Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
File:                     5LDTQqkyMznAd8XGreEJO1pADyQ.mft (raw, json)
Hash identifier:          gpcOlIXLDRUztYPynr1+jOKXRMVPBpk1vtt65m2Bv0I=
Subject key identifier:   F1:57:95:F4:B7:25:17:D1:E2:A9:64:91:90:5F:13:B4:20:D8:23:32
Authority key identifier: E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24
Certificate issuer:       /CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
Certificate serial:       019D28846EE9EB010972DAD0787727455667
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
Manifest number:          04EB
Signing time:             Thu 26 Mar 2026 05:01:00 +0000
Manifest this update:     Thu 26 Mar 2026 05:01:00 +0000
Manifest next update:     Fri 27 Mar 2026 05:01:00 +0000
Files and hashes:         1: 5LDTQqkyMznAd8XGreEJO1pADyQ.crl (hash: 9sTIfpLgLxxI98uq9mAzGuq+IWWo1cYsXtil02PknpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:6e:e9:eb:01:09:72:da:d0:78:77:27:45:56:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d342a9323339c077c5c6ade1093b5a400f24
        Validity
            Not Before: Mar 26 05:01:00 2026 GMT
            Not After : Mar 27 05:01:00 2026 GMT
        Subject: CN=f15795f4b72517d1e2a96491905f13b420d82332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:af:97:ff:9a:79:72:15:be:09:6b:c7:fc:9e:
                    bb:50:dc:85:a0:54:92:29:83:5d:a5:82:43:57:ab:
                    31:8e:b2:01:cc:f4:28:b4:0c:6a:05:1f:d6:be:ea:
                    e8:bd:bc:54:51:f5:8f:64:78:31:9d:17:ce:69:8a:
                    f1:c5:7c:72:5a:c9:55:1b:b6:07:bf:30:0d:38:29:
                    c7:93:24:8b:5a:4c:bd:d3:60:6f:44:32:b8:b3:d8:
                    8d:c0:83:f3:9b:0d:b1:12:c5:30:a9:6d:21:6f:3b:
                    ad:0d:4c:0b:f9:8d:3d:c1:8f:f4:84:aa:13:72:69:
                    77:d6:5b:98:49:1c:c7:bc:15:f3:6e:1f:f4:a4:9e:
                    e6:c8:29:36:1f:31:a6:fb:2a:af:4c:6e:83:6a:47:
                    dc:63:55:4c:c1:e5:f8:ad:58:c1:5f:f7:3f:4d:c7:
                    bf:6f:72:5f:c1:5c:dd:17:78:b3:a7:e4:a6:51:5a:
                    fc:d9:21:b1:3e:3c:f2:38:61:6a:a2:51:1f:82:e5:
                    78:2e:e1:d9:ab:fd:32:6d:17:84:8a:db:93:0f:f6:
                    d7:fc:3f:7b:7e:c9:24:18:29:63:72:ef:98:a1:99:
                    69:54:24:cc:43:09:54:ce:e3:74:bf:16:ca:62:13:
                    5d:f6:7e:de:06:79:a3:bb:ff:e0:0c:96:b7:be:af:
                    71:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:57:95:F4:B7:25:17:D1:E2:A9:64:91:90:5F:13:B4:20:D8:23:32
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:42:A9:32:33:39:C0:77:C5:C6:AD:E1:09:3B:5A:40:0F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTQqkyMznAd8XGreEJO1pADyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dcb110-62d6-44df-bde6-9a90a7ca508d/1/5LDTQqkyMznAd8XGreEJO1pADyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:e0:bf:e0:86:3b:e9:1d:67:f4:91:0e:e3:98:3d:f6:61:ab:
         62:e8:3c:94:8f:28:dd:5b:1e:cb:38:a5:41:ec:6f:42:26:13:
         05:dd:b2:9f:67:2e:56:72:cc:23:81:9b:81:c1:36:e6:52:e1:
         c4:54:20:2e:99:bb:de:5c:58:7e:40:4c:29:ef:78:0a:2b:c7:
         04:3f:bc:09:a8:8c:b9:7d:6b:22:49:89:d1:74:cc:a6:71:be:
         2f:84:7f:56:04:8a:c2:1e:1b:7d:0d:a9:c9:aa:45:46:27:38:
         ae:74:57:bd:0c:52:41:f3:58:00:a8:61:0d:fb:26:33:f9:c7:
         39:31:50:e7:28:84:83:33:7b:82:58:3d:ed:4c:94:57:98:e5:
         27:ee:a6:38:7a:d9:f0:68:00:f1:ec:cb:0a:8f:aa:4a:ec:4d:
         57:4c:93:4d:64:c9:62:44:06:98:92:65:06:14:f6:ac:03:51:
         f8:68:d0:9c:6c:8f:69:e5:54:f9:5c:7e:d4:f0:61:25:5d:3e:
         e7:a1:ca:13:c8:f1:2b:ed:c9:9b:2c:60:f0:c2:0d:c0:bc:05:
         b9:c9:22:f6:92:63:e0:d2:e3:b8:fc:a8:01:25:36:78:fa:8e:
         e2:3d:e2:a9:52:1d:8e:05:03:32:8e:e3:9b:c5:d9:ca:76:e6:
         cf:8d:0a:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohG7p6wEJctrQeHcnRVZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzQyYTkzMjMzMzljMDc3YzVjNmFkZTEwOTNiNWE0
MDBmMjQwHhcNMjYwMzI2MDUwMTAwWhcNMjYwMzI3MDUwMTAwWjAzMTEwLwYDVQQD
EyhmMTU3OTVmNGI3MjUxN2QxZTJhOTY0OTE5MDVmMTNiNDIwZDgyMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1a+X/5p5chW+CWvH/J67UNyFoFSS
KYNdpYJDV6sxjrIBzPQotAxqBR/WvurovbxUUfWPZHgxnRfOaYrxxXxyWslVG7YH
vzANOCnHkySLWky902BvRDK4s9iNwIPzmw2xEsUwqW0hbzutDUwL+Y09wY/0hKoT
cml31luYSRzHvBXzbh/0pJ7myCk2HzGm+yqvTG6DakfcY1VMweX4rVjBX/c/Tce/
b3JfwVzdF3izp+SmUVr82SGxPjzyOGFqolEfguV4LuHZq/0ybReEituTD/bX/D97
fskkGCljcu+YoZlpVCTMQwlUzuN0vxbKYhNd9n7eBnmju//gDJa3vq9xCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFXlfS3JRfR4qlkkZBfE7Qg2CMyMB8GA1UdIwQY
MBaAFOSw00KpMjM5wHfFxq3hCTtaQA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYt
OWE5MGE3Y2E1MDhkLzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kY2IxMTAtNjJkNi00NGRmLWJkZTYtOWE5MGE3Y2E1MDhk
LzEvNUxEVFFxa3lNem5BZDhYR3JlRUpPMXBBRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaOC/4IY7
6R1n9JEO45g99mGrYug8lI8o3VseyzilQexvQiYTBd2yn2cuVnLMI4GbgcE25lLh
xFQgLpm73lxYfkBMKe94CivHBD+8CaiMuX1rIkmJ0XTMpnG+L4R/VgSKwh4bfQ2p
yapFRic4rnRXvQxSQfNYAKhhDfsmM/nHOTFQ5yiEgzN7glg97UyUV5jlJ+6mOHrZ
8GgA8ezLCo+qSuxNV0yTTWTJYkQGmJJlBhT2rANR+GjQnGyPaeVU+Vx+1PBhJV0+
56HKE8jxK+3Jmyxg8MINwLwFucki9pJj4NLjuPyoASU2ePqO4j3iqVIdjgUDMo7j
m8XZynbmz40Kqg==
-----END CERTIFICATE-----