Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
File:                     bUmIt5OIS3moT-NFY9A581RsGF8.mft (raw, json)
Hash identifier:          nnvVf2APOKl77ciCjeBmfV0ndOtUhT7PzuQuZikuW3M=
Subject key identifier:   AD:65:41:39:36:A4:E3:DF:EA:8D:15:B7:36:71:B6:70:65:09:89:6E
Authority key identifier: 6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F
Certificate issuer:       /CN=6d4988b793884b79a84fe34563d039f3546c185f
Certificate serial:       019D38D31D8DE7BED083317B55DDD4F20119
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
Manifest number:          0253
Signing time:             Sun 29 Mar 2026 09:00:52 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:52 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:52 +0000
Files and hashes:         1: bUmIt5OIS3moT-NFY9A581RsGF8.crl (hash: gLjSvW9dCtzW/zQmKjw95K8+e3DPUo3py4MZftT3HHs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:1d:8d:e7:be:d0:83:31:7b:55:dd:d4:f2:01:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d4988b793884b79a84fe34563d039f3546c185f
        Validity
            Not Before: Mar 29 09:00:52 2026 GMT
            Not After : Mar 30 09:00:52 2026 GMT
        Subject: CN=ad65413936a4e3dfea8d15b73671b6706509896e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b4:e5:72:7f:9e:0c:54:e9:92:50:5a:fb:47:
                    3c:6d:01:d5:ef:8e:4b:25:a4:50:0f:cf:2a:c2:bd:
                    cf:1e:da:5d:79:97:1e:a1:57:5f:af:d7:87:06:a5:
                    de:9a:91:6d:05:47:0c:ad:5a:f0:c3:ee:61:c4:60:
                    63:47:31:f6:2f:e3:00:a0:b6:13:83:9f:c9:4d:2c:
                    f6:49:1e:59:86:0a:4d:34:4f:99:bd:eb:f3:02:9f:
                    65:1d:f8:2f:fe:61:6d:9c:9f:e4:b6:1f:48:41:7d:
                    82:84:dd:5c:34:8c:3f:d7:11:2a:0e:27:4e:20:fc:
                    85:0a:38:1c:69:4c:96:99:23:bd:3d:c6:1b:24:3a:
                    8f:91:ff:43:3f:64:f0:14:8a:46:4b:7d:75:86:cc:
                    df:1f:7d:ea:84:02:cf:9d:fd:f2:d5:b0:47:10:c7:
                    26:1d:6a:70:e6:7b:69:42:2a:9f:24:16:ca:ea:40:
                    77:55:7c:6d:1e:8f:53:d5:41:c2:1e:7b:f5:f5:1e:
                    f5:0f:97:8b:7f:3c:ad:46:8c:e5:03:79:76:0a:cc:
                    c3:63:1c:e7:a6:6a:45:7d:3e:78:e8:e0:21:17:e9:
                    81:4e:a9:10:27:42:b2:fb:2b:b9:1d:98:82:7a:32:
                    7c:d9:02:02:9c:6b:da:97:82:91:a1:ec:f2:26:98:
                    9d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:65:41:39:36:A4:E3:DF:EA:8D:15:B7:36:71:B6:70:65:09:89:6E
            X509v3 Authority Key Identifier:
                keyid:6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:19:1b:d6:56:44:f3:94:78:3d:9d:ec:71:b4:6b:bd:71:bd:
         ca:a5:65:70:3b:db:23:0d:4d:03:d5:7e:e6:0e:dd:fe:c0:31:
         fc:a4:4a:cc:6e:23:70:33:0c:32:bd:f8:1d:df:40:45:59:6c:
         a0:c6:68:cf:52:4f:64:91:62:cf:ae:c8:43:f7:3d:d1:9e:fc:
         b9:51:bb:cc:18:87:60:d3:5d:96:62:3f:b8:4c:22:e5:43:d3:
         31:75:62:2c:2b:ea:c4:bb:d3:cd:91:8d:23:ed:87:fd:c1:31:
         6b:ec:a0:58:a3:a1:55:3f:fb:22:33:ea:6e:b2:2f:a8:3f:11:
         83:20:05:8d:ef:12:a1:22:ee:29:a7:50:24:17:57:29:66:01:
         13:12:25:3a:5e:cd:6e:af:f4:d2:3f:e7:ef:ae:bd:bd:6f:2c:
         94:bd:98:37:d7:96:b4:77:e7:fc:09:e3:7d:38:d1:dc:67:64:
         1a:6d:0f:4a:b5:4f:61:a6:31:39:db:22:1a:ac:e8:f0:03:68:
         c5:56:f9:ba:3f:a4:89:aa:d9:5e:79:16:f3:7f:a8:10:0e:fd:
         70:8d:ef:36:fd:9f:99:eb:06:e8:08:00:fe:1d:15:45:f9:33:
         28:de:2c:09:e0:b1:c0:70:bb:29:73:ed:2e:5a:28:41:e9:08:
         44:6b:be:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040x2N577QgzF7Vd3U8gEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNDk4OGI3OTM4ODRiNzlhODRmZTM0NTYzZDAzOWYzNTQ2
YzE4NWYwHhcNMjYwMzI5MDkwMDUyWhcNMjYwMzMwMDkwMDUyWjAzMTEwLwYDVQQD
EyhhZDY1NDEzOTM2YTRlM2RmZWE4ZDE1YjczNjcxYjY3MDY1MDk4OTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rTlcn+eDFTpklBa+0c8bQHV745L
JaRQD88qwr3PHtpdeZceoVdfr9eHBqXempFtBUcMrVrww+5hxGBjRzH2L+MAoLYT
g5/JTSz2SR5ZhgpNNE+ZvevzAp9lHfgv/mFtnJ/kth9IQX2ChN1cNIw/1xEqDidO
IPyFCjgcaUyWmSO9PcYbJDqPkf9DP2TwFIpGS311hszfH33qhALPnf3y1bBHEMcm
HWpw5ntpQiqfJBbK6kB3VXxtHo9T1UHCHnv19R71D5eLfzytRozlA3l2CszDYxzn
pmpFfT546OAhF+mBTqkQJ0Ky+yu5HZiCejJ82QICnGval4KRoezyJpidiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1lQTk2pOPf6o0VtzZxtnBlCYluMB8GA1UdIwQY
MBaAFG1JiLeTiEt5qE/jRWPQOfNUbBhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODIt
MDkwM2VlN2MxOTAyLzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODItMDkwM2VlN2MxOTAy
LzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQxkb1lZE
85R4PZ3scbRrvXG9yqVlcDvbIw1NA9V+5g7d/sAx/KRKzG4jcDMMMr34Hd9ARVls
oMZoz1JPZJFiz67IQ/c90Z78uVG7zBiHYNNdlmI/uEwi5UPTMXViLCvqxLvTzZGN
I+2H/cExa+ygWKOhVT/7IjPqbrIvqD8RgyAFje8SoSLuKadQJBdXKWYBExIlOl7N
bq/00j/n7669vW8slL2YN9eWtHfn/AnjfTjR3GdkGm0PSrVPYaYxOdsiGqzo8ANo
xVb5uj+kiarZXnkW83+oEA79cI3vNv2fmesG6AgA/h0VRfkzKN4sCeCxwHC7KXPt
LlooQekIRGu+cw==
-----END CERTIFICATE-----