Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          lbJMV49N67t7OH0zITyu4Yer8bC31JA0PU2osHcZe6g=
Subject key identifier:   58:19:7C:90:25:40:57:F5:88:36:2A:9A:49:73:54:F3:EE:C1:12:F7
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       019D28F30B6D5F3034CE2AF369220F182EE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          0473
Signing time:             Thu 26 Mar 2026 07:01:49 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:49 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:49 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: G++gCBZEht6yg4Pnhmkt6LZNirmTnBYNhhID7UfkArs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:0b:6d:5f:30:34:ce:2a:f3:69:22:0f:18:2e:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Mar 26 07:01:49 2026 GMT
            Not After : Mar 27 07:01:49 2026 GMT
        Subject: CN=58197c90254057f588362a9a497354f3eec112f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c0:cc:6d:43:10:26:9f:d7:f6:7b:f3:f3:e0:
                    1b:e8:ce:6e:ad:90:6d:30:f6:91:80:6a:c0:28:77:
                    a3:ce:0a:6e:6a:18:8a:93:b5:00:5b:97:91:dd:04:
                    51:8a:af:04:61:08:23:4a:54:4d:79:e5:1b:64:62:
                    19:44:56:41:b8:76:18:c3:5d:14:d6:52:a2:bc:03:
                    ff:76:02:d7:4d:2a:d9:03:99:d4:c3:5b:05:94:4f:
                    0d:8e:ed:b2:0e:cc:a0:02:72:ce:40:04:d4:88:90:
                    d6:10:81:83:3c:e0:c9:54:fb:5d:ca:bb:ed:db:58:
                    12:ec:11:b3:04:19:b2:c4:5d:1a:39:83:56:5c:ad:
                    ea:69:f0:0b:5d:1d:dc:3d:23:bb:47:49:94:3a:2e:
                    ef:50:72:30:35:4f:19:77:a9:5e:d1:aa:98:e3:86:
                    37:1f:60:49:39:b6:23:7d:1e:f6:54:5e:2e:a6:51:
                    d3:06:be:38:a4:27:fd:77:95:65:d0:7e:e0:ea:36:
                    96:be:4c:58:3f:c4:1f:95:47:5c:fa:0d:dc:4c:ab:
                    51:6a:5f:db:f0:c2:0c:53:10:67:70:19:f8:e9:68:
                    54:91:22:68:4c:f6:ef:16:07:48:23:22:6b:07:d4:
                    f2:39:47:3e:37:0e:c6:7b:a4:e5:36:1d:0a:fb:a0:
                    95:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:19:7C:90:25:40:57:F5:88:36:2A:9A:49:73:54:F3:EE:C1:12:F7
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:ec:d5:e5:8a:dc:5a:97:7f:c6:ad:70:37:5c:81:74:66:c2:
         9a:fb:0a:bb:55:4e:07:1c:a0:74:03:ec:a0:4c:e9:11:b1:2a:
         a6:f0:ac:67:dc:a5:9a:9a:e4:7f:97:57:34:c7:a7:f8:08:65:
         63:9d:a3:82:2f:fa:a9:a7:22:ec:5c:65:45:bc:11:f0:3d:88:
         4a:d4:29:cb:12:ed:5b:4a:ee:0b:5f:2b:8f:18:30:0d:cf:ec:
         13:1f:3e:5c:5c:09:05:c6:1f:d0:81:8b:89:0a:4f:4e:39:95:
         d4:24:2f:20:4b:b9:21:7e:f3:12:01:00:37:a6:e8:be:f6:4f:
         97:32:41:89:e6:76:a5:00:7e:b7:a5:e6:9e:db:a0:a6:f6:54:
         e6:be:0c:93:70:b4:7d:36:bf:1e:af:fc:77:5e:f5:65:8d:d9:
         8a:2c:8b:5e:92:50:ec:40:f6:e5:ad:62:89:2e:d6:c5:1b:75:
         f9:87:e0:e4:50:bd:31:89:fc:bc:fe:e9:7e:a9:67:04:44:1b:
         5e:97:c0:88:bc:8e:88:eb:c9:5c:93:f8:a8:c7:4a:bf:02:82:
         b9:45:f1:8c:74:0e:23:6c:57:66:a2:2d:c9:06:94:f4:17:60:
         ad:eb:1c:26:4f:be:0d:c6:95:6c:91:3c:b5:fc:d1:aa:74:bc:
         ff:5b:75:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8wttXzA0zirzaSIPGC7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjYwMzI2MDcwMTQ5WhcNMjYwMzI3MDcwMTQ5WjAzMTEwLwYDVQQD
Eyg1ODE5N2M5MDI1NDA1N2Y1ODgzNjJhOWE0OTczNTRmM2VlYzExMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08DMbUMQJp/X9nvz8+Ab6M5urZBt
MPaRgGrAKHejzgpuahiKk7UAW5eR3QRRiq8EYQgjSlRNeeUbZGIZRFZBuHYYw10U
1lKivAP/dgLXTSrZA5nUw1sFlE8Nju2yDsygAnLOQATUiJDWEIGDPODJVPtdyrvt
21gS7BGzBBmyxF0aOYNWXK3qafALXR3cPSO7R0mUOi7vUHIwNU8Zd6le0aqY44Y3
H2BJObYjfR72VF4uplHTBr44pCf9d5Vl0H7g6jaWvkxYP8QflUdc+g3cTKtRal/b
8MIMUxBncBn46WhUkSJoTPbvFgdIIyJrB9TyOUc+Nw7Ge6TlNh0K+6CVowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgZfJAlQFf1iDYqmklzVPPuwRL3MB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQuzV5Yrc
Wpd/xq1wN1yBdGbCmvsKu1VOBxygdAPsoEzpEbEqpvCsZ9ylmprkf5dXNMen+Ahl
Y52jgi/6qaci7FxlRbwR8D2IStQpyxLtW0ruC18rjxgwDc/sEx8+XFwJBcYf0IGL
iQpPTjmV1CQvIEu5IX7zEgEAN6bovvZPlzJBieZ2pQB+t6XmntugpvZU5r4Mk3C0
fTa/Hq/8d171ZY3ZiiyLXpJQ7ED25a1iiS7WxRt1+Yfg5FC9MYn8vP7pfqlnBEQb
XpfAiLyOiOvJXJP4qMdKvwKCuUXxjHQOI2xXZqItyQaU9BdgrescJk++DcaVbJE8
tfzRqnS8/1t1Jg==
-----END CERTIFICATE-----