Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          m6/aYIkyMm9YaKCKBJZp4mxBbDC7quqXrsyJI/oPKLY=
Subject key identifier:   20:A9:00:2F:5B:83:69:EC:8E:B1:AE:90:51:AE:C5:C1:B9:2E:1C:E0
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       019D2A3B5BDD104EDC8B1DF541BAACF74108
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          1886
Signing time:             Thu 26 Mar 2026 13:00:26 +0000
Manifest this update:     Thu 26 Mar 2026 13:00:26 +0000
Manifest next update:     Fri 27 Mar 2026 13:00:26 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: 5Y67O8X/YG6/idB1fwCaZDdXY6S4PgVPzoGR43W7lR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3b:5b:dd:10:4e:dc:8b:1d:f5:41:ba:ac:f7:41:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Mar 26 13:00:26 2026 GMT
            Not After : Mar 27 13:00:26 2026 GMT
        Subject: CN=20a9002f5b8369ec8eb1ae9051aec5c1b92e1ce0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b8:45:b4:88:cc:22:23:de:e0:d0:a4:fb:fe:
                    0b:9c:34:e9:87:30:8b:e1:cf:a6:55:84:e2:38:5c:
                    ae:05:33:79:8b:b9:a5:7f:01:d1:04:97:bd:53:35:
                    8e:e1:7f:7a:af:b1:9f:6c:1f:24:10:f1:9b:88:da:
                    d0:db:f4:53:21:d6:a5:2b:94:45:43:36:04:90:7e:
                    29:08:cd:00:15:e2:86:95:1b:98:54:71:4b:0f:55:
                    c2:d9:28:09:68:77:98:ac:2a:d4:7b:33:1d:3e:3c:
                    6e:e0:82:55:12:04:ce:84:70:9d:0c:91:66:0a:a9:
                    63:1f:9c:a7:0a:cb:e6:dc:6e:5a:b4:fa:d8:46:de:
                    e8:1c:c9:35:fc:be:a5:2f:c7:ca:0d:5a:40:ad:5c:
                    c4:cf:ad:45:75:96:fe:92:7f:62:b4:8e:10:f2:75:
                    69:47:eb:83:38:35:12:eb:c1:5a:98:63:c2:5b:c6:
                    71:5b:e2:d3:47:a6:39:b1:de:3a:6d:86:c1:d2:26:
                    91:a2:51:2b:4b:f0:15:51:49:39:b9:1b:b6:86:54:
                    82:24:28:a7:cc:6d:95:51:c5:f1:d3:cf:af:0b:fc:
                    c5:be:8e:23:b5:9e:83:82:bc:f0:1e:1c:8c:ff:5d:
                    92:dd:d3:ef:ec:11:59:30:44:40:45:9d:a8:e5:29:
                    fb:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:A9:00:2F:5B:83:69:EC:8E:B1:AE:90:51:AE:C5:C1:B9:2E:1C:E0
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:fc:6f:6e:fc:3d:a2:2b:88:c6:ec:dd:ca:98:4c:6f:ac:8f:
         56:a3:69:d6:ae:08:9b:a4:a0:de:9e:85:70:df:04:84:7f:22:
         cf:bc:11:e0:a9:5c:05:8a:85:62:83:dd:d4:1d:2d:4b:b7:fc:
         cb:6b:d5:b4:0a:17:9c:a2:58:96:b7:15:3f:02:f9:db:13:9c:
         54:6a:20:bb:23:d3:5e:ef:f0:5f:9d:44:e6:2a:b5:32:2b:b6:
         06:ce:69:99:78:47:05:4d:79:3a:ab:55:a9:e8:4b:f4:09:70:
         67:79:77:d4:12:77:06:af:f3:af:68:a1:ed:70:69:b8:db:b5:
         3b:df:57:41:62:54:bf:f5:81:f0:54:8f:9f:48:d7:ee:3a:a6:
         48:24:02:83:da:35:73:4f:f8:1e:e5:0f:1f:dc:46:26:65:81:
         cb:f2:d7:73:28:23:3a:b2:79:c1:13:a4:90:01:3d:9c:16:d0:
         01:04:58:3e:5a:4f:21:e6:cd:48:ac:6e:7d:40:5b:54:88:3f:
         eb:25:f6:f0:d3:0e:5f:11:0a:e2:97:0a:aa:f4:c6:60:60:87:
         4a:e4:de:4c:df:f1:dc:b9:c0:3d:7f:72:02:7e:16:b2:1b:59:
         2a:a6:87:0e:b0:bf:d7:3e:88:84:a4:7f:62:a2:44:99:0c:ab:
         12:7f:65:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO1vdEE7cix31Qbqs90EIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjYwMzI2MTMwMDI2WhcNMjYwMzI3MTMwMDI2WjAzMTEwLwYDVQQD
EygyMGE5MDAyZjViODM2OWVjOGViMWFlOTA1MWFlYzVjMWI5MmUxY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7hFtIjMIiPe4NCk+/4LnDTphzCL
4c+mVYTiOFyuBTN5i7mlfwHRBJe9UzWO4X96r7GfbB8kEPGbiNrQ2/RTIdalK5RF
QzYEkH4pCM0AFeKGlRuYVHFLD1XC2SgJaHeYrCrUezMdPjxu4IJVEgTOhHCdDJFm
CqljH5ynCsvm3G5atPrYRt7oHMk1/L6lL8fKDVpArVzEz61FdZb+kn9itI4Q8nVp
R+uDODUS68FamGPCW8ZxW+LTR6Y5sd46bYbB0iaRolErS/AVUUk5uRu2hlSCJCin
zG2VUcXx08+vC/zFvo4jtZ6DgrzwHhyM/12S3dPv7BFZMERARZ2o5Sn7HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCpAC9bg2nsjrGukFGuxcG5LhzgMB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbvxvbvw9
oiuIxuzdyphMb6yPVqNp1q4Im6Sg3p6FcN8EhH8iz7wR4KlcBYqFYoPd1B0tS7f8
y2vVtAoXnKJYlrcVPwL52xOcVGoguyPTXu/wX51E5iq1Miu2Bs5pmXhHBU15OqtV
qehL9AlwZ3l31BJ3Bq/zr2ih7XBpuNu1O99XQWJUv/WB8FSPn0jX7jqmSCQCg9o1
c0/4HuUPH9xGJmWBy/LXcygjOrJ5wROkkAE9nBbQAQRYPlpPIebNSKxufUBbVIg/
6yX28NMOXxEK4pcKqvTGYGCHSuTeTN/x3LnAPX9yAn4WshtZKqaHDrC/1z6IhKR/
YqJEmQyrEn9l7Q==
-----END CERTIFICATE-----