Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
File:                     bUmIt5OIS3moT-NFY9A581RsGF8.mft (raw, json)
Hash identifier:          2evlTQrmz3//Dr1kaQFxUPNxtVdYKeAKv0ItuDhxLrY=
Subject key identifier:   84:1A:6B:5D:7F:02:04:56:E0:D0:14:11:BD:9D:E6:85:15:B9:00:28
Authority key identifier: 6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F
Certificate issuer:       /CN=6d4988b793884b79a84fe34563d039f3546c185f
Certificate serial:       019D277213A6DA25BCA17A5913127EA82CDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
Manifest number:          024A
Signing time:             Thu 26 Mar 2026 00:01:20 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:20 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:20 +0000
Files and hashes:         1: bUmIt5OIS3moT-NFY9A581RsGF8.crl (hash: LOYZAYVSzfdJSeILb2PIcRFKOZisp+aYo0r846cIXlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:13:a6:da:25:bc:a1:7a:59:13:12:7e:a8:2c:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d4988b793884b79a84fe34563d039f3546c185f
        Validity
            Not Before: Mar 26 00:01:20 2026 GMT
            Not After : Mar 27 00:01:20 2026 GMT
        Subject: CN=841a6b5d7f020456e0d01411bd9de68515b90028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:86:56:2d:77:68:6e:d8:1f:e9:b3:43:55:30:
                    52:01:94:cb:a7:a9:fe:a4:fa:5d:3a:85:7d:da:ef:
                    fc:a5:50:72:1b:fe:82:4a:0e:04:a0:47:6a:45:db:
                    26:d2:39:6f:95:d5:4c:52:4d:b0:64:b5:c2:b0:d7:
                    21:e7:99:03:58:e9:44:30:da:9a:f9:8b:ed:31:65:
                    7a:8c:c3:a5:b3:4b:0a:eb:d4:de:e4:2d:5b:86:1e:
                    af:5a:81:d0:9d:2d:bc:ea:ad:b2:a0:e5:5c:73:45:
                    d8:81:32:89:58:f5:15:66:9c:65:18:5b:52:c7:03:
                    8a:e8:bc:2a:db:cb:01:dc:87:76:db:4d:e0:2a:53:
                    2c:23:06:6f:92:72:22:f7:63:5d:72:41:26:7b:f3:
                    67:a7:6f:0a:f6:a1:bc:89:6f:82:65:5a:97:78:dd:
                    7e:7e:b7:f1:1e:e7:03:97:cb:61:45:ad:05:0c:d7:
                    b7:98:66:58:9e:7b:fc:8a:1d:92:f1:a9:24:2f:86:
                    8f:75:44:23:7a:74:f7:80:00:f1:94:75:a8:36:1c:
                    1c:17:09:57:d4:bc:4c:37:dc:68:77:91:a0:9b:84:
                    f3:53:e6:88:1f:ab:45:9e:29:bb:c4:1f:ae:b5:6f:
                    0f:57:6c:9f:8e:b7:36:1e:7b:59:2d:9b:ef:8b:ac:
                    17:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:1A:6B:5D:7F:02:04:56:E0:D0:14:11:BD:9D:E6:85:15:B9:00:28
            X509v3 Authority Key Identifier:
                keyid:6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:08:aa:45:df:2e:e9:19:7f:95:c4:a3:2e:3c:fa:95:42:17:
         e2:6c:b0:0f:bb:cd:76:8e:e7:fd:9b:cc:c2:10:9c:07:00:3c:
         ba:ae:80:8d:c5:ef:ae:70:6f:5f:c9:14:65:92:89:87:13:78:
         3a:9f:8c:10:19:a8:b1:9c:80:e1:cf:39:0f:95:f6:a8:1d:5a:
         cb:9b:9d:8a:e3:db:31:2b:fc:65:84:0e:42:81:a3:91:00:9e:
         b5:90:6f:e2:bf:bd:24:76:6d:6a:4b:85:45:bf:d7:56:33:f2:
         3b:37:e8:b2:74:55:84:5a:e3:88:8b:8d:94:90:71:37:e4:96:
         f4:15:49:89:06:4d:4f:ab:57:4f:92:fd:00:60:5f:b9:06:d0:
         86:63:0f:55:fb:72:92:8d:cd:2f:ad:9e:34:15:44:95:1e:80:
         3c:ba:8a:d3:3d:52:dc:37:10:cc:e1:33:99:10:3a:73:a8:56:
         49:2c:b3:20:d3:48:91:83:8c:08:fa:ae:40:ff:bf:b8:55:3c:
         cc:3c:65:c9:25:91:c1:a1:d3:47:89:f9:70:2b:fa:cb:f2:c3:
         46:8f:9c:1c:2c:df:04:83:e5:4e:88:8b:8a:4a:18:db:be:15:
         40:3e:54:05:3c:21:43:4f:c0:a6:d6:ef:b6:67:e1:e4:73:54:
         c8:7a:9d:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nchOm2iW8oXpZExJ+qCzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNDk4OGI3OTM4ODRiNzlhODRmZTM0NTYzZDAzOWYzNTQ2
YzE4NWYwHhcNMjYwMzI2MDAwMTIwWhcNMjYwMzI3MDAwMTIwWjAzMTEwLwYDVQQD
Eyg4NDFhNmI1ZDdmMDIwNDU2ZTBkMDE0MTFiZDlkZTY4NTE1YjkwMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYZWLXdobtgf6bNDVTBSAZTLp6n+
pPpdOoV92u/8pVByG/6CSg4EoEdqRdsm0jlvldVMUk2wZLXCsNch55kDWOlEMNqa
+YvtMWV6jMOls0sK69Te5C1bhh6vWoHQnS286q2yoOVcc0XYgTKJWPUVZpxlGFtS
xwOK6Lwq28sB3Id2203gKlMsIwZvknIi92NdckEme/Nnp28K9qG8iW+CZVqXeN1+
frfxHucDl8thRa0FDNe3mGZYnnv8ih2S8akkL4aPdUQjenT3gADxlHWoNhwcFwlX
1LxMN9xod5Ggm4TzU+aIH6tFnim7xB+utW8PV2yfjrc2HntZLZvvi6wXqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQaa11/AgRW4NAUEb2d5oUVuQAoMB8GA1UdIwQY
MBaAFG1JiLeTiEt5qE/jRWPQOfNUbBhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODIt
MDkwM2VlN2MxOTAyLzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODItMDkwM2VlN2MxOTAy
LzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVwiqRd8u
6Rl/lcSjLjz6lUIX4mywD7vNdo7n/ZvMwhCcBwA8uq6AjcXvrnBvX8kUZZKJhxN4
Op+MEBmosZyA4c85D5X2qB1ay5udiuPbMSv8ZYQOQoGjkQCetZBv4r+9JHZtakuF
Rb/XVjPyOzfosnRVhFrjiIuNlJBxN+SW9BVJiQZNT6tXT5L9AGBfuQbQhmMPVfty
ko3NL62eNBVElR6APLqK0z1S3DcQzOEzmRA6c6hWSSyzINNIkYOMCPquQP+/uFU8
zDxlySWRwaHTR4n5cCv6y/LDRo+cHCzfBIPlToiLikoY274VQD5UBTwhQ0/Aptbv
tmfh5HNUyHqdgw==
-----END CERTIFICATE-----