Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          D7koHzT6d/r+kfYzLUhxJ2axD2ftW5zc7GkHP1lu9wA=
Subject key identifier:   D6:F2:EE:F7:8E:D5:F9:CD:47:2C:0F:48:83:49:2B:BB:D3:31:89:4A
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019D371BCC2616E8B2021ABC45871FE661A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          0638
Signing time:             Sun 29 Mar 2026 01:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:01 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: agF+As0G8cD34oDQIRTxGb72NHjymT8I0G08qkT6zHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:cc:26:16:e8:b2:02:1a:bc:45:87:1f:e6:61:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Mar 29 01:01:01 2026 GMT
            Not After : Mar 30 01:01:01 2026 GMT
        Subject: CN=d6f2eef78ed5f9cd472c0f4883492bbbd331894a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:92:22:dd:ae:8a:76:d6:1c:9e:2d:34:fa:88:
                    25:d4:e5:1b:40:41:6f:7f:5d:19:b9:0c:b6:d9:7a:
                    c4:84:5e:24:1b:82:7e:72:f1:69:89:5b:d0:ba:9b:
                    88:30:51:e4:56:61:40:bc:26:3c:46:c6:14:0b:7e:
                    a6:bd:5b:e4:9f:b4:5f:93:87:7a:56:85:ac:b3:09:
                    ba:e2:3d:fc:fc:5d:c1:c2:54:0f:f9:05:72:75:e8:
                    bc:88:81:9e:cd:13:bb:d8:12:90:e9:3d:08:33:bd:
                    48:76:9c:fc:06:7c:2a:ff:c6:ef:f0:35:0c:a0:99:
                    32:f8:11:ae:ef:fe:36:5b:f1:d2:c0:96:62:0b:88:
                    a3:50:7e:7e:f4:5f:59:87:ca:6a:b6:38:e4:c6:d5:
                    2f:a4:e1:f2:0e:b4:12:c1:ff:5c:6a:8f:f6:09:31:
                    71:6b:50:a4:dc:56:23:fe:f3:39:58:21:41:26:61:
                    06:59:37:19:37:e5:05:d4:51:1b:b3:71:11:03:bc:
                    f1:22:6d:8b:ed:4c:0a:e2:d0:71:ab:b4:f7:2d:ab:
                    6f:bf:d6:ae:e2:16:94:db:e7:88:e9:0a:28:d4:ff:
                    84:63:1e:24:66:06:ff:a1:12:f3:61:6c:ae:86:ad:
                    9d:b3:a3:17:ef:8b:0a:4a:09:8c:da:de:9a:f6:bb:
                    ce:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F2:EE:F7:8E:D5:F9:CD:47:2C:0F:48:83:49:2B:BB:D3:31:89:4A
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:4d:f7:5b:e5:0f:5f:07:57:31:fb:a4:6b:33:ed:96:7e:0c:
         84:25:b1:f3:04:69:72:95:f5:70:b4:52:87:f2:b9:7e:b2:cd:
         72:8e:76:92:e2:57:fe:27:ad:e0:d7:a1:cd:16:49:17:62:2d:
         7c:1b:03:aa:50:5f:49:76:cc:8f:22:8c:92:8b:2d:78:5e:cb:
         94:ec:4d:ea:cd:64:d7:7c:21:67:71:cd:e9:e0:cf:e1:d6:b1:
         cb:44:2b:e0:54:24:66:b6:17:59:92:25:db:5f:e9:da:21:29:
         9f:fe:15:73:bc:89:89:71:72:33:de:cf:66:92:5f:4b:a9:84:
         f2:18:c4:46:3e:d0:82:0c:4b:d3:24:9e:da:31:6a:56:f8:b0:
         61:4e:56:cb:75:2e:38:ed:87:62:b7:d0:cb:45:67:3b:6f:2b:
         4a:6e:4f:33:5a:02:7b:f8:2f:a9:10:42:dd:8c:32:8c:c7:64:
         14:ef:39:c6:b2:bc:74:29:4a:e3:c5:67:fe:dd:cf:01:14:2e:
         ce:3a:3e:8c:65:a2:93:36:4e:68:50:1e:d9:a0:3b:24:02:62:
         ca:fd:aa:11:b4:35:b9:3c:d5:89:f1:fc:30:28:19:9b:8d:bd:
         d0:00:d6:a4:d0:d5:ff:b1:19:78:b7:4e:7a:c7:e1:17:08:9b:
         8b:e7:cf:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G8wmFuiyAhq8RYcf5mGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjYwMzI5MDEwMTAxWhcNMjYwMzMwMDEwMTAxWjAzMTEwLwYDVQQD
EyhkNmYyZWVmNzhlZDVmOWNkNDcyYzBmNDg4MzQ5MmJiYmQzMzE4OTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupIi3a6KdtYcni00+ogl1OUbQEFv
f10ZuQy22XrEhF4kG4J+cvFpiVvQupuIMFHkVmFAvCY8RsYUC36mvVvkn7Rfk4d6
VoWsswm64j38/F3BwlQP+QVydei8iIGezRO72BKQ6T0IM71Idpz8Bnwq/8bv8DUM
oJky+BGu7/42W/HSwJZiC4ijUH5+9F9Zh8pqtjjkxtUvpOHyDrQSwf9cao/2CTFx
a1Ck3FYj/vM5WCFBJmEGWTcZN+UF1FEbs3ERA7zxIm2L7UwK4tBxq7T3Latvv9au
4haU2+eI6Qoo1P+EYx4kZgb/oRLzYWyuhq2ds6MX74sKSgmM2t6a9rvO3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNby7veO1fnNRywPSINJK7vTMYlKMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMU33W+UP
XwdXMfukazPtln4MhCWx8wRpcpX1cLRSh/K5frLNco52kuJX/iet4NehzRZJF2It
fBsDqlBfSXbMjyKMkosteF7LlOxN6s1k13whZ3HN6eDP4daxy0Qr4FQkZrYXWZIl
21/p2iEpn/4Vc7yJiXFyM97PZpJfS6mE8hjERj7QggxL0ySe2jFqVviwYU5Wy3Uu
OO2HYrfQy0VnO28rSm5PM1oCe/gvqRBC3YwyjMdkFO85xrK8dClK48Vn/t3PARQu
zjo+jGWikzZOaFAe2aA7JAJiyv2qEbQ1uTzVifH8MCgZm4290ADWpNDV/7EZeLdO
esfhFwibi+fP7g==
-----END CERTIFICATE-----