Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
File:                     XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft (raw, json)
Hash identifier:          5EfnoSwYgPotDJNjD/GBSiZ9C3uQ2q2ehrf25K6ziRE=
Subject key identifier:   55:90:A2:05:A5:9B:AF:4D:3D:6A:A4:56:8D:F3:05:44:6F:CD:58:5E
Authority key identifier: 5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79
Certificate issuer:       /CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
Certificate serial:       019D3866047CA8B46EE8EAF06C6B06DEF90E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:43 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:43 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:43 +0000
Files and hashes:         1: XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl (hash: QxdAyykKjd/bOm52AmYrjlQq7a/7khT5JmhAm9IwEh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:04:7c:a8:b4:6e:e8:ea:f0:6c:6b:06:de:f9:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
        Validity
            Not Before: Mar 29 07:01:43 2026 GMT
            Not After : Mar 30 07:01:43 2026 GMT
        Subject: CN=5590a205a59baf4d3d6aa4568df305446fcd585e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:53:20:ef:35:68:f0:eb:5f:40:b4:e3:27:68:
                    13:a8:4e:0d:03:9a:a9:84:31:c9:d9:f8:76:33:f6:
                    a6:b6:99:fa:38:f0:45:6b:14:d0:9d:48:e1:5f:28:
                    3f:47:c0:f6:6c:24:08:d0:0d:cb:08:59:24:53:98:
                    1d:4a:0e:00:8a:f7:30:0a:df:0d:e2:af:fe:0f:df:
                    a8:e3:aa:59:6b:f3:39:65:1f:38:46:71:6c:a6:e9:
                    e8:fb:ab:ae:d3:0a:6b:4d:ae:70:ac:be:77:10:2d:
                    2c:ba:5f:d8:20:c0:05:ac:e4:69:36:26:e9:22:3a:
                    35:99:c9:53:58:79:6a:cf:fe:22:d0:04:d4:7f:09:
                    5b:1d:8a:32:77:0a:5f:8a:7f:84:b0:ab:30:87:fd:
                    50:e8:57:33:74:47:b1:81:14:45:2e:ae:09:70:1c:
                    85:a7:a8:50:e2:10:45:dc:6c:cc:5e:11:b1:81:f3:
                    b3:e2:e1:32:fc:f6:21:88:7e:29:16:0a:2c:7c:d5:
                    a8:4d:62:df:03:ea:02:48:74:ec:bc:a7:ee:04:82:
                    f9:7a:d9:8c:bd:ff:2b:24:31:59:ce:c6:eb:01:88:
                    98:ec:1e:57:4d:85:46:46:c9:d6:6b:52:ef:30:29:
                    41:f4:a9:03:df:eb:41:9e:49:17:a5:5a:71:28:ed:
                    7e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:90:A2:05:A5:9B:AF:4D:3D:6A:A4:56:8D:F3:05:44:6F:CD:58:5E
            X509v3 Authority Key Identifier:
                keyid:5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e3:84:28:e5:3a:45:ca:9d:a4:55:3c:53:66:83:a0:fc:4a:ac:
         32:4d:61:8f:f9:ac:3c:3a:fe:c8:7a:11:6a:5a:28:bf:de:25:
         ba:9f:2c:19:c9:a1:ec:c2:2e:53:96:0b:98:9a:c9:22:34:05:
         f1:99:fa:2c:e8:95:64:b7:c6:3a:c6:cd:2b:db:0e:c4:4d:49:
         f4:be:e9:14:6f:7e:e4:b1:65:ca:8e:ca:f6:da:15:ef:77:e2:
         8f:98:f8:a4:35:2d:ec:16:d3:d9:69:2a:b3:32:14:a5:0d:5c:
         72:1f:57:20:dd:9d:56:c5:1d:8c:3c:d3:8d:71:3a:f4:fe:bd:
         bc:eb:d9:0b:71:1b:6a:0b:cb:d1:1b:84:4a:5f:2c:88:86:36:
         1a:32:38:ed:98:ca:77:67:ae:c4:f4:73:2e:f1:fe:8b:a7:1f:
         24:84:d2:f2:a1:c8:0b:b5:79:3b:e3:46:e3:69:ad:1a:a9:30:
         84:0e:a8:8a:cf:34:5d:fb:d0:cd:8a:cd:d1:c7:e4:19:51:ce:
         dc:d5:69:f0:3e:cc:7f:d7:59:d1:70:db:ce:36:d1:e1:29:c5:
         1a:4d:9e:35:df:97:be:6f:fb:45:ba:cc:a5:f2:b4:1f:bf:1f:
         bc:cb:a3:a8:73:80:09:95:d6:63:a9:09:6d:59:52:04:86:d1:
         a9:b1:4b:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgR8qLRu6OrwbGsG3vkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmFhZmI2MWEwYzc0YTA0OWQ5NmJjZGU1OWNiOTQyY2M4
ZDU1NzkwHhcNMjYwMzI5MDcwMTQzWhcNMjYwMzMwMDcwMTQzWjAzMTEwLwYDVQQD
Eyg1NTkwYTIwNWE1OWJhZjRkM2Q2YWE0NTY4ZGYzMDU0NDZmY2Q1ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1Mg7zVo8OtfQLTjJ2gTqE4NA5qp
hDHJ2fh2M/amtpn6OPBFaxTQnUjhXyg/R8D2bCQI0A3LCFkkU5gdSg4AivcwCt8N
4q/+D9+o46pZa/M5ZR84RnFspuno+6uu0wprTa5wrL53EC0sul/YIMAFrORpNibp
Ijo1mclTWHlqz/4i0ATUfwlbHYoydwpfin+EsKswh/1Q6FczdEexgRRFLq4JcByF
p6hQ4hBF3GzMXhGxgfOz4uEy/PYhiH4pFgosfNWoTWLfA+oCSHTsvKfuBIL5etmM
vf8rJDFZzsbrAYiY7B5XTYVGRsnWa1LvMClB9KkD3+tBnkkXpVpxKO1+XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWQogWlm69NPWqkVo3zBURvzVheMB8GA1UdIwQY
MBaAFF36r7YaDHSgSdlrzeWcuULMjVV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGIt
ZjJkOWYwZTdhNjk3LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGItZjJkOWYwZTdhNjk3
LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA44Qo5TpF
yp2kVTxTZoOg/EqsMk1hj/msPDr+yHoRaloov94lup8sGcmh7MIuU5YLmJrJIjQF
8Zn6LOiVZLfGOsbNK9sOxE1J9L7pFG9+5LFlyo7K9toV73fij5j4pDUt7BbT2Wkq
szIUpQ1cch9XIN2dVsUdjDzTjXE69P69vOvZC3EbagvL0RuESl8siIY2GjI47ZjK
d2euxPRzLvH+i6cfJITS8qHIC7V5O+NG42mtGqkwhA6ois80XfvQzYrN0cfkGVHO
3NVp8D7Mf9dZ0XDbzjbR4SnFGk2eNd+Xvm/7RbrMpfK0H78fvMujqHOACZXWY6kJ
bVlSBIbRqbFLZQ==
-----END CERTIFICATE-----