Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
File:                     xnp-TG1V61E8VFdgqP9lba3wuNc.mft (raw, json)
Hash identifier:          iviqyxzj2J5Q3TIHf+adHwjg2qrc0WbowIVJTzllJ1M=
Subject key identifier:   9A:4A:C5:FF:64:8F:00:3A:CE:A2:52:9E:F6:E9:88:D2:89:24:FF:5D
Authority key identifier: C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7
Certificate issuer:       /CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
Certificate serial:       019D38D31A64015B3AC5CBB249E2E1EA57FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
Manifest number:          0459
Signing time:             Sun 29 Mar 2026 09:00:52 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:52 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:52 +0000
Files and hashes:         1: xnp-TG1V61E8VFdgqP9lba3wuNc.crl (hash: MgDm0KFbSGFGLBMMBgMSkgyfe4N5n/LemAy3WWc2bJY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:1a:64:01:5b:3a:c5:cb:b2:49:e2:e1:ea:57:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c67a7e4c6d55eb513c545760a8ff656dadf0b8d7
        Validity
            Not Before: Mar 29 09:00:52 2026 GMT
            Not After : Mar 30 09:00:52 2026 GMT
        Subject: CN=9a4ac5ff648f003acea2529ef6e988d28924ff5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2d:23:45:92:cd:90:a3:81:e5:34:24:21:6d:
                    b3:9c:82:28:23:59:7d:0f:d7:84:9c:a4:31:8e:c9:
                    7d:8a:99:c8:39:25:f7:58:0d:4e:72:d7:30:1e:31:
                    ab:c4:4f:f9:e8:b2:18:6f:5f:7c:74:b9:cb:7f:e8:
                    a6:b3:a7:f4:36:df:d3:00:d0:fc:2f:0b:3d:28:88:
                    ba:e5:af:bb:2d:61:c9:00:5a:ac:b5:50:2c:76:42:
                    dd:36:f5:99:e7:50:fb:2c:e4:43:0e:c2:b1:dd:06:
                    b8:01:7c:99:7f:97:a3:1e:59:b0:ec:b2:4d:d1:37:
                    c6:83:b9:bc:60:7e:1f:74:06:75:4b:4c:a2:29:f2:
                    88:94:b8:80:62:52:29:b7:b2:ec:6e:b5:98:0a:8c:
                    44:6f:76:89:e7:3c:9d:23:a7:da:33:5d:73:a8:68:
                    0b:2e:6d:a2:9c:b4:62:ec:95:9f:90:eb:2d:6b:31:
                    a5:41:c8:7c:e2:c0:1c:1a:c8:78:62:da:d5:59:ec:
                    6c:5f:d8:cc:76:ba:00:5b:0d:ff:49:97:e7:33:dd:
                    ae:ed:1d:33:60:43:64:27:b0:1c:0d:65:72:bf:08:
                    22:b5:a1:4e:79:a1:ba:90:de:b0:f0:a7:2e:cd:90:
                    1f:43:96:70:2e:c9:e9:b9:d1:58:7f:b6:3c:a8:c0:
                    d5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:4A:C5:FF:64:8F:00:3A:CE:A2:52:9E:F6:E9:88:D2:89:24:FF:5D
            X509v3 Authority Key Identifier:
                keyid:C6:7A:7E:4C:6D:55:EB:51:3C:54:57:60:A8:FF:65:6D:AD:F0:B8:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xnp-TG1V61E8VFdgqP9lba3wuNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08cdb7-416e-43a6-a276-a0389602472f/1/xnp-TG1V61E8VFdgqP9lba3wuNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:7d:1d:94:56:0b:f3:67:d7:7b:6a:f4:a3:9b:7e:5c:b2:d0:
         95:93:cd:0a:24:9a:a3:8e:8a:f1:2b:b7:b9:66:40:2e:70:88:
         61:ab:33:e1:54:1e:f4:db:5b:e9:4f:9e:2e:5d:56:cf:60:6a:
         73:7e:c0:a1:e1:bb:6d:10:80:98:c2:c1:11:3a:88:06:75:cb:
         6e:b9:ad:79:35:fa:c4:7d:e6:2a:75:04:bb:29:75:a0:44:45:
         05:99:0b:d9:cc:ec:f7:38:e4:18:ac:92:21:0e:b3:72:73:f7:
         d1:f9:1f:c5:d2:c1:6c:16:9e:97:b5:11:bc:85:3b:cf:38:7d:
         c5:da:9d:4f:5f:07:9f:ef:b9:28:d9:59:fc:02:3c:31:23:2f:
         d5:2a:0a:c3:cc:98:5d:b1:55:6b:5a:54:81:46:f6:ea:f3:be:
         9f:92:f0:9e:f9:2f:e3:31:54:d7:34:60:2e:e5:c8:fc:4a:20:
         f2:ed:6b:f9:0e:80:b4:cb:76:da:65:78:84:57:68:86:f1:75:
         3b:02:82:1a:65:bf:9a:ac:8e:a4:f3:77:30:98:cb:85:62:25:
         b2:b3:78:47:3f:0b:6c:0a:a2:87:e0:2c:5a:af:17:d5:7c:a7:
         61:cf:50:ff:33:3f:3b:c4:b0:d3:ff:95:9e:f6:73:52:d0:fd:
         d0:c2:9e:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xpkAVs6xcuySeLh6lf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2E3ZTRjNmQ1NWViNTEzYzU0NTc2MGE4ZmY2NTZkYWRm
MGI4ZDcwHhcNMjYwMzI5MDkwMDUyWhcNMjYwMzMwMDkwMDUyWjAzMTEwLwYDVQQD
Eyg5YTRhYzVmZjY0OGYwMDNhY2VhMjUyOWVmNmU5ODhkMjg5MjRmZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy0jRZLNkKOB5TQkIW2znIIoI1l9
D9eEnKQxjsl9ipnIOSX3WA1OctcwHjGrxE/56LIYb198dLnLf+ims6f0Nt/TAND8
Lws9KIi65a+7LWHJAFqstVAsdkLdNvWZ51D7LORDDsKx3Qa4AXyZf5ejHlmw7LJN
0TfGg7m8YH4fdAZ1S0yiKfKIlLiAYlIpt7LsbrWYCoxEb3aJ5zydI6faM11zqGgL
Lm2inLRi7JWfkOstazGlQch84sAcGsh4YtrVWexsX9jMdroAWw3/SZfnM92u7R0z
YENkJ7AcDWVyvwgitaFOeaG6kN6w8KcuzZAfQ5ZwLsnpudFYf7Y8qMDVVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpKxf9kjwA6zqJSnvbpiNKJJP9dMB8GA1UdIwQY
MBaAFMZ6fkxtVetRPFRXYKj/ZW2t8LjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYt
YTAzODk2MDI0NzJmLzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wOGNkYjctNDE2ZS00M2E2LWEyNzYtYTAzODk2MDI0NzJm
LzEveG5wLVRHMVY2MUU4VkZkZ3FQOWxiYTN3dU5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvH0dlFYL
82fXe2r0o5t+XLLQlZPNCiSao46K8Su3uWZALnCIYasz4VQe9Ntb6U+eLl1Wz2Bq
c37AoeG7bRCAmMLBETqIBnXLbrmteTX6xH3mKnUEuyl1oERFBZkL2czs9zjkGKyS
IQ6zcnP30fkfxdLBbBael7URvIU7zzh9xdqdT18Hn++5KNlZ/AI8MSMv1SoKw8yY
XbFVa1pUgUb26vO+n5Lwnvkv4zFU1zRgLuXI/Eog8u1r+Q6AtMt22mV4hFdohvF1
OwKCGmW/mqyOpPN3MJjLhWIlsrN4Rz8LbAqih+AsWq8X1XynYc9Q/zM/O8Sw0/+V
nvZzUtD90MKesw==
-----END CERTIFICATE-----