Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
File:                     5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json)
Hash identifier:          5JtfAF8BLRdXNqzVECWpjb+fEab3pE4Rr4VPhGM6LyA=
Subject key identifier:   76:81:18:67:C5:26:EF:F4:94:45:F4:20:42:D8:64:44:4D:29:82:59
Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
Certificate issuer:       /CN=e5c7c39a5912ddc21e9f6b519896725762127833
Certificate serial:       019D2703CC11476D0FFD325984EE996EF4DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
Manifest number:          0400
Signing time:             Wed 25 Mar 2026 22:00:53 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:53 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:53 +0000
Files and hashes:         1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: faAXWCd/3xzbPL1NHplajaKy46r57AanI1uO0S+pUhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:cc:11:47:6d:0f:fd:32:59:84:ee:99:6e:f4:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833
        Validity
            Not Before: Mar 25 22:00:53 2026 GMT
            Not After : Mar 26 22:00:53 2026 GMT
        Subject: CN=76811867c526eff49445f42042d864444d298259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:94:70:ac:8e:fa:22:28:cc:e3:c0:33:93:e6:
                    2f:da:e0:0d:23:5e:2f:90:21:8b:70:33:58:ee:fc:
                    1f:d1:be:27:bb:0f:e4:21:30:ef:1d:7f:99:37:eb:
                    14:98:16:b8:18:c5:10:0a:b2:c0:4c:c0:d4:b3:44:
                    f5:e9:05:1b:1b:1f:5d:96:42:e2:7d:fe:ef:2c:63:
                    2c:70:ba:e0:c4:fe:0a:be:cb:c8:5a:7b:cc:6b:f5:
                    9d:5d:c3:ea:58:2b:bc:9e:95:5b:bf:11:f7:47:07:
                    7c:ab:d8:60:97:b4:a2:a0:56:57:8d:a0:e8:8a:27:
                    81:c6:95:94:dd:05:5e:8e:40:a9:95:17:4d:db:66:
                    bd:8b:56:54:31:d7:ab:9b:da:a5:43:94:d7:70:33:
                    f9:35:b0:63:b5:d3:26:09:b0:c0:f0:4f:34:d8:28:
                    f3:f1:05:f6:c6:60:7d:01:bd:05:72:b3:2a:e6:30:
                    ab:39:c9:ae:56:dc:c0:c5:b9:0f:23:df:e8:1c:6c:
                    32:c4:c8:d1:db:64:cd:41:3d:3d:5c:54:45:72:18:
                    b5:20:4a:43:c5:38:a7:16:f2:74:2c:2e:19:14:1b:
                    cd:46:36:0f:cd:09:46:86:df:05:e0:ac:8a:0c:ee:
                    8b:8b:1f:79:95:4c:e3:b8:f0:67:cb:82:81:21:0e:
                    48:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:81:18:67:C5:26:EF:F4:94:45:F4:20:42:D8:64:44:4D:29:82:59
            X509v3 Authority Key Identifier:
                keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:82:12:f7:19:a6:13:9b:f0:ef:46:5f:ac:bc:b0:db:93:31:
         24:23:84:2d:80:67:81:66:e1:d9:55:92:47:88:e5:c7:56:50:
         08:73:78:8b:3b:de:70:2a:0b:42:b1:8c:6f:ae:91:bb:c1:1a:
         3b:8d:2c:1c:01:86:fe:74:20:8c:ab:a7:65:42:f7:d3:d4:47:
         85:bd:ce:63:41:db:68:51:58:c5:24:00:c3:65:3e:36:d9:c7:
         28:de:de:66:45:51:03:6b:3d:30:bf:34:e9:2e:26:fe:6f:e4:
         fb:dc:9c:94:09:3c:9c:74:67:95:a5:4c:7c:75:c3:e4:6a:ed:
         42:f6:c0:2e:02:f8:78:31:f8:19:b8:01:87:90:54:ca:3a:bf:
         ad:bf:b2:a4:22:e8:ee:e1:c3:eb:cd:25:5d:48:da:d2:b5:92:
         cd:61:14:d4:3c:55:c2:04:51:82:c1:83:6e:ad:72:c9:f2:32:
         89:54:43:a6:fd:ea:79:c0:12:49:dd:32:3e:7f:10:0f:e6:ef:
         f8:b2:2b:b9:56:50:54:58:fb:fc:13:7a:39:d3:fe:03:ce:c7:
         23:ae:53:0b:1e:48:61:62:8a:8b:a5:77:f5:51:18:2e:fb:28:
         8a:46:91:cc:83:e0:c4:3d:ab:1a:08:be:53:7e:13:30:b8:ea:
         25:94:b0:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA8wRR20P/TJZhO6ZbvTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx
Mjc4MzMwHhcNMjYwMzI1MjIwMDUzWhcNMjYwMzI2MjIwMDUzWjAzMTEwLwYDVQQD
Eyg3NjgxMTg2N2M1MjZlZmY0OTQ0NWY0MjA0MmQ4NjQ0NDRkMjk4MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75RwrI76IijM48Azk+Yv2uANI14v
kCGLcDNY7vwf0b4nuw/kITDvHX+ZN+sUmBa4GMUQCrLATMDUs0T16QUbGx9dlkLi
ff7vLGMscLrgxP4KvsvIWnvMa/WdXcPqWCu8npVbvxH3Rwd8q9hgl7SioFZXjaDo
iieBxpWU3QVejkCplRdN22a9i1ZUMderm9qlQ5TXcDP5NbBjtdMmCbDA8E802Cjz
8QX2xmB9Ab0FcrMq5jCrOcmuVtzAxbkPI9/oHGwyxMjR22TNQT09XFRFchi1IEpD
xTinFvJ0LC4ZFBvNRjYPzQlGht8F4KyKDO6Lix95lUzjuPBny4KBIQ5IUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaBGGfFJu/0lEX0IELYZERNKYJZMB8GA1UdIwQY
MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt
MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4
LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsoIS9xmm
E5vw70ZfrLyw25MxJCOELYBngWbh2VWSR4jlx1ZQCHN4izvecCoLQrGMb66Ru8Ea
O40sHAGG/nQgjKunZUL309RHhb3OY0HbaFFYxSQAw2U+NtnHKN7eZkVRA2s9ML80
6S4m/m/k+9yclAk8nHRnlaVMfHXD5GrtQvbALgL4eDH4GbgBh5BUyjq/rb+ypCLo
7uHD680lXUja0rWSzWEU1DxVwgRRgsGDbq1yyfIyiVRDpv3qecASSd0yPn8QD+bv
+LIruVZQVFj7/BN6OdP+A87HI65TCx5IYWKKi6V39VEYLvsoikaRzIPgxD2rGgi+
U34TMLjqJZSw6g==
-----END CERTIFICATE-----