Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft
File:                     5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft (raw, json)
Hash identifier:          kjffxBmbEyNoul9IOm0oSeAdcnJHINp1jCXLNvkxrvQ=
Subject key identifier:   3E:12:3F:96:6D:46:59:BB:B8:3F:C6:4A:7B:AB:33:1D:7C:A1:6C:0D
Authority key identifier: E5:77:31:EA:85:7B:90:3A:A4:0A:8E:5F:D8:D8:84:46:50:5B:52:33
Certificate issuer:       /CN=e57731ea857b903aa40a8e5fd8d88446505b5233
Certificate serial:       019D390A53F79249C9A56A4C6E6BD96FC7DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft
Manifest number:          1891
Signing time:             Sun 29 Mar 2026 10:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 10:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 10:01:11 +0000
Files and hashes:         1: 5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl (hash: bbN4aWb3q0b4pOIWaWs7OUdIb7zvXOVki0OV3P/Qt/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:53:f7:92:49:c9:a5:6a:4c:6e:6b:d9:6f:c7:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e57731ea857b903aa40a8e5fd8d88446505b5233
        Validity
            Not Before: Mar 29 10:01:11 2026 GMT
            Not After : Mar 30 10:01:11 2026 GMT
        Subject: CN=3e123f966d4659bbb83fc64a7bab331d7ca16c0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:81:a9:8d:ee:bf:9c:90:a0:c0:1c:d5:11:fc:
                    c9:f5:0c:1d:ec:c1:88:8a:f0:84:b0:73:72:2e:16:
                    ce:6b:5e:2d:be:43:ee:70:83:fc:21:7a:2e:9b:53:
                    45:c7:48:8b:38:10:ef:7e:dc:f9:d5:31:87:72:b5:
                    64:2d:a9:27:c9:45:17:61:f1:16:80:fc:de:63:4e:
                    dd:52:29:6e:ec:ed:d4:b0:24:08:a1:6f:fb:4b:51:
                    40:71:8c:df:63:df:ac:da:c2:38:cf:0f:81:32:63:
                    7c:05:3e:98:cf:02:d5:7c:31:99:f4:bd:ca:3b:86:
                    9d:60:eb:f8:0c:e4:22:f7:a5:3c:c9:71:1b:0e:6c:
                    6d:df:07:0a:c1:c1:51:de:b1:b6:b8:e6:8d:c6:57:
                    4f:9a:26:c2:73:c1:42:8f:e9:d0:6f:35:21:f1:4e:
                    51:d1:ab:cf:25:d8:f0:2a:d8:9e:07:8b:ec:5e:2c:
                    98:d8:2f:46:b8:5d:b0:fe:03:43:ab:7b:10:2b:ab:
                    e3:39:17:cb:3e:69:83:fb:79:56:9b:3a:79:9c:cb:
                    34:0b:34:e3:4b:2d:74:c1:d7:53:79:05:db:35:28:
                    4c:e8:85:5f:ed:fa:cb:07:f3:08:c6:e2:aa:54:bf:
                    8d:1a:4d:66:a7:ed:50:62:a2:8e:07:b9:df:c4:e9:
                    49:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:12:3F:96:6D:46:59:BB:B8:3F:C6:4A:7B:AB:33:1D:7C:A1:6C:0D
            X509v3 Authority Key Identifier:
                keyid:E5:77:31:EA:85:7B:90:3A:A4:0A:8E:5F:D8:D8:84:46:50:5B:52:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Xcx6oV7kDqkCo5f2NiERlBbUjM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/afbb62-0098-42b3-81ae-f0bb2e15f6d0/1/5Xcx6oV7kDqkCo5f2NiERlBbUjM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:95:2f:1f:ac:a8:08:11:7d:44:2b:2f:c5:6a:e1:d5:8f:47:
         a8:38:d0:56:bb:9a:c0:11:a0:51:c0:fd:d5:e7:f2:14:be:99:
         b0:d3:67:c7:84:cc:6a:ed:a8:cc:19:48:9b:ba:a6:ad:e7:df:
         bf:14:63:0e:9f:ff:15:8d:bb:bf:06:93:ce:e2:4b:76:83:1d:
         d9:ef:fb:07:75:18:20:56:24:97:75:1c:18:05:53:6f:56:39:
         44:d2:ea:e9:03:08:73:75:a1:b1:27:a5:65:77:bf:24:37:4e:
         c5:8c:d2:9d:72:c4:dc:2c:d1:be:86:f1:1e:36:a4:4a:71:35:
         5b:96:35:19:64:71:b7:fd:ad:08:e5:fd:01:db:53:c7:7f:14:
         2e:3e:b9:98:07:63:ec:4b:fe:c6:3b:4b:6b:fd:82:64:ab:d1:
         a3:41:db:90:ab:01:ee:19:c3:d8:eb:3a:4e:5d:63:fb:67:7f:
         fc:0a:ca:f8:fe:fd:09:ac:66:e2:67:b2:72:6c:47:1c:74:f5:
         44:85:88:89:e3:b0:21:b0:43:97:59:fd:db:8a:72:d3:38:66:
         7b:b2:1b:93:10:33:5c:8d:61:ad:62:27:88:9f:51:91:3b:91:
         ce:53:4b:62:50:74:3a:fd:46:87:2e:2a:d4:e9:db:b7:70:cc:
         7c:3c:a2:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ClP3kknJpWpMbmvZb8feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NzczMWVhODU3YjkwM2FhNDBhOGU1ZmQ4ZDg4NDQ2NTA1
YjUyMzMwHhcNMjYwMzI5MTAwMTExWhcNMjYwMzMwMTAwMTExWjAzMTEwLwYDVQQD
EygzZTEyM2Y5NjZkNDY1OWJiYjgzZmM2NGE3YmFiMzMxZDdjYTE2YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oGpje6/nJCgwBzVEfzJ9Qwd7MGI
ivCEsHNyLhbOa14tvkPucIP8IXoum1NFx0iLOBDvftz51TGHcrVkLaknyUUXYfEW
gPzeY07dUilu7O3UsCQIoW/7S1FAcYzfY9+s2sI4zw+BMmN8BT6YzwLVfDGZ9L3K
O4adYOv4DOQi96U8yXEbDmxt3wcKwcFR3rG2uOaNxldPmibCc8FCj+nQbzUh8U5R
0avPJdjwKtieB4vsXiyY2C9GuF2w/gNDq3sQK6vjORfLPmmD+3lWmzp5nMs0CzTj
Sy10wddTeQXbNShM6IVf7frLB/MIxuKqVL+NGk1mp+1QYqKOB7nfxOlJoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4SP5ZtRlm7uD/GSnurMx18oWwNMB8GA1UdIwQY
MBaAFOV3MeqFe5A6pAqOX9jYhEZQW1IzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZmJiNjItMDA5OC00MmIzLTgxYWUt
ZjBiYjJlMTVmNmQwLzEvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hZmJiNjItMDA5OC00MmIzLTgxYWUtZjBiYjJlMTVmNmQw
LzEvNVhjeDZvVjdrRHFrQ281ZjJOaUVSbEJiVWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZUvH6yo
CBF9RCsvxWrh1Y9HqDjQVruawBGgUcD91efyFL6ZsNNnx4TMau2ozBlIm7qmreff
vxRjDp//FY27vwaTzuJLdoMd2e/7B3UYIFYkl3UcGAVTb1Y5RNLq6QMIc3WhsSel
ZXe/JDdOxYzSnXLE3CzRvobxHjakSnE1W5Y1GWRxt/2tCOX9AdtTx38ULj65mAdj
7Ev+xjtLa/2CZKvRo0HbkKsB7hnD2Os6Tl1j+2d//ArK+P79Caxm4meycmxHHHT1
RIWIieOwIbBDl1n924py0zhme7IbkxAzXI1hrWIniJ9RkTuRzlNLYlB0Ov1Ghy4q
1Onbt3DMfDyiIA==
-----END CERTIFICATE-----