Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          fMUm6WjZ1Yga230K2SNmvnoIDhmUFT+pctUMZfA82+Y=
Subject key identifier:   80:37:5D:17:42:B5:53:97:A1:E7:FD:E3:2B:A9:1C:90:53:A6:A1:5A
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019D29291F943BFC7D884BA0A9D66779AF70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0F0C
Signing time:             Thu 26 Mar 2026 08:00:53 +0000
Manifest this update:     Thu 26 Mar 2026 08:00:53 +0000
Manifest next update:     Fri 27 Mar 2026 08:00:53 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: aMD2rqGNx2SCzZFR9pDqbiPC1fhNSnU1+IfGVgX5uuA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:1f:94:3b:fc:7d:88:4b:a0:a9:d6:67:79:af:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Mar 26 08:00:53 2026 GMT
            Not After : Mar 27 08:00:53 2026 GMT
        Subject: CN=80375d1742b55397a1e7fde32ba91c9053a6a15a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:cb:6f:55:63:25:1c:a7:04:07:05:32:7f:64:
                    f2:86:ce:0c:d4:0a:8d:94:ef:ca:e7:e4:e7:6e:2c:
                    d3:c1:f3:bd:28:1d:85:9a:14:3c:79:23:1d:67:f2:
                    2a:63:d3:6f:cb:67:fa:89:c7:b8:35:4a:86:24:94:
                    ac:a1:1d:35:7e:0b:ea:01:d4:8c:8d:14:3f:7a:a9:
                    ca:74:ed:5b:5a:10:e7:03:cc:d7:08:ef:59:7d:e7:
                    0d:ea:ad:d1:b2:f4:95:c8:c4:21:e7:f8:5a:00:0d:
                    3c:4f:73:35:db:3e:2c:08:61:e9:ff:9c:90:dc:52:
                    6c:08:c8:2b:e9:f9:41:4a:78:bf:11:8c:e0:bb:fa:
                    77:b6:dc:2c:92:bc:7c:84:bc:4e:b5:34:2b:f3:15:
                    da:21:66:a4:42:73:df:5d:37:8f:5a:70:ab:f8:e9:
                    5a:70:7b:b4:eb:bc:6f:76:85:78:4f:26:02:75:92:
                    d1:ee:2e:2d:d6:d9:66:6d:4e:b6:f1:25:54:78:57:
                    9d:ae:70:cc:fc:2d:0e:46:95:f3:46:e8:36:77:18:
                    8e:c9:0c:3c:fb:c5:b7:5b:44:1c:e8:76:b4:ae:a4:
                    7c:5d:a4:2e:fc:69:d1:e7:d8:3e:de:15:3a:1a:09:
                    94:b2:58:89:8e:47:7b:49:ba:14:62:56:fd:48:73:
                    62:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:37:5D:17:42:B5:53:97:A1:E7:FD:E3:2B:A9:1C:90:53:A6:A1:5A
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:37:38:12:5a:85:fd:8a:6b:56:d5:db:e9:19:1b:6f:6c:95:
         a5:b5:98:6d:5e:c0:f9:c0:d1:10:fa:23:89:13:5a:b7:df:4a:
         94:90:55:99:22:d4:f3:5c:60:c0:f6:84:a9:98:4a:d6:86:65:
         11:57:e5:2f:99:02:e9:28:01:65:70:ae:5d:f1:f4:33:df:f6:
         79:b0:70:fb:13:3b:31:3f:37:aa:96:c4:1f:1e:91:81:2e:2d:
         24:41:a4:f8:72:89:c7:a6:55:42:6b:26:b4:84:42:29:c8:1d:
         f1:07:ed:c8:ea:d8:37:f6:5f:dd:1b:37:cb:a6:48:01:d4:c3:
         2e:45:5c:5a:59:dc:af:80:4a:30:fc:92:29:ac:b7:73:35:72:
         60:d0:94:f8:3e:20:60:ad:36:0d:9a:71:05:37:db:a4:04:c3:
         c3:e5:63:27:34:41:8a:c3:f3:8c:fb:85:1a:17:52:dd:9a:67:
         0d:78:a7:99:a6:b9:a9:93:9c:8b:fc:92:23:e2:f0:65:48:5d:
         a5:42:ae:c7:1d:35:e6:53:06:5c:a1:f3:e7:78:28:73:5c:69:
         c1:7b:ca:99:f3:36:e8:d4:27:51:86:44:20:3c:f0:ba:61:89:
         de:04:dd:83:81:ac:62:4c:ca:87:16:fd:1d:17:e4:f3:78:d4:
         39:98:6b:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKR+UO/x9iEugqdZnea9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjYwMzI2MDgwMDUzWhcNMjYwMzI3MDgwMDUzWjAzMTEwLwYDVQQD
Eyg4MDM3NWQxNzQyYjU1Mzk3YTFlN2ZkZTMyYmE5MWM5MDUzYTZhMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlctvVWMlHKcEBwUyf2Tyhs4M1AqN
lO/K5+TnbizTwfO9KB2FmhQ8eSMdZ/IqY9Nvy2f6ice4NUqGJJSsoR01fgvqAdSM
jRQ/eqnKdO1bWhDnA8zXCO9ZfecN6q3RsvSVyMQh5/haAA08T3M12z4sCGHp/5yQ
3FJsCMgr6flBSni/EYzgu/p3ttwskrx8hLxOtTQr8xXaIWakQnPfXTePWnCr+Ola
cHu067xvdoV4TyYCdZLR7i4t1tlmbU628SVUeFedrnDM/C0ORpXzRug2dxiOyQw8
+8W3W0Qc6Ha0rqR8XaQu/GnR59g+3hU6GgmUsliJjkd7SboUYlb9SHNiHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIA3XRdCtVOXoef94yupHJBTpqFaMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfDc4ElqF
/YprVtXb6Rkbb2yVpbWYbV7A+cDREPojiRNat99KlJBVmSLU81xgwPaEqZhK1oZl
EVflL5kC6SgBZXCuXfH0M9/2ebBw+xM7MT83qpbEHx6RgS4tJEGk+HKJx6ZVQmsm
tIRCKcgd8QftyOrYN/Zf3Rs3y6ZIAdTDLkVcWlncr4BKMPySKay3czVyYNCU+D4g
YK02DZpxBTfbpATDw+VjJzRBisPzjPuFGhdS3ZpnDXinmaa5qZOci/ySI+LwZUhd
pUKuxx015lMGXKHz53goc1xpwXvKmfM26NQnUYZEIDzwumGJ3gTdg4GsYkzKhxb9
HRfk83jUOZhrwQ==
-----END CERTIFICATE-----