Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
File:                     xcidUmDLNP27s7wlv0rbr0zcaKA.mft (raw, json)
Hash identifier:          oSaYESS5fhDglJdd3blh8ZlnWElX6iukaCVUzmZ14BA=
Subject key identifier:   48:83:6F:5F:ED:4B:86:F6:D3:6A:49:2A:BA:2C:14:60:F1:9A:6D:74
Authority key identifier: C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0
Certificate issuer:       /CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
Certificate serial:       019D3865B6831173815F60BC9B110A31AE73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
Manifest number:          084B
Signing time:             Sun 29 Mar 2026 07:01:23 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:23 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:23 +0000
Files and hashes:         1: xcidUmDLNP27s7wlv0rbr0zcaKA.crl (hash: 9P0urLn6/Y/GxbwCICtCGpNi1gKI4A7gKn4sx2lWZd4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b6:83:11:73:81:5f:60:bc:9b:11:0a:31:ae:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5c89d5260cb34fdbbb3bc25bf4adbaf4cdc68a0
        Validity
            Not Before: Mar 29 07:01:23 2026 GMT
            Not After : Mar 30 07:01:23 2026 GMT
        Subject: CN=48836f5fed4b86f6d36a492aba2c1460f19a6d74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:95:9c:3f:7e:7c:ea:b5:c7:43:c5:f3:45:69:
                    26:b5:2c:38:55:9f:66:11:33:f0:90:5a:29:d9:a8:
                    69:95:04:71:75:c6:31:e9:a4:8f:2e:1b:52:8c:d9:
                    02:63:d8:39:e6:d4:f3:d5:53:a5:00:78:c6:2f:ce:
                    04:13:d1:42:17:bc:01:b3:9a:91:ed:ba:fc:53:1d:
                    d2:4b:54:32:ae:02:73:f3:03:9a:60:0d:54:a1:6e:
                    61:2e:92:3d:68:7b:60:0d:ee:e3:41:35:68:7a:08:
                    3e:a6:cb:03:c9:76:5c:a3:21:72:c9:1b:d0:3a:b8:
                    2f:c1:4f:7e:59:96:98:04:ed:be:be:12:f8:d9:fc:
                    e1:2c:80:c7:86:49:76:b4:53:3a:57:a0:fb:f9:80:
                    85:69:91:8a:17:06:0b:0d:c9:fa:e1:cf:e0:d7:a8:
                    0d:71:f8:c4:3c:c9:bc:b3:ad:a7:f5:59:2d:3a:9e:
                    d4:55:60:71:01:31:46:59:45:78:8f:42:ae:1a:3d:
                    83:b1:b5:30:27:0c:21:ac:00:0d:7e:25:f5:50:f1:
                    f9:f5:86:88:1b:ad:78:a2:4b:79:d7:57:7e:c7:94:
                    e2:75:84:32:78:b4:da:17:be:2f:10:02:24:06:2b:
                    90:25:47:34:1d:d8:c5:06:61:d9:08:80:07:c2:ae:
                    f4:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:83:6F:5F:ED:4B:86:F6:D3:6A:49:2A:BA:2C:14:60:F1:9A:6D:74
            X509v3 Authority Key Identifier:
                keyid:C5:C8:9D:52:60:CB:34:FD:BB:B3:BC:25:BF:4A:DB:AF:4C:DC:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcidUmDLNP27s7wlv0rbr0zcaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/623b14-4e6e-4c31-96be-8ebcd09b2bca/1/xcidUmDLNP27s7wlv0rbr0zcaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:32:9e:7d:cf:b5:b9:77:87:c0:88:48:bc:f4:b4:cd:f8:bd:
         fc:ec:2e:0d:40:07:04:57:26:83:3c:ee:b9:c5:44:2f:db:d6:
         41:d7:c7:da:86:57:1e:77:47:ca:27:e5:47:4d:a2:9b:99:2b:
         b9:bf:78:ba:d9:7c:97:c0:3e:33:ce:50:37:dd:3d:23:b4:ac:
         85:c4:7d:d8:94:5e:26:c2:10:39:b8:22:39:fa:c4:82:8f:08:
         41:9e:0b:bc:64:0b:45:bc:6a:66:04:7b:3d:97:2e:4f:7a:28:
         bf:ae:72:82:79:21:b1:b5:31:63:5d:56:39:c6:6a:b2:b8:a0:
         3c:fe:ed:71:9d:db:d4:37:1e:0e:00:6b:4e:87:a2:0f:09:d1:
         06:65:f0:dd:90:a7:e4:54:56:2a:5a:f7:af:62:1d:86:e7:4e:
         56:4a:cb:83:43:82:f8:85:b6:43:45:a9:95:b5:b7:6d:75:cb:
         d9:6c:0c:2a:09:8c:71:fd:2c:66:90:66:28:8f:90:76:91:be:
         48:bd:b5:73:f2:06:5b:23:14:b3:d5:56:14:47:58:da:ec:0e:
         d1:fd:22:36:ab:e5:88:a7:7b:9a:05:80:d3:cf:f7:b1:06:9c:
         d4:10:df:20:49:82:bf:d4:f4:88:a2:09:20:fe:50:97:80:ea:
         86:f2:0b:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbaDEXOBX2C8mxEKMa5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yzg5ZDUyNjBjYjM0ZmRiYmIzYmMyNWJmNGFkYmFmNGNk
YzY4YTAwHhcNMjYwMzI5MDcwMTIzWhcNMjYwMzMwMDcwMTIzWjAzMTEwLwYDVQQD
Eyg0ODgzNmY1ZmVkNGI4NmY2ZDM2YTQ5MmFiYTJjMTQ2MGYxOWE2ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZWcP3586rXHQ8XzRWkmtSw4VZ9m
ETPwkFop2ahplQRxdcYx6aSPLhtSjNkCY9g55tTz1VOlAHjGL84EE9FCF7wBs5qR
7br8Ux3SS1QyrgJz8wOaYA1UoW5hLpI9aHtgDe7jQTVoegg+pssDyXZcoyFyyRvQ
OrgvwU9+WZaYBO2+vhL42fzhLIDHhkl2tFM6V6D7+YCFaZGKFwYLDcn64c/g16gN
cfjEPMm8s62n9VktOp7UVWBxATFGWUV4j0KuGj2DsbUwJwwhrAANfiX1UPH59YaI
G614okt511d+x5TidYQyeLTaF74vEAIkBiuQJUc0HdjFBmHZCIAHwq70sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiDb1/tS4b202pJKrosFGDxmm10MB8GA1UdIwQY
MBaAFMXInVJgyzT9u7O8Jb9K269M3GigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUt
OGViY2QwOWIyYmNhLzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82MjNiMTQtNGU2ZS00YzMxLTk2YmUtOGViY2QwOWIyYmNh
LzEveGNpZFVtRExOUDI3czd3bHYwcmJyMHpjYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZzKefc+1
uXeHwIhIvPS0zfi9/OwuDUAHBFcmgzzuucVEL9vWQdfH2oZXHndHyiflR02im5kr
ub94utl8l8A+M85QN909I7SshcR92JReJsIQObgiOfrEgo8IQZ4LvGQLRbxqZgR7
PZcuT3oov65ygnkhsbUxY11WOcZqsrigPP7tcZ3b1DceDgBrToeiDwnRBmXw3ZCn
5FRWKlr3r2IdhudOVkrLg0OC+IW2Q0WplbW3bXXL2WwMKgmMcf0sZpBmKI+QdpG+
SL21c/IGWyMUs9VWFEdY2uwO0f0iNqvliKd7mgWA08/3sQac1BDfIEmCv9T0iKIJ
IP5Ql4DqhvIL7w==
-----END CERTIFICATE-----