Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          Gq/tmLa2qgrdnLcQX5m/bl2aYQFzrL/A7BCcKorotBg=
Subject key identifier:   A1:1A:FB:25:E4:95:E1:7E:8D:94:EE:85:92:CC:BA:D2:BE:D8:03:FB
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019D39AEAB4662D16F1408CF161B77870AF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          11C1
Signing time:             Sun 29 Mar 2026 13:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:41 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: /1rZHBMrgR45muEQwR0Mzp7hG3R0uNDFoKH4s8wap3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:ab:46:62:d1:6f:14:08:cf:16:1b:77:87:0a:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Mar 29 13:00:41 2026 GMT
            Not After : Mar 30 13:00:41 2026 GMT
        Subject: CN=a11afb25e495e17e8d94ee8592ccbad2bed803fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5f:8c:c3:e9:1d:ed:f8:da:72:a7:a0:f7:7a:
                    0a:99:6d:8c:45:96:79:b5:16:e5:86:84:a1:0c:98:
                    5e:0e:da:1d:d1:d4:c5:43:42:7c:32:e0:2e:24:b2:
                    ab:73:4d:2d:bc:b7:22:56:70:55:30:01:6f:fc:67:
                    b9:42:1f:9f:9a:a4:53:26:49:bf:56:36:c3:f7:79:
                    3a:d2:94:c9:28:57:7f:24:62:7d:af:be:ee:de:fd:
                    f7:86:be:84:8b:dc:2a:ac:56:c8:a8:52:07:74:ab:
                    37:ef:67:82:47:b5:93:c8:e0:04:d5:20:2f:db:69:
                    83:8a:69:60:5f:ef:1a:4e:86:1d:13:3f:9b:5f:03:
                    65:c8:25:2b:34:81:80:4f:e2:db:bb:52:b9:c7:cb:
                    cf:a1:f2:9e:7c:33:74:80:9c:f2:bf:6a:aa:1b:bc:
                    d5:62:b6:2c:67:a4:3a:f5:cb:bd:00:2d:3f:e5:fa:
                    64:6b:85:ae:58:d4:f5:51:b8:64:00:18:22:47:64:
                    ae:c0:87:ca:6c:0d:aa:b6:fd:ab:15:8d:ae:a8:ea:
                    ad:80:28:58:22:9e:c6:6c:df:b9:52:12:4e:c4:45:
                    51:09:42:0c:75:e3:74:23:32:58:28:63:a7:0f:d8:
                    a3:dc:3c:7d:07:09:0f:10:b1:0d:45:48:2e:fb:1d:
                    bc:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:1A:FB:25:E4:95:E1:7E:8D:94:EE:85:92:CC:BA:D2:BE:D8:03:FB
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:ef:07:7a:a8:c9:8a:66:1c:68:91:f3:21:8f:cd:f7:48:b6:
         2c:7d:5c:5b:1f:5b:61:30:f5:10:b1:72:38:78:9a:d8:d4:b9:
         03:b9:1f:3e:3f:e7:60:c0:51:d3:63:c1:06:47:d5:2d:13:b7:
         d6:2e:a2:3e:98:1a:5f:ae:4c:dc:27:25:92:91:fe:17:71:59:
         17:b8:a1:a5:96:60:8c:13:53:5d:b3:e3:74:7d:9c:50:ce:3e:
         2d:a4:39:3d:92:3a:6f:37:fd:ff:a6:08:d3:da:d6:bd:e7:60:
         4a:66:3f:6b:3d:6b:e8:35:6d:5e:59:1f:3d:f8:31:7c:82:0f:
         5e:af:ee:7e:c3:ac:a3:69:ec:c4:ec:16:94:cc:15:e5:94:8e:
         ec:22:cd:31:1f:03:ae:4e:01:f5:9e:e1:b6:dc:13:2d:ba:25:
         67:49:7d:ee:7a:fc:ed:87:9d:e6:0d:a8:2e:fa:c8:62:47:a1:
         6d:cc:61:63:4c:cb:bf:0c:bc:6e:b7:dd:d5:7d:67:26:fe:2a:
         e6:5d:37:50:54:b3:f6:10:a2:88:b3:f5:09:eb:2c:16:91:3e:
         74:7d:d4:64:de:87:e4:82:11:46:0b:a3:c5:85:db:d3:f3:26:
         14:59:b8:d5:c7:37:bc:e5:b2:4c:99:97:c6:84:83:50:9c:11:
         09:76:d7:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rqtGYtFvFAjPFht3hwrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwMzI5MTMwMDQxWhcNMjYwMzMwMTMwMDQxWjAzMTEwLwYDVQQD
EyhhMTFhZmIyNWU0OTVlMTdlOGQ5NGVlODU5MmNjYmFkMmJlZDgwM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl+Mw+kd7fjacqeg93oKmW2MRZZ5
tRblhoShDJheDtod0dTFQ0J8MuAuJLKrc00tvLciVnBVMAFv/Ge5Qh+fmqRTJkm/
VjbD93k60pTJKFd/JGJ9r77u3v33hr6Ei9wqrFbIqFIHdKs372eCR7WTyOAE1SAv
22mDimlgX+8aToYdEz+bXwNlyCUrNIGAT+Lbu1K5x8vPofKefDN0gJzyv2qqG7zV
YrYsZ6Q69cu9AC0/5fpka4WuWNT1UbhkABgiR2SuwIfKbA2qtv2rFY2uqOqtgChY
Ip7GbN+5UhJOxEVRCUIMdeN0IzJYKGOnD9ij3Dx9BwkPELENRUgu+x28GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEa+yXkleF+jZTuhZLMutK+2AP7MB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIO8HeqjJ
imYcaJHzIY/N90i2LH1cWx9bYTD1ELFyOHia2NS5A7kfPj/nYMBR02PBBkfVLRO3
1i6iPpgaX65M3CclkpH+F3FZF7ihpZZgjBNTXbPjdH2cUM4+LaQ5PZI6bzf9/6YI
09rWvedgSmY/az1r6DVtXlkfPfgxfIIPXq/ufsOso2nsxOwWlMwV5ZSO7CLNMR8D
rk4B9Z7httwTLbolZ0l97nr87Yed5g2oLvrIYkehbcxhY0zLvwy8brfd1X1nJv4q
5l03UFSz9hCiiLP1CessFpE+dH3UZN6H5IIRRgujxYXb0/MmFFm41cc3vOWyTJmX
xoSDUJwRCXbX5w==
-----END CERTIFICATE-----