Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
File:                     9XGHM6rUPvapm9jZUEog3YkCLo8.mft (raw, json)
Hash identifier:          WaBjoLeeEpvYFi8VtYG195dsp+gwgv8/fFzN+mvjCS0=
Subject key identifier:   2C:D8:C9:E0:EA:FA:54:FE:B7:53:7E:19:9C:82:9F:73:9D:DE:AF:94
Authority key identifier: F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F
Certificate issuer:       /CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
Certificate serial:       019D39AEB05E0021EDFE74E8B3FE80D5AC9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
Manifest number:          158F
Signing time:             Sun 29 Mar 2026 13:00:42 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:42 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:42 +0000
Files and hashes:         1: 9XGHM6rUPvapm9jZUEog3YkCLo8.crl (hash: S7L1U1dOKFmozk7pn9WAXBAbE8pN3etIX2SxaFMdrrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:b0:5e:00:21:ed:fe:74:e8:b3:fe:80:d5:ac:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
        Validity
            Not Before: Mar 29 13:00:42 2026 GMT
            Not After : Mar 30 13:00:42 2026 GMT
        Subject: CN=2cd8c9e0eafa54feb7537e199c829f739ddeaf94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:8e:9a:a0:71:67:3c:9c:d7:25:01:da:54:ee:
                    9b:8d:e3:08:73:8d:e0:5d:fe:b0:37:69:1e:05:7f:
                    78:79:90:a6:69:27:26:ae:2a:b6:34:56:ab:d9:cb:
                    5a:38:f9:4d:28:2a:a4:f0:f5:de:a0:c8:93:60:c8:
                    d0:d7:8a:c7:83:c3:f5:88:63:2a:de:58:68:a4:d5:
                    c0:00:36:68:0e:00:b8:19:ab:76:b9:a6:d6:f4:33:
                    81:ff:9a:55:64:e4:c5:6a:21:94:c6:87:b0:00:aa:
                    50:87:ac:d9:5b:e4:98:9b:cc:8f:11:ee:b2:3d:8e:
                    2f:2f:d5:35:85:56:f7:43:a3:6a:79:a8:fa:5a:ba:
                    55:3b:5a:25:8a:ba:3b:5e:a9:54:10:1f:70:49:7d:
                    c8:d5:e6:20:10:ce:35:22:60:15:21:59:65:82:16:
                    aa:2d:65:e9:52:2d:4e:44:00:18:03:f0:d7:4e:1a:
                    98:a8:40:58:26:bc:8b:bf:fb:5e:eb:77:d2:bc:15:
                    9a:05:43:4b:59:62:39:c2:b1:89:a4:74:b1:72:42:
                    57:75:2b:8c:91:9d:16:19:5b:ed:e7:cb:c7:5b:59:
                    49:9e:93:56:07:99:7c:e4:c3:f6:ed:e0:ab:fd:4c:
                    73:0a:8c:d6:78:a3:43:7f:e0:ef:bb:45:86:85:1b:
                    66:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:D8:C9:E0:EA:FA:54:FE:B7:53:7E:19:9C:82:9F:73:9D:DE:AF:94
            X509v3 Authority Key Identifier:
                keyid:F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:62:38:34:9d:bf:65:9e:d6:3e:c9:fe:c5:2f:21:bd:51:ff:
         8d:f0:bf:60:3e:43:99:8f:21:8a:6a:7f:5b:c8:64:4a:44:5d:
         2b:5e:d3:55:91:95:f9:d0:8c:f0:ca:8f:47:c8:bc:da:74:b7:
         36:25:f8:9c:8e:98:c3:71:80:e5:3c:dd:7d:ad:4a:9f:b2:87:
         76:2a:27:3f:da:ac:72:ef:a9:90:63:a4:c8:d2:81:fc:d8:8b:
         69:c9:60:e8:97:b1:ad:71:24:ee:07:98:10:93:8c:2b:96:68:
         33:7f:c0:cc:e1:3c:ac:57:32:9c:59:d7:4f:27:fb:fd:e2:b9:
         c5:84:49:8d:ca:0b:83:30:52:5e:7d:04:0f:be:74:f1:95:4f:
         aa:5e:55:68:2d:e7:04:29:58:7d:af:92:ed:bb:96:50:d2:a4:
         e5:2e:92:31:f5:b2:52:db:7c:1b:75:89:e1:a8:6a:7d:79:ac:
         26:67:fc:6d:94:f4:f5:74:51:d2:58:b1:3c:30:35:4c:63:45:
         cf:63:67:11:68:5e:2f:fe:89:3d:ec:7c:08:3a:50:46:53:f5:
         9b:c3:3c:6a:0e:92:fd:f0:7d:83:e0:10:34:8f:9c:cd:8e:02:
         cc:59:de:74:50:b0:09:40:0a:b0:bc:f8:28:6f:63:35:f7:ae:
         2d:90:8c:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rrBeACHt/nTos/6A1aycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzE4NzMzYWFkNDNlZjZhOTliZDhkOTUwNGEyMGRkODkw
MjJlOGYwHhcNMjYwMzI5MTMwMDQyWhcNMjYwMzMwMTMwMDQyWjAzMTEwLwYDVQQD
EygyY2Q4YzllMGVhZmE1NGZlYjc1MzdlMTk5YzgyOWY3MzlkZGVhZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y6aoHFnPJzXJQHaVO6bjeMIc43g
Xf6wN2keBX94eZCmaScmriq2NFar2ctaOPlNKCqk8PXeoMiTYMjQ14rHg8P1iGMq
3lhopNXAADZoDgC4Gat2uabW9DOB/5pVZOTFaiGUxoewAKpQh6zZW+SYm8yPEe6y
PY4vL9U1hVb3Q6Nqeaj6WrpVO1oliro7XqlUEB9wSX3I1eYgEM41ImAVIVllghaq
LWXpUi1ORAAYA/DXThqYqEBYJryLv/te63fSvBWaBUNLWWI5wrGJpHSxckJXdSuM
kZ0WGVvt58vHW1lJnpNWB5l85MP27eCr/UxzCozWeKNDf+Dvu0WGhRtmjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzYyeDq+lT+t1N+GZyCn3Od3q+UMB8GA1UdIwQY
MBaAFPVxhzOq1D72qZvY2VBKIN2JAi6PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5Yzgt
ZDcyNWZhNjczMmI2LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5YzgtZDcyNWZhNjczMmI2
LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGI4NJ2/
ZZ7WPsn+xS8hvVH/jfC/YD5DmY8himp/W8hkSkRdK17TVZGV+dCM8MqPR8i82nS3
NiX4nI6Yw3GA5Tzdfa1Kn7KHdionP9qscu+pkGOkyNKB/NiLaclg6JexrXEk7geY
EJOMK5ZoM3/AzOE8rFcynFnXTyf7/eK5xYRJjcoLgzBSXn0ED7508ZVPql5VaC3n
BClYfa+S7buWUNKk5S6SMfWyUtt8G3WJ4ahqfXmsJmf8bZT09XRR0lixPDA1TGNF
z2NnEWheL/6JPex8CDpQRlP1m8M8ag6S/fB9g+AQNI+czY4CzFnedFCwCUAKsLz4
KG9jNfeuLZCMeg==
-----END CERTIFICATE-----