Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          Hi3uJ+ABc1XLenFeoX1lAP8TGDjXwPXtdSj9CGQj5SQ=
Subject key identifier:   C7:E7:EA:0F:BE:A8:60:33:84:18:1D:F8:1F:2D:11:EE:52:09:64:70
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019D284D60B58D90E2BDA80793196BDC72D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0F64
Signing time:             Thu 26 Mar 2026 04:00:52 +0000
Manifest this update:     Thu 26 Mar 2026 04:00:52 +0000
Manifest next update:     Fri 27 Mar 2026 04:00:52 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: 45QleEKLLwR3/vvc84epjeMrU2rq/B0v+3UNzgLuxQE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:60:b5:8d:90:e2:bd:a8:07:93:19:6b:dc:72:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Mar 26 04:00:52 2026 GMT
            Not After : Mar 27 04:00:52 2026 GMT
        Subject: CN=c7e7ea0fbea8603384181df81f2d11ee52096470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d0:af:a9:7c:d9:43:fa:52:84:f0:a7:a4:02:
                    0e:60:20:d9:18:a5:9b:49:b2:8a:65:f0:12:dd:a6:
                    f3:54:a1:47:1c:c4:e8:23:a6:72:5f:69:9f:be:51:
                    bb:14:b2:6a:e6:c3:d9:28:08:0c:e7:2d:53:94:61:
                    2b:ba:0e:cd:c2:62:b3:1c:21:77:a8:5f:04:7c:a3:
                    0a:bd:b3:29:15:ed:ea:09:5a:99:3a:18:75:42:50:
                    0d:0a:9f:35:db:c1:f5:9e:8e:f5:46:9e:67:8d:9e:
                    ab:d1:3e:02:b9:a4:1b:17:4d:55:6b:be:90:fa:2f:
                    d7:bf:49:fc:3f:5a:07:83:97:c1:64:c0:2e:cb:3a:
                    de:c8:0b:91:f3:7d:97:75:ab:11:aa:58:7d:8a:50:
                    c0:cd:78:d2:69:7f:26:89:4b:b1:99:50:33:75:e0:
                    4c:fa:b9:e1:ec:46:cc:72:dd:7f:a9:a7:99:31:98:
                    17:3b:a1:ef:c8:d8:1c:6d:3c:cb:25:b7:20:72:04:
                    26:02:29:b2:8d:c8:14:4d:00:e6:a5:2d:7d:ce:1c:
                    7f:ab:8a:04:2d:30:fa:47:f7:df:08:e3:65:cc:d7:
                    f9:b7:42:ad:6d:9b:12:5c:58:2a:7f:dd:83:5f:c1:
                    b6:18:be:16:8d:ed:c5:51:2f:58:68:55:d0:f4:e6:
                    3f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:E7:EA:0F:BE:A8:60:33:84:18:1D:F8:1F:2D:11:EE:52:09:64:70
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:2e:b5:50:f5:32:56:cd:77:46:79:3c:05:fe:3d:a5:db:de:
         5e:46:7c:73:9c:9c:8b:6a:15:c1:18:a2:98:29:ca:40:14:18:
         2a:27:07:b0:68:5b:e3:84:28:4e:73:99:30:ad:1c:98:30:28:
         74:2d:e8:47:5a:aa:16:2d:a7:c0:9a:30:c8:32:50:66:ff:6e:
         01:ff:64:6c:64:cb:f9:49:77:13:28:b6:37:a8:3e:bb:3e:e1:
         1c:6f:98:ed:2b:82:9a:58:04:ae:b0:1e:05:94:c3:a5:de:c3:
         7e:6b:95:87:70:41:0c:29:67:ea:89:48:9b:d2:7f:71:7e:c4:
         dc:8e:57:46:d6:0e:73:53:9b:02:34:da:4d:f2:39:09:ad:53:
         5c:ae:95:5e:91:c8:10:b3:91:f7:b9:30:dd:91:dc:cc:dc:2a:
         8f:49:5e:5e:91:ae:8e:66:d6:16:35:f8:af:99:26:a6:59:80:
         ba:18:3c:27:9a:4c:b5:e2:54:2a:f3:b9:59:8e:53:18:92:20:
         1c:d9:16:a4:72:38:93:3b:90:6b:57:d9:c3:a9:aa:7a:af:ba:
         84:31:c7:2c:57:bb:7b:9a:22:d5:c3:a1:d5:86:02:c1:4b:66:
         92:5e:63:f3:3e:a1:86:89:78:96:09:c0:7f:42:a3:1a:dc:84:
         ba:b3:15:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTWC1jZDivagHkxlr3HLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjYwMzI2MDQwMDUyWhcNMjYwMzI3MDQwMDUyWjAzMTEwLwYDVQQD
EyhjN2U3ZWEwZmJlYTg2MDMzODQxODFkZjgxZjJkMTFlZTUyMDk2NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdCvqXzZQ/pShPCnpAIOYCDZGKWb
SbKKZfAS3abzVKFHHMToI6ZyX2mfvlG7FLJq5sPZKAgM5y1TlGErug7NwmKzHCF3
qF8EfKMKvbMpFe3qCVqZOhh1QlANCp8128H1no71Rp5njZ6r0T4CuaQbF01Va76Q
+i/Xv0n8P1oHg5fBZMAuyzreyAuR832XdasRqlh9ilDAzXjSaX8miUuxmVAzdeBM
+rnh7EbMct1/qaeZMZgXO6HvyNgcbTzLJbcgcgQmAimyjcgUTQDmpS19zhx/q4oE
LTD6R/ffCONlzNf5t0KtbZsSXFgqf92DX8G2GL4Wje3FUS9YaFXQ9OY/ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfn6g++qGAzhBgd+B8tEe5SCWRwMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADC61UPUy
Vs13Rnk8Bf49pdveXkZ8c5yci2oVwRiimCnKQBQYKicHsGhb44QoTnOZMK0cmDAo
dC3oR1qqFi2nwJowyDJQZv9uAf9kbGTL+Ul3Eyi2N6g+uz7hHG+Y7SuCmlgErrAe
BZTDpd7DfmuVh3BBDCln6olIm9J/cX7E3I5XRtYOc1ObAjTaTfI5Ca1TXK6VXpHI
ELOR97kw3ZHczNwqj0leXpGujmbWFjX4r5kmplmAuhg8J5pMteJUKvO5WY5TGJIg
HNkWpHI4kzuQa1fZw6mqeq+6hDHHLFe7e5oi1cOh1YYCwUtmkl5j8z6hhol4lgnA
f0KjGtyEurMVMA==
-----END CERTIFICATE-----