Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          Xb18COBKU1WK5IixgZfCwOMXiC2ZVNJISTgTQxN7gEw=
Subject key identifier:   37:2D:BA:F5:A7:FA:53:7D:CC:63:0F:04:5A:30:0A:C8:D3:98:9B:19
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       019D3A536A4FF85B9AAB8BE62A0C39970104
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          05E4
Signing time:             Sun 29 Mar 2026 16:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:38 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: B825Omw0xukssjMSElOqxfcqmc4sWMsmjSmCG1cs/ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:6a:4f:f8:5b:9a:ab:8b:e6:2a:0c:39:97:01:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Mar 29 16:00:38 2026 GMT
            Not After : Mar 30 16:00:38 2026 GMT
        Subject: CN=372dbaf5a7fa537dcc630f045a300ac8d3989b19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b3:fd:14:d0:d6:5f:94:7f:f0:b4:ec:ad:5c:
                    eb:ea:3f:c5:a9:bc:3a:ec:c3:28:01:c4:02:4e:94:
                    cb:00:93:30:9c:5c:9d:24:40:6b:8b:b7:8f:60:8c:
                    17:cb:c4:5d:d3:94:ed:fa:a8:7e:1c:1d:94:87:7c:
                    f1:76:12:3d:fb:ea:a3:00:5f:f8:b6:7a:1a:c8:68:
                    4a:41:cc:27:d3:22:a2:c8:e7:f1:47:e2:b8:d1:78:
                    1d:ca:da:64:2a:34:57:cc:cf:a8:b4:13:82:de:e8:
                    a4:a7:f2:a8:01:9a:10:4b:3c:1e:90:8b:33:e7:be:
                    5e:56:ba:49:e5:48:22:a8:b5:7b:f0:a7:8d:f3:98:
                    a7:5e:f2:9e:4d:a7:52:0a:0d:e3:88:66:71:3d:b8:
                    8a:1c:23:af:c3:fd:6d:b3:3e:7b:d8:db:b5:f9:4b:
                    ac:93:7f:d0:cf:ff:82:a1:a3:5b:17:ef:14:ae:3d:
                    52:2c:3c:bb:ca:5d:25:56:3d:93:64:96:f0:89:b6:
                    0e:cf:79:87:eb:ae:1a:c8:6b:29:b4:38:c6:0b:d0:
                    d6:ea:3f:1d:24:5e:19:5b:ee:9f:47:1d:30:48:9f:
                    82:60:4e:3b:2c:c9:7f:37:7c:96:3a:55:07:85:4f:
                    c4:2b:6f:05:b2:8a:4c:9a:a4:94:6f:a4:7f:b2:38:
                    7a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:2D:BA:F5:A7:FA:53:7D:CC:63:0F:04:5A:30:0A:C8:D3:98:9B:19
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:55:61:27:0a:1d:4e:b7:14:41:cc:56:8c:b9:c1:aa:c1:2d:
         af:2a:f7:c1:e5:f1:bc:37:97:44:4c:b0:78:e0:37:60:22:30:
         22:2b:79:23:0e:3e:73:16:bb:25:fc:66:13:7c:c4:ce:30:7b:
         83:39:30:3e:9e:1f:0a:ef:82:a8:dd:54:83:43:24:36:a3:d9:
         77:97:9f:f0:52:c5:45:47:08:b9:8c:16:0a:a5:97:7c:a1:cc:
         aa:16:38:f8:5c:da:a5:30:d5:09:84:8f:94:a6:51:02:62:8c:
         5b:b1:a6:d9:38:64:a9:f3:be:0e:86:6e:ae:bd:b7:de:d2:f3:
         0d:b5:5c:0d:87:20:f0:0c:39:91:56:0b:de:c7:a7:d8:e2:7f:
         e8:99:2c:bf:3d:50:b1:ff:56:33:14:c9:84:2a:71:0a:bd:ed:
         c9:f1:ea:6e:b4:29:87:81:9d:45:8d:ac:65:d0:8a:24:2c:1e:
         6f:8b:e2:ea:cb:75:87:d6:6b:da:7d:a2:5b:c9:1a:37:4b:18:
         1a:59:d0:e1:58:a4:8a:03:03:96:58:0f:53:1e:0e:44:2d:5d:
         00:ea:ff:14:8c:71:e8:4b:0a:1f:8f:98:89:e1:3e:d6:ac:15:
         18:61:1c:b8:9f:1c:c3:2a:ed:c8:ec:cf:42:47:03:2b:83:c9:
         10:a0:2a:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U2pP+Fuaq4vmKgw5lwEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjYwMzI5MTYwMDM4WhcNMjYwMzMwMTYwMDM4WjAzMTEwLwYDVQQD
EygzNzJkYmFmNWE3ZmE1MzdkY2M2MzBmMDQ1YTMwMGFjOGQzOTg5YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbP9FNDWX5R/8LTsrVzr6j/Fqbw6
7MMoAcQCTpTLAJMwnFydJEBri7ePYIwXy8Rd05Tt+qh+HB2Uh3zxdhI9++qjAF/4
tnoayGhKQcwn0yKiyOfxR+K40XgdytpkKjRXzM+otBOC3uikp/KoAZoQSzwekIsz
575eVrpJ5UgiqLV78KeN85inXvKeTadSCg3jiGZxPbiKHCOvw/1tsz572Nu1+Uus
k3/Qz/+CoaNbF+8Urj1SLDy7yl0lVj2TZJbwibYOz3mH664ayGsptDjGC9DW6j8d
JF4ZW+6fRx0wSJ+CYE47LMl/N3yWOlUHhU/EK28FsopMmqSUb6R/sjh66wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDctuvWn+lN9zGMPBFowCsjTmJsZMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVVhJwod
TrcUQcxWjLnBqsEtryr3weXxvDeXREyweOA3YCIwIit5Iw4+cxa7JfxmE3zEzjB7
gzkwPp4fCu+CqN1Ug0MkNqPZd5ef8FLFRUcIuYwWCqWXfKHMqhY4+FzapTDVCYSP
lKZRAmKMW7Gm2ThkqfO+DoZurr233tLzDbVcDYcg8Aw5kVYL3sen2OJ/6Jksvz1Q
sf9WMxTJhCpxCr3tyfHqbrQph4GdRY2sZdCKJCweb4vi6st1h9Zr2n2iW8kaN0sY
GlnQ4VikigMDllgPUx4ORC1dAOr/FIxx6EsKH4+YieE+1qwVGGEcuJ8cwyrtyOzP
QkcDK4PJEKAqgg==
-----END CERTIFICATE-----