Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          L3pgb6x0eY193OI1oJHmYFjjXdFpvwel252/muViQdU=
Subject key identifier:   44:FD:C8:DB:89:BB:A4:F1:A8:47:D8:70:CF:26:40:64:BC:3D:10:48
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019E1D912CD8FE459CE2FE20C6FEA9FA9C1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          1237
Signing time:             Tue 12 May 2026 19:01:53 +0000
Manifest this update:     Tue 12 May 2026 19:01:53 +0000
Manifest next update:     Wed 13 May 2026 19:01:53 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: rB9rqiiM3+e2/ZzQ2s5sOVAB5f1BtRgBf118DUALdG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:91:2c:d8:fe:45:9c:e2:fe:20:c6:fe:a9:fa:9c:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: May 12 19:01:53 2026 GMT
            Not After : May 13 19:01:53 2026 GMT
        Subject: CN=44fdc8db89bba4f1a847d870cf264064bc3d1048
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ea:32:97:a2:e2:58:41:21:40:46:44:72:d3:
                    a7:2c:47:4b:06:8d:79:ba:f8:1e:89:2f:6b:7d:a2:
                    f4:2f:0c:3e:ec:ca:f3:07:57:0a:d0:cb:ef:95:92:
                    30:0d:88:e2:4e:58:06:b6:fb:ed:d1:53:c7:1b:6a:
                    d1:a0:a2:45:ff:2e:24:fd:4b:51:0e:d3:cd:d1:af:
                    75:a5:3e:09:53:1a:3b:bc:0e:ea:10:02:85:e7:08:
                    11:97:fd:02:e9:08:14:7a:72:3c:1b:32:d6:90:3e:
                    e2:47:43:f1:00:8a:1c:96:48:d9:10:3e:f6:72:b6:
                    db:d2:33:52:1f:a7:c5:1d:73:ed:84:00:68:13:99:
                    6e:c8:90:d8:59:a5:06:28:9c:e6:51:ac:48:3f:8a:
                    ab:eb:f2:52:e5:1c:2d:12:e6:1c:ff:59:43:78:1b:
                    7d:8f:9a:d0:ed:66:52:fc:98:7d:b2:a4:fd:4b:1b:
                    68:a5:d3:15:b8:a8:2b:7d:a3:88:80:1a:3d:ba:d0:
                    a8:60:d5:06:05:b9:c2:72:af:0b:f0:1a:2c:f1:77:
                    5b:2c:38:3f:81:58:4f:47:5e:68:f2:8f:3d:44:4a:
                    71:f9:fc:d9:d5:8d:94:fc:22:0e:ad:09:4d:48:76:
                    42:7f:69:47:34:6f:ce:92:66:32:0c:5d:b2:04:27:
                    7d:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:FD:C8:DB:89:BB:A4:F1:A8:47:D8:70:CF:26:40:64:BC:3D:10:48
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:dd:58:9e:4e:9d:6b:a3:85:52:c5:30:f1:9a:86:34:ed:36:
         33:13:16:71:6b:dd:92:4d:1a:7d:f2:c9:f0:c5:d5:9b:a9:e3:
         ab:34:c0:ad:41:ce:f5:13:77:8a:8e:cb:53:61:e1:03:68:c1:
         8c:8c:9b:20:db:36:78:21:77:93:1d:29:62:33:a1:94:0c:f8:
         21:f3:35:4b:12:85:06:1b:b2:36:54:21:b4:67:03:fc:b2:98:
         c4:30:09:0f:11:b4:0f:85:e0:38:ff:e7:27:92:f6:c0:71:ec:
         b4:0b:80:76:30:b8:36:61:68:b6:d1:92:0f:63:aa:a5:f4:f0:
         bf:b4:41:c4:bc:5b:92:11:49:2c:91:0f:34:23:6f:84:4e:31:
         53:43:0d:01:b2:b2:6a:59:31:9b:31:f3:25:47:a7:aa:2c:92:
         79:c3:8c:23:5e:f1:a8:4e:ae:89:bc:3e:4f:b2:4c:0b:9b:8b:
         e5:79:fd:d5:4f:6a:05:0d:bf:e8:6a:c3:61:e9:4b:a9:93:f7:
         b7:00:c0:32:68:c1:2c:00:30:96:38:6e:0b:b9:0c:13:3c:5f:
         f9:8f:9f:53:b7:7f:9c:d2:fe:0b:c7:0f:c2:0f:1c:4d:92:e6:
         65:3f:dc:e5:13:f2:b9:d4:b9:bd:b9:5e:af:86:19:b9:e3:aa:
         b2:f0:71:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkSzY/kWc4v4gxv6p+pwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwNTEyMTkwMTUzWhcNMjYwNTEzMTkwMTUzWjAzMTEwLwYDVQQD
Eyg0NGZkYzhkYjg5YmJhNGYxYTg0N2Q4NzBjZjI2NDA2NGJjM2QxMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteoyl6LiWEEhQEZEctOnLEdLBo15
uvgeiS9rfaL0Lww+7MrzB1cK0MvvlZIwDYjiTlgGtvvt0VPHG2rRoKJF/y4k/UtR
DtPN0a91pT4JUxo7vA7qEAKF5wgRl/0C6QgUenI8GzLWkD7iR0PxAIoclkjZED72
crbb0jNSH6fFHXPthABoE5luyJDYWaUGKJzmUaxIP4qr6/JS5RwtEuYc/1lDeBt9
j5rQ7WZS/Jh9sqT9SxtopdMVuKgrfaOIgBo9utCoYNUGBbnCcq8L8Bos8XdbLDg/
gVhPR15o8o89REpx+fzZ1Y2U/CIOrQlNSHZCf2lHNG/OkmYyDF2yBCd9+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFET9yNuJu6TxqEfYcM8mQGS8PRBIMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAct1Ynk6d
a6OFUsUw8ZqGNO02MxMWcWvdkk0affLJ8MXVm6njqzTArUHO9RN3io7LU2HhA2jB
jIybINs2eCF3kx0pYjOhlAz4IfM1SxKFBhuyNlQhtGcD/LKYxDAJDxG0D4XgOP/n
J5L2wHHstAuAdjC4NmFottGSD2OqpfTwv7RBxLxbkhFJLJEPNCNvhE4xU0MNAbKy
alkxmzHzJUenqiySecOMI17xqE6uibw+T7JMC5uL5Xn91U9qBQ2/6GrDYelLqZP3
twDAMmjBLAAwljhuC7kMEzxf+Y+fU7d/nNL+C8cPwg8cTZLmZT/c5RPyudS5vble
r4YZueOqsvBxBQ==
-----END CERTIFICATE-----