e17756cd978a58542e7307d2b98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0d:c1:7f:f3:44:d9:f5:64:7a:56:03:1a:36:
                    85:6b:7a:47:b1:ab:10:2e:10:1e:ad:16:db:a0:e4:
                    c4:b9:66:75:68:69:11:5c:f3:d6:09:03:8b:66:34:
                    c2:21:6c:bb:32:56:97:c1:9b:a0:0f:d2:15:57:09:
                    84:6d:3d:db:44:20:9b:1d:68:4f:54:ce:bb:42:84:
                    9b:aa:91:54:62:11:22:fd:de:88:fe:b8:6b:20:ae:
                    14:0a:82:81:ac:53:f4:35:cb:ea:43:50:40:d5:c0:
                    8c:c2:97:5d:c9:2e:be:a1:9b:c3:c5:9a:18:9b:bf:
                    3b:3f:9e:1f:35:eb:6e:9f:91:16:97:18:5a:9b:e8:
                    a2:3c:3c:f1:68:96:ff:88:e2:af:e0:93:78:ed:a8:
                    3c:29:83:78:48:33:9f:a6:c7:d9:dd:4c:3e:40:93:
                    f2:4c:18:e3:c1:5a:1e:40:61:89:e1:65:c4:a7:41:
                    6b:fe:d7:1a:ba:0b:26:00:1f:2e:6f:f6:8c:e0:e5:
                    af:5a:ac:99:a4:e1:9d:61:8f:b0:61:e1:dc:8d:13:
                    7b:4c:f8:99:9d:73:97:55:7a:b0:ca:74:5f:e7:24:
                    8e:46:91:3d:d2:a8:bd:b3:c8:cc:72:b2:9a:81:ee:
                    7a:d6:71:da:b9:e2:61:49:7b:3d:cc:c0:80:5b:99:
                    10:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:20:64:BE:29:AE:4E:17:75:6C:D9:78:A5:85:42:E7:30:7D:2B:98
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:e0:3e:c3:23:bf:11:f5:d6:96:1b:06:6e:11:e7:e5:ec:4f:
         35:46:e5:7f:2c:97:a1:62:7e:f2:9c:9b:18:5c:86:ad:d8:60:
         6f:22:4b:b9:0d:06:d8:dc:8a:6f:23:e2:67:ff:85:a6:5f:8c:
         cf:98:b6:45:0d:8c:fc:6c:c3:d6:31:a0:18:b9:d8:db:0a:b5:
         d6:12:70:5c:99:6a:5b:dd:c3:14:7b:8c:61:f7:0f:b3:a9:e6:
         18:6e:65:50:d5:b9:79:e9:b2:22:63:54:44:25:07:2a:fc:26:
         de:12:59:63:c0:f9:36:ab:36:a2:21:c2:92:fa:a1:51:f8:27:
         73:8e:b2:c0:a3:9e:a3:97:84:d3:65:9f:b6:5c:07:59:e3:04:
         ae:11:ef:c3:55:da:4e:7c:f4:ac:d0:ad:16:02:a4:06:f0:36:
         d6:46:93:09:df:fe:0e:a8:c8:b9:13:6f:6d:b7:47:54:ae:18:
         19:6b:f8:22:05:4c:fd:f0:51:f4:2f:0b:77:d9:81:c8:66:34:
         21:cb:da:5c:80:7f:00:80:e9:02:66:31:72:49:38:ff:a2:0d:
         ee:7f:39:6e:1f:1b:f5:bc:27:57:f4:12:9d:92:8d:b2:a4:74:
         23:1d:0d:b3:93:78:7d:bf:8b:9b:e0:a6:29:3d:29:87:86:d2:
         cc:b5:f0:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZ2Fc2/KAGJA5A+0u7AoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjYwMzI5MDcwMTE2WhcNMjYwMzMwMDcwMTE2WjAzMTEwLwYDVQQD
EyhjZjIwNjRiZTI5YWU0ZTE3NzU2Y2Q5NzhhNTg1NDJlNzMwN2QyYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA3Bf/NE2fVkelYDGjaFa3pHsasQ
LhAerRbboOTEuWZ1aGkRXPPWCQOLZjTCIWy7MlaXwZugD9IVVwmEbT3bRCCbHWhP
VM67QoSbqpFUYhEi/d6I/rhrIK4UCoKBrFP0NcvqQ1BA1cCMwpddyS6+oZvDxZoY
m787P54fNetun5EWlxham+iiPDzxaJb/iOKv4JN47ag8KYN4SDOfpsfZ3Uw+QJPy
TBjjwVoeQGGJ4WXEp0Fr/tcaugsmAB8ub/aM4OWvWqyZpOGdYY+wYeHcjRN7TPiZ
nXOXVXqwynRf5ySORpE90qi9s8jMcrKage561nHaueJhSXs9zMCAW5kQ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8gZL4prk4XdWzZeKWFQucwfSuYMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+A+wyO/
EfXWlhsGbhHn5exPNUblfyyXoWJ+8pybGFyGrdhgbyJLuQ0G2NyKbyPiZ/+Fpl+M
z5i2RQ2M/GzD1jGgGLnY2wq11hJwXJlqW93DFHuMYfcPs6nmGG5lUNW5eemyImNU
RCUHKvwm3hJZY8D5Nqs2oiHCkvqhUfgnc46ywKOeo5eE02WftlwHWeMErhHvw1Xa
Tnz0rNCtFgKkBvA21kaTCd/+DqjIuRNvbbdHVK4YGWv4IgVM/fBR9C8Ld9mByGY0
IcvaXIB/AIDpAmYxckk4/6IN7n85bh8b9bwnV/QSnZKNsqR0Ix0Ns5N4fb+Lm+Cm
KT0ph4bSzLXwCw==
-----END CERTIFICATE-----