Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
File:                     XwNIeIMukX__nNPIbA-h5WX4IdM.mft (raw, json)
Hash identifier:          K+2Eb/+9KSRMmrKG9A1fVDQTnbGvZ9/+YWRdOL2SnEU=
Subject key identifier:   18:91:AD:F6:03:C2:99:89:A6:5E:65:3C:26:09:4F:20:3C:BB:42:75
Authority key identifier: 5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3
Certificate issuer:       /CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
Certificate serial:       019D37C121C10E6A2826DB29A5EE10383CDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
Manifest number:          13DC
Signing time:             Sun 29 Mar 2026 04:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:37 +0000
Files and hashes:         1: XwNIeIMukX__nNPIbA-h5WX4IdM.crl (hash: wA83S0chwXhg/ZEOWVf6u5cYjMZ6eOImoc0IoZ6di2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:21:c1:0e:6a:28:26:db:29:a5:ee:10:38:3c:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
        Validity
            Not Before: Mar 29 04:01:37 2026 GMT
            Not After : Mar 30 04:01:37 2026 GMT
        Subject: CN=1891adf603c29989a65e653c26094f203cbb4275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fa:cc:5e:92:98:62:b0:9b:f7:93:38:b5:f5:
                    26:fe:c2:1d:44:83:20:5a:ca:d7:df:69:60:51:49:
                    2a:95:b1:76:e2:b8:35:c0:f6:fd:5c:24:09:64:20:
                    67:0a:31:81:47:8b:12:b0:53:f2:2c:e9:63:d8:ca:
                    aa:26:a6:0e:74:64:58:ee:5d:21:6e:94:3d:b4:28:
                    3d:02:a4:e2:0f:a4:08:40:00:47:bd:40:d0:4b:7e:
                    62:89:a9:23:2d:e8:5e:78:fa:97:09:4a:12:f2:6f:
                    6f:e3:6f:d9:9f:18:c2:8a:03:92:7d:58:0f:2c:ab:
                    37:b2:2e:13:7b:e1:48:cd:be:fd:ac:83:3d:18:df:
                    2f:1d:28:bd:55:0a:22:b8:c5:2f:9b:f1:85:13:13:
                    63:45:cc:a0:41:e8:85:74:0b:2a:07:c6:d4:9c:ef:
                    ba:e6:44:e3:6b:b8:df:cf:21:cf:c6:db:a6:ea:32:
                    35:85:3c:b3:e6:96:31:d1:95:db:87:07:85:5f:53:
                    12:25:25:82:da:7d:56:32:b1:d8:da:e7:f3:02:53:
                    10:df:6d:e1:85:96:5a:0a:42:ad:d9:3a:ce:c0:4a:
                    7e:cf:95:39:5b:0a:da:f4:c9:a3:62:48:a7:8c:93:
                    ae:e2:a3:3c:de:3c:81:0d:ed:96:23:52:48:d5:47:
                    d0:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:91:AD:F6:03:C2:99:89:A6:5E:65:3C:26:09:4F:20:3C:BB:42:75
            X509v3 Authority Key Identifier:
                keyid:5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:1a:bb:1e:81:69:a0:5f:e3:88:9c:eb:21:15:d8:11:32:6e:
         9b:c7:b7:9d:5d:e7:34:13:db:90:75:ca:47:40:f2:73:36:23:
         55:2b:6f:88:b1:0d:e9:4e:1b:80:41:6c:62:5a:66:5d:51:04:
         da:e6:06:44:a3:b0:b8:db:85:6d:6c:6b:e4:cf:6d:f0:6a:cd:
         8f:39:f0:87:8d:02:6d:57:c3:b9:cd:75:04:88:68:76:b3:f4:
         b1:77:9d:67:0c:a9:44:4f:ac:7b:42:df:11:b2:98:26:64:8d:
         44:da:49:e0:2b:41:7d:86:9d:c2:50:3f:1f:d9:40:7f:25:fb:
         64:54:71:b2:d3:86:8b:b8:ad:25:4c:84:e8:d0:ba:6f:b2:24:
         86:5e:64:ae:1d:7d:22:7b:29:9b:ab:96:db:7c:b6:4d:a9:f4:
         54:d8:47:79:c4:29:9f:36:3c:16:e3:f7:2a:3c:13:21:92:70:
         83:c4:50:46:04:50:d8:86:67:43:07:a7:23:06:8f:11:ef:c1:
         25:ed:6a:ab:1b:5c:bb:b8:a0:1d:9e:8d:98:1b:be:47:d6:c0:
         9e:10:cc:eb:4a:27:3d:95:0d:b4:28:b4:46:4e:35:a4:5e:be:
         99:88:e3:b7:7c:47:0a:66:24:45:8f:ed:83:0c:e5:7e:c6:73:
         d0:da:24:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wSHBDmooJtsppe4QODzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDM0ODc4ODMyZTkxN2ZmZjljZDNjODZjMGZhMWU1NjVm
ODIxZDMwHhcNMjYwMzI5MDQwMTM3WhcNMjYwMzMwMDQwMTM3WjAzMTEwLwYDVQQD
EygxODkxYWRmNjAzYzI5OTg5YTY1ZTY1M2MyNjA5NGYyMDNjYmI0Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/rMXpKYYrCb95M4tfUm/sIdRIMg
WsrX32lgUUkqlbF24rg1wPb9XCQJZCBnCjGBR4sSsFPyLOlj2MqqJqYOdGRY7l0h
bpQ9tCg9AqTiD6QIQABHvUDQS35iiakjLeheePqXCUoS8m9v42/ZnxjCigOSfVgP
LKs3si4Te+FIzb79rIM9GN8vHSi9VQoiuMUvm/GFExNjRcygQeiFdAsqB8bUnO+6
5kTja7jfzyHPxtum6jI1hTyz5pYx0ZXbhweFX1MSJSWC2n1WMrHY2ufzAlMQ323h
hZZaCkKt2TrOwEp+z5U5Wwra9MmjYkinjJOu4qM83jyBDe2WI1JI1UfQUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiRrfYDwpmJpl5lPCYJTyA8u0J1MB8GA1UdIwQY
MBaAFF8DSHiDLpF//5zTyGwPoeVl+CHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1Njkt
ZGYxYzU3YzJhNzUxLzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1NjktZGYxYzU3YzJhNzUx
LzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiBq7HoFp
oF/jiJzrIRXYETJum8e3nV3nNBPbkHXKR0DyczYjVStviLEN6U4bgEFsYlpmXVEE
2uYGRKOwuNuFbWxr5M9t8GrNjznwh40CbVfDuc11BIhodrP0sXedZwypRE+se0Lf
EbKYJmSNRNpJ4CtBfYadwlA/H9lAfyX7ZFRxstOGi7itJUyE6NC6b7Ikhl5krh19
Inspm6uW23y2Tan0VNhHecQpnzY8FuP3KjwTIZJwg8RQRgRQ2IZnQwenIwaPEe/B
Je1qqxtcu7igHZ6NmBu+R9bAnhDM60onPZUNtCi0Rk41pF6+mYjjt3xHCmYkRY/t
gwzlfsZz0NokDg==
-----END CERTIFICATE-----