Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          Ky9bXUYxauy0oumYHNF1/QgRyNJIKpV6LIsafAq4ARQ=
Subject key identifier:   54:63:E8:3C:F9:6A:21:49:D8:68:43:47:10:2A:98:FD:B6:21:80:B1
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       019D2960FA5791F4555B0CA81E57ABC6E705
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          0B39
Signing time:             Thu 26 Mar 2026 09:01:54 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:54 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:54 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: vS8EhKsFHa2XnvEnHcIrh5gjzZQ5Jw6TJ7vHsLK2Qis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:fa:57:91:f4:55:5b:0c:a8:1e:57:ab:c6:e7:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Mar 26 09:01:54 2026 GMT
            Not After : Mar 27 09:01:54 2026 GMT
        Subject: CN=5463e83cf96a2149d8684347102a98fdb62180b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:19:23:ea:7a:0c:cf:1f:c1:cd:61:70:94:ba:
                    9e:19:80:a6:1d:05:53:10:42:99:9a:e8:cc:27:a5:
                    71:63:0a:ab:53:f4:6e:05:00:64:40:38:24:18:e4:
                    d1:d8:f5:d6:99:e1:96:04:d4:51:81:d7:25:68:0f:
                    8c:51:96:a0:1e:a4:6e:cf:1f:39:24:7a:6b:b3:e0:
                    4f:9f:89:3f:58:2d:44:cf:49:db:f5:b3:ae:4b:04:
                    87:61:bd:9b:bb:55:dd:28:fe:c2:08:b9:1b:4f:84:
                    81:5b:28:82:c4:80:fa:04:91:3a:b0:47:aa:b4:f2:
                    92:86:8d:3e:96:1a:5c:47:5d:95:dd:e3:ce:ea:9e:
                    e7:c2:8e:41:30:64:57:5a:b7:d4:a1:fd:cb:d5:7a:
                    0b:55:bf:c9:ee:46:92:31:3b:46:00:be:ce:54:f6:
                    1b:cc:ee:50:dc:a1:51:92:59:39:af:36:e8:07:8d:
                    32:a9:51:ba:e8:77:60:b4:b8:fc:91:9f:22:12:16:
                    e1:b3:89:b4:0c:f4:65:1a:b6:8b:42:4a:40:22:d6:
                    1c:e4:cd:2f:a3:f2:14:61:2e:f5:b2:04:7b:a0:b4:
                    38:c9:fa:8f:50:4e:26:fc:b8:37:f6:9d:3f:cd:d8:
                    01:e8:6f:68:e5:07:4d:eb:0f:6e:69:3d:c2:cb:f0:
                    9a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:63:E8:3C:F9:6A:21:49:D8:68:43:47:10:2A:98:FD:B6:21:80:B1
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:06:56:2c:ca:bc:c7:d5:03:2c:f3:4a:32:07:9f:ca:d9:8f:
         11:10:1a:4e:f7:b5:11:41:2c:13:b3:bb:1f:fd:0c:89:b3:34:
         54:8b:ef:ac:cf:80:7a:34:0c:ba:06:92:e6:27:a5:dd:7d:7f:
         dd:27:5c:96:b4:24:bd:37:79:22:7c:8f:46:93:97:41:e6:01:
         6c:e2:f6:4b:2a:6e:95:b6:aa:db:56:55:22:9a:b8:a2:df:83:
         64:64:ea:c9:1b:68:38:c7:c3:a1:f3:e4:d9:df:0f:d3:41:66:
         7e:d8:37:ee:90:2a:ae:cf:72:70:cb:e1:1a:24:b2:51:1b:82:
         82:21:46:5b:2f:93:c7:4f:51:42:a6:5a:3f:ef:a5:5e:4f:ca:
         3e:a0:99:6d:61:44:40:41:cc:ac:a6:07:92:fd:1a:76:ec:fd:
         ca:97:5b:c9:a0:46:8c:1c:ae:87:82:8b:53:f1:ec:48:fe:2e:
         a7:44:3f:d0:56:c1:c2:fb:e3:2d:5b:76:9d:f1:01:29:ea:60:
         46:cc:9c:59:04:8a:be:07:e0:2e:86:54:59:a6:ae:7e:82:7e:
         12:66:61:77:ac:24:fe:d8:22:d1:1c:b6:dd:20:d6:64:be:c3:
         8d:dc:09:63:0e:1c:17:e3:49:0e:a7:42:5f:c8:70:68:ff:25:
         02:5e:70:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYPpXkfRVWwyoHlerxucFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjYwMzI2MDkwMTU0WhcNMjYwMzI3MDkwMTU0WjAzMTEwLwYDVQQD
Eyg1NDYzZTgzY2Y5NmEyMTQ5ZDg2ODQzNDcxMDJhOThmZGI2MjE4MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhkj6noMzx/BzWFwlLqeGYCmHQVT
EEKZmujMJ6VxYwqrU/RuBQBkQDgkGOTR2PXWmeGWBNRRgdclaA+MUZagHqRuzx85
JHprs+BPn4k/WC1Ez0nb9bOuSwSHYb2bu1XdKP7CCLkbT4SBWyiCxID6BJE6sEeq
tPKSho0+lhpcR12V3ePO6p7nwo5BMGRXWrfUof3L1XoLVb/J7kaSMTtGAL7OVPYb
zO5Q3KFRklk5rzboB40yqVG66HdgtLj8kZ8iEhbhs4m0DPRlGraLQkpAItYc5M0v
o/IUYS71sgR7oLQ4yfqPUE4m/Lg39p0/zdgB6G9o5QdN6w9uaT3Cy/CakQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRj6Dz5aiFJ2GhDRxAqmP22IYCxMB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQZWLMq8
x9UDLPNKMgefytmPERAaTve1EUEsE7O7H/0MibM0VIvvrM+AejQMugaS5iel3X1/
3SdclrQkvTd5InyPRpOXQeYBbOL2Sypulbaq21ZVIpq4ot+DZGTqyRtoOMfDofPk
2d8P00Fmftg37pAqrs9ycMvhGiSyURuCgiFGWy+Tx09RQqZaP++lXk/KPqCZbWFE
QEHMrKYHkv0aduz9ypdbyaBGjByuh4KLU/HsSP4up0Q/0FbBwvvjLVt2nfEBKepg
RsycWQSKvgfgLoZUWaaufoJ+EmZhd6wk/tgi0Ry23SDWZL7DjdwJYw4cF+NJDqdC
X8hwaP8lAl5wJw==
-----END CERTIFICATE-----