Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          LOAUn0ZgX05UVM+2zumDSM0tY9UXul14o9mAUu6TFD0=
Subject key identifier:   B4:A3:83:14:AA:45:BA:98:5A:4E:86:9A:1B:31:13:86:0C:A6:13:21
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       019D2AE03E6388C558F403DBEDEA46B55E5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          05DC
Signing time:             Thu 26 Mar 2026 16:00:32 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:32 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:32 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: ugM01QwYX0CbbvKFNMs+EBfKXqJeAWx+y7EiiVJ9rQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:3e:63:88:c5:58:f4:03:db:ed:ea:46:b5:5e:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Mar 26 16:00:32 2026 GMT
            Not After : Mar 27 16:00:32 2026 GMT
        Subject: CN=b4a38314aa45ba985a4e869a1b3113860ca61321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ce:a4:57:a3:be:b7:a1:d9:59:ad:59:c8:f2:
                    ee:b9:f3:88:02:ee:04:70:00:66:b4:e1:1d:07:f5:
                    3e:63:37:d4:67:30:9e:1e:b3:60:46:1b:8e:65:65:
                    cc:bd:31:15:0f:f4:cc:4b:b1:a9:e8:32:31:16:54:
                    a6:60:0a:e7:5c:ba:1f:e7:af:b3:11:2a:02:16:78:
                    c3:ba:64:f3:c6:d0:8b:e8:27:6a:3f:2f:dc:ab:dd:
                    68:6b:65:db:f3:ae:ab:cd:f8:98:46:82:cf:57:fc:
                    fc:3a:55:89:ca:f8:bd:39:c4:14:87:bd:1a:89:4b:
                    98:b2:e2:95:66:9b:d0:4b:9b:aa:8f:1b:d8:a2:ea:
                    8f:d4:19:da:69:2a:b8:a0:0e:93:03:4a:50:df:e5:
                    9c:34:30:0b:d7:db:fc:8b:bd:d4:62:65:4f:4b:f6:
                    c4:fb:6a:78:ae:80:e0:31:a9:0c:27:d6:dd:b3:7c:
                    07:ca:06:43:ff:73:65:26:09:a0:a0:fe:e6:cb:89:
                    30:18:0f:16:95:f2:cd:6c:20:9b:11:88:5f:89:19:
                    84:a2:d5:ea:bc:f3:0c:77:80:56:60:ef:9f:6d:32:
                    16:21:c5:e7:f6:23:0d:03:a8:3c:57:d0:86:ad:fc:
                    a6:db:10:c0:bb:73:a7:fa:82:b8:1b:05:58:8b:1c:
                    6c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A3:83:14:AA:45:BA:98:5A:4E:86:9A:1B:31:13:86:0C:A6:13:21
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a4:f2:0b:0d:29:49:5d:11:18:be:b8:06:38:73:21:c7:36:
         58:d9:31:b4:16:58:7c:8e:85:f6:65:9d:f5:d9:b2:90:36:ae:
         8e:b1:ae:a1:c6:04:8f:ca:73:a5:4a:3c:64:95:5a:ea:68:13:
         5b:45:aa:8a:27:53:a3:f9:0f:12:ba:6a:34:0b:a6:6a:d8:29:
         47:e9:9a:54:7d:91:f0:ba:ce:9c:bd:18:8b:a9:c9:18:21:1b:
         c0:c0:87:66:8f:74:cc:f9:a4:e7:75:19:35:d8:c7:38:ce:2c:
         bd:4b:e4:5c:bc:21:54:28:28:bc:a3:87:7e:0c:67:5c:14:30:
         e7:e4:ef:33:a0:f9:ef:42:65:ac:0a:5a:3b:27:5d:3d:21:3b:
         55:00:50:16:7f:72:49:72:0e:19:60:35:12:ee:6e:10:cc:90:
         05:89:30:a4:12:73:a5:8e:8f:7d:76:8d:c7:58:5e:94:cd:11:
         7e:7f:ab:11:9c:fa:43:a2:42:ea:3a:75:9d:1d:60:a6:06:70:
         92:9a:e3:65:eb:c7:d1:70:bd:e4:01:4a:93:ce:3b:e7:13:c6:
         de:bb:a6:fa:4f:9a:09:c5:b5:41:c8:e7:04:ba:3c:6f:e6:d4:
         42:34:82:1a:56:d8:4f:c7:04:50:62:18:88:b3:9c:97:0c:34:
         e2:65:2f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4D5jiMVY9APb7epGtV5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjYwMzI2MTYwMDMyWhcNMjYwMzI3MTYwMDMyWjAzMTEwLwYDVQQD
EyhiNGEzODMxNGFhNDViYTk4NWE0ZTg2OWExYjMxMTM4NjBjYTYxMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6c6kV6O+t6HZWa1ZyPLuufOIAu4E
cABmtOEdB/U+YzfUZzCeHrNgRhuOZWXMvTEVD/TMS7Gp6DIxFlSmYArnXLof56+z
ESoCFnjDumTzxtCL6CdqPy/cq91oa2Xb866rzfiYRoLPV/z8OlWJyvi9OcQUh70a
iUuYsuKVZpvQS5uqjxvYouqP1BnaaSq4oA6TA0pQ3+WcNDAL19v8i73UYmVPS/bE
+2p4roDgMakMJ9bds3wHygZD/3NlJgmgoP7my4kwGA8WlfLNbCCbEYhfiRmEotXq
vPMMd4BWYO+fbTIWIcXn9iMNA6g8V9CGrfym2xDAu3On+oK4GwVYixxsqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSjgxSqRbqYWk6GmhsxE4YMphMhMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6TyCw0p
SV0RGL64BjhzIcc2WNkxtBZYfI6F9mWd9dmykDaujrGuocYEj8pzpUo8ZJVa6mgT
W0WqiidTo/kPErpqNAumatgpR+maVH2R8LrOnL0Yi6nJGCEbwMCHZo90zPmk53UZ
NdjHOM4svUvkXLwhVCgovKOHfgxnXBQw5+TvM6D570JlrApaOyddPSE7VQBQFn9y
SXIOGWA1Eu5uEMyQBYkwpBJzpY6PfXaNx1helM0Rfn+rEZz6Q6JC6jp1nR1gpgZw
kprjZevH0XC95AFKk8475xPG3rum+k+aCcW1QcjnBLo8b+bUQjSCGlbYT8cEUGIY
iLOclww04mUvJQ==
-----END CERTIFICATE-----