Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
File:                     5weSQnGbdzi4P0kUerH1gp93ahU.mft (raw, json)
Hash identifier:          kw4gKGrHj3GbQLGBrwcfCLx82q2z/KqW2Ryy1bM+AR4=
Subject key identifier:   00:4E:36:DC:30:87:B9:B7:1C:99:89:D1:20:CA:B1:67:64:2E:7C:04
Authority key identifier: E7:07:92:42:71:9B:77:38:B8:3F:49:14:7A:B1:F5:82:9F:77:6A:15
Certificate issuer:       /CN=e7079242719b7738b83f49147ab1f5829f776a15
Certificate serial:       019D29CE1B713C41306C9E26EB828B3E8671
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
Manifest number:          0252
Signing time:             Thu 26 Mar 2026 11:01:06 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:06 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:06 +0000
Files and hashes:         1: 5weSQnGbdzi4P0kUerH1gp93ahU.crl (hash: HBDd5ud4TzX2hQ7qkPcA5YQZOiCFmNx0OfXqzUKsFhU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:1b:71:3c:41:30:6c:9e:26:eb:82:8b:3e:86:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7079242719b7738b83f49147ab1f5829f776a15
        Validity
            Not Before: Mar 26 11:01:06 2026 GMT
            Not After : Mar 27 11:01:06 2026 GMT
        Subject: CN=004e36dc3087b9b71c9989d120cab167642e7c04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a6:4c:bb:8b:22:01:1b:35:c9:18:78:2a:eb:
                    5b:bc:b0:80:d5:6d:8b:f9:8d:34:2e:fb:fc:d1:46:
                    32:f3:eb:27:4b:21:76:e9:fc:8f:a0:fb:79:34:20:
                    f4:ce:1b:fc:e5:f5:45:96:e2:fe:27:b8:5a:6b:a5:
                    bb:5b:31:75:65:2c:7c:3b:e9:d1:7f:05:5e:23:de:
                    59:16:36:ee:22:a1:92:5e:54:7d:99:31:ac:b2:00:
                    68:07:94:cf:cc:6b:49:75:ed:19:75:f5:3f:03:e1:
                    e9:22:dd:fe:34:e3:8b:57:1a:f5:8b:2d:34:be:ca:
                    01:0a:0f:17:00:2a:c8:6a:2d:0a:8d:2a:b8:29:95:
                    18:97:17:7f:48:56:73:37:f8:85:84:52:57:5d:1f:
                    0d:bd:32:1b:49:c0:c7:1b:d7:43:2e:66:41:27:c8:
                    04:37:a0:51:c6:b1:05:a0:47:fc:45:9a:fe:80:8c:
                    02:d1:c2:a2:a0:2f:86:8e:83:24:fd:53:b8:aa:19:
                    72:a6:0a:00:39:75:41:b5:3f:5c:bb:07:bb:b7:5f:
                    4f:0b:47:fc:4c:af:92:c2:ef:f2:06:50:20:ef:95:
                    9f:e3:4d:9d:eb:22:5e:9b:fc:18:55:ae:47:a3:74:
                    19:36:97:15:d5:c1:36:79:c4:1a:2f:0d:d3:bb:23:
                    33:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:4E:36:DC:30:87:B9:B7:1C:99:89:D1:20:CA:B1:67:64:2E:7C:04
            X509v3 Authority Key Identifier:
                keyid:E7:07:92:42:71:9B:77:38:B8:3F:49:14:7A:B1:F5:82:9F:77:6A:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5weSQnGbdzi4P0kUerH1gp93ahU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1a59c9-1446-4779-be0a-d50f29308464/1/5weSQnGbdzi4P0kUerH1gp93ahU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:7d:25:b5:c3:e9:8d:19:c9:37:64:e8:7a:0f:e7:64:80:8e:
         87:20:43:fa:07:53:e5:c9:79:41:7a:1b:6b:5e:12:21:11:82:
         96:84:32:fa:7a:00:d7:04:bf:6c:56:10:7d:bc:64:86:bc:3d:
         c5:21:d3:e7:fe:ae:a3:44:e3:68:f9:f4:87:5f:3d:1e:d9:43:
         cd:b8:53:62:b1:f5:d3:1d:97:d2:73:eb:68:68:1b:b1:12:9b:
         7b:09:02:67:0b:a0:ae:aa:a5:a0:9f:18:e6:41:91:db:de:70:
         58:ff:bc:9a:03:74:8a:ba:b2:fc:01:24:dd:ee:6f:03:ae:5d:
         ea:21:ac:48:28:2d:46:d3:29:e4:f4:47:b1:a3:52:17:f0:f3:
         df:07:74:b7:4b:eb:89:19:09:24:dc:c7:9c:c6:76:ee:9a:c4:
         6e:25:34:b1:4a:f2:23:5a:31:0d:a5:8a:9b:c6:b0:8e:cf:2f:
         fb:92:6b:90:d4:c2:76:f1:a5:3b:23:ed:d8:dd:bb:58:c8:e4:
         18:44:ac:32:8f:9f:3f:37:c1:87:79:65:3d:0f:3e:0d:ec:34:
         75:a7:21:46:98:db:c6:a1:25:3d:cf:a1:10:ad:69:8b:b9:ad:
         8c:cf:94:03:60:cd:d9:e8:6c:84:ec:3d:99:a2:ed:43:4a:fb:
         3e:d8:04:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzhtxPEEwbJ4m64KLPoZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MDc5MjQyNzE5Yjc3MzhiODNmNDkxNDdhYjFmNTgyOWY3
NzZhMTUwHhcNMjYwMzI2MTEwMTA2WhcNMjYwMzI3MTEwMTA2WjAzMTEwLwYDVQQD
EygwMDRlMzZkYzMwODdiOWI3MWM5OTg5ZDEyMGNhYjE2NzY0MmU3YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKZMu4siARs1yRh4KutbvLCA1W2L
+Y00Lvv80UYy8+snSyF26fyPoPt5NCD0zhv85fVFluL+J7haa6W7WzF1ZSx8O+nR
fwVeI95ZFjbuIqGSXlR9mTGssgBoB5TPzGtJde0ZdfU/A+HpIt3+NOOLVxr1iy00
vsoBCg8XACrIai0KjSq4KZUYlxd/SFZzN/iFhFJXXR8NvTIbScDHG9dDLmZBJ8gE
N6BRxrEFoEf8RZr+gIwC0cKioC+GjoMk/VO4qhlypgoAOXVBtT9cuwe7t19PC0f8
TK+Swu/yBlAg75Wf402d6yJem/wYVa5Ho3QZNpcV1cE2ecQaLw3TuyMzAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABONtwwh7m3HJmJ0SDKsWdkLnwEMB8GA1UdIwQY
MBaAFOcHkkJxm3c4uD9JFHqx9YKfd2oVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYTU5YzktMTQ0Ni00Nzc5LWJlMGEt
ZDUwZjI5MzA4NDY0LzEvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYTU5YzktMTQ0Ni00Nzc5LWJlMGEtZDUwZjI5MzA4NDY0
LzEvNXdlU1FuR2Jkemk0UDBrVWVySDFncDkzYWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFH0ltcPp
jRnJN2Toeg/nZICOhyBD+gdT5cl5QXoba14SIRGCloQy+noA1wS/bFYQfbxkhrw9
xSHT5/6uo0TjaPn0h189HtlDzbhTYrH10x2X0nPraGgbsRKbewkCZwugrqqloJ8Y
5kGR295wWP+8mgN0irqy/AEk3e5vA65d6iGsSCgtRtMp5PRHsaNSF/Dz3wd0t0vr
iRkJJNzHnMZ27prEbiU0sUryI1oxDaWKm8awjs8v+5JrkNTCdvGlOyPt2N27WMjk
GESsMo+fPzfBh3llPQ8+Dew0dachRpjbxqElPc+hEK1pi7mtjM+UA2DN2ehshOw9
maLtQ0r7PtgEIA==
-----END CERTIFICATE-----