Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          HFVj5+Q62vyxdix7ubLJ4g0xm1w6g0wXlZSKvbEWrOE=
Subject key identifier:   86:C4:C2:34:02:47:36:FF:9F:8D:F4:98:52:10:77:4F:8D:24:FE:DC
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       019D27046B2B1E9351FC51180C1AC5757F72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          04C3
Signing time:             Wed 25 Mar 2026 22:01:34 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:34 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:34 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: 8TnKInp2CWY4vysPjTe9H8RgNJsOJs5DPZPx8VwXCVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:6b:2b:1e:93:51:fc:51:18:0c:1a:c5:75:7f:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Mar 25 22:01:34 2026 GMT
            Not After : Mar 26 22:01:34 2026 GMT
        Subject: CN=86c4c234024736ff9f8df4985210774f8d24fedc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:76:65:fa:2b:10:e9:ba:b7:2e:f7:14:49:4b:
                    31:f0:f8:39:60:99:ee:cc:84:bb:1d:46:35:ce:5e:
                    6b:25:14:de:85:5d:5b:bb:ab:6b:f6:de:da:f6:e9:
                    96:2a:2c:f3:a2:93:23:8c:50:68:46:f8:70:58:46:
                    1b:c1:05:8b:93:3e:33:76:f9:75:3d:f8:74:38:6b:
                    d4:f4:9c:00:86:36:9d:ba:38:40:2d:be:67:c4:2e:
                    b1:6d:b6:96:55:77:cc:c9:fc:af:f7:53:9a:58:bb:
                    83:3d:c4:b6:64:bc:4b:6b:0c:f0:09:20:ad:c5:1d:
                    18:ed:e7:02:68:26:df:a8:4e:77:7d:46:2c:ec:40:
                    6b:ba:56:23:7a:20:40:ab:ce:cb:0b:7d:dd:75:07:
                    bf:a2:fa:2e:05:a9:02:83:51:19:07:01:c3:97:ef:
                    8c:31:8d:03:05:4c:3c:3b:73:34:89:28:28:2d:c4:
                    61:48:2f:02:37:bf:1d:14:e4:f5:d9:f8:88:e9:c3:
                    ef:19:5c:eb:a8:25:a5:6b:ba:b4:a3:95:3f:72:f5:
                    b8:b6:0d:b8:45:60:14:dd:86:ac:ee:c0:b6:0f:6e:
                    43:a9:e4:61:83:47:5e:99:f3:fb:91:b4:bf:d6:ba:
                    a1:b8:59:82:2c:35:82:2a:9f:fd:6f:94:8e:9c:52:
                    02:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C4:C2:34:02:47:36:FF:9F:8D:F4:98:52:10:77:4F:8D:24:FE:DC
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:05:e8:fd:a8:4a:cb:66:27:53:16:88:66:c1:36:22:d1:29:
         3a:df:f2:47:4b:5e:7a:e2:99:7d:3f:7b:37:83:9f:53:ac:bc:
         df:ca:ad:17:d6:4c:96:61:d3:ef:0e:cb:2a:36:dc:3f:d2:6d:
         df:2e:03:e0:f0:cc:59:a1:2d:99:1c:47:80:90:46:d0:2f:d7:
         b0:be:09:f7:23:3f:d2:36:f5:69:0e:ff:4b:71:b2:b1:b6:43:
         aa:26:4e:37:13:67:81:48:4f:cc:d2:e1:8e:56:d6:96:e5:17:
         b9:e5:5b:06:6b:fd:b0:bf:34:ec:c9:61:b8:b1:e9:e5:e2:3d:
         23:8f:67:e8:68:74:12:d5:0e:b4:ea:b5:5f:1c:e3:2d:40:f3:
         1f:9e:87:e0:49:f3:15:36:57:66:fc:e8:0c:a4:25:55:51:70:
         00:bd:84:45:6c:a4:c9:6c:8f:26:a3:fb:dc:64:31:f8:36:58:
         ad:46:5a:79:24:2d:6a:ae:30:09:d3:21:87:cc:95:49:32:d9:
         fd:42:29:5e:eb:0d:d2:6d:c1:e5:e5:4d:72:24:09:eb:ae:cf:
         81:ae:80:01:8e:06:35:ed:63:36:bf:57:e1:8d:8f:cd:f6:a5:
         0a:0e:ee:75:1f:00:9a:35:63:64:32:e6:fe:a1:a7:82:4e:88:
         fd:bb:76:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBGsrHpNR/FEYDBrFdX9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjYwMzI1MjIwMTM0WhcNMjYwMzI2MjIwMTM0WjAzMTEwLwYDVQQD
Eyg4NmM0YzIzNDAyNDczNmZmOWY4ZGY0OTg1MjEwNzc0ZjhkMjRmZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnZl+isQ6bq3LvcUSUsx8Pg5YJnu
zIS7HUY1zl5rJRTehV1bu6tr9t7a9umWKizzopMjjFBoRvhwWEYbwQWLkz4zdvl1
Pfh0OGvU9JwAhjadujhALb5nxC6xbbaWVXfMyfyv91OaWLuDPcS2ZLxLawzwCSCt
xR0Y7ecCaCbfqE53fUYs7EBrulYjeiBAq87LC33ddQe/ovouBakCg1EZBwHDl++M
MY0DBUw8O3M0iSgoLcRhSC8CN78dFOT12fiI6cPvGVzrqCWla7q0o5U/cvW4tg24
RWAU3Yas7sC2D25DqeRhg0demfP7kbS/1rqhuFmCLDWCKp/9b5SOnFICHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbEwjQCRzb/n430mFIQd0+NJP7cMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQXo/ahK
y2YnUxaIZsE2ItEpOt/yR0teeuKZfT97N4OfU6y838qtF9ZMlmHT7w7LKjbcP9Jt
3y4D4PDMWaEtmRxHgJBG0C/XsL4J9yM/0jb1aQ7/S3GysbZDqiZONxNngUhPzNLh
jlbWluUXueVbBmv9sL807MlhuLHp5eI9I49n6Gh0EtUOtOq1XxzjLUDzH56H4Enz
FTZXZvzoDKQlVVFwAL2ERWykyWyPJqP73GQx+DZYrUZaeSQtaq4wCdMhh8yVSTLZ
/UIpXusN0m3B5eVNciQJ667Pga6AAY4GNe1jNr9X4Y2PzfalCg7udR8AmjVjZDLm
/qGngk6I/bt2Hg==
-----END CERTIFICATE-----