Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
File:                     XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft (raw, json)
Hash identifier:          T78rfdWlO60Z5x7sHq6XoSwHqRh90imDPmdmUNTQVkQ=
Subject key identifier:   A8:6F:84:51:97:7A:40:05:20:00:58:D1:81:82:28:F0:E1:B9:F5:3A
Authority key identifier: 5D:B7:92:75:65:9D:D9:61:C7:42:BF:21:D8:DC:A1:84:A4:43:0D:85
Certificate issuer:       /CN=5db79275659dd961c742bf21d8dca184a4430d85
Certificate serial:       019D27043EFD5C5D030907F927F374CD79DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
Manifest number:          0F02
Signing time:             Wed 25 Mar 2026 22:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:22 +0000
Files and hashes:         1: XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl (hash: g6A/6BQu87ndZreITe/zsTnSmUD9pI+fXd4omNtjcdk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:3e:fd:5c:5d:03:09:07:f9:27:f3:74:cd:79:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5db79275659dd961c742bf21d8dca184a4430d85
        Validity
            Not Before: Mar 25 22:01:22 2026 GMT
            Not After : Mar 26 22:01:22 2026 GMT
        Subject: CN=a86f8451977a4005200058d1818228f0e1b9f53a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3f:77:c4:c0:c5:fc:07:f5:9f:70:bd:bd:25:
                    24:63:3c:f2:25:0e:fe:d3:ef:12:c4:18:a6:74:ed:
                    7c:21:d9:c5:b9:52:4a:ac:02:2c:a4:e9:c8:b0:6d:
                    42:3c:16:b4:94:c1:f6:0c:99:58:e1:a1:7e:9a:ff:
                    11:27:fa:75:15:f9:cf:5e:c2:1e:fc:b5:71:56:a1:
                    0e:75:c2:2c:13:11:c8:19:87:44:56:3a:8c:a6:6d:
                    72:a2:87:ac:7d:bf:71:66:cd:2b:47:c5:9a:26:1a:
                    ff:75:17:f3:bd:1e:55:e5:84:da:7f:8c:f1:c0:eb:
                    84:49:97:50:9b:d9:28:97:a1:f3:58:5c:f0:d2:35:
                    0d:4c:39:50:68:f1:f2:aa:12:22:68:cb:5d:24:a6:
                    ce:cd:46:88:ce:02:45:78:1a:b7:06:36:c5:05:de:
                    2b:26:66:51:9f:95:24:e6:72:e2:fa:93:3d:1c:e4:
                    ec:d6:8d:aa:49:91:7b:37:b6:4b:b4:3b:d8:d6:78:
                    91:1c:03:10:92:4c:2d:21:ee:cb:46:06:7e:24:45:
                    d6:45:f8:4a:71:95:4c:15:8a:f8:5b:03:55:9a:99:
                    2e:1c:3b:3e:4c:89:45:7d:78:24:79:d6:fe:6c:19:
                    a8:42:5a:77:d4:94:23:b6:62:6e:ff:d0:32:dd:c6:
                    46:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:6F:84:51:97:7A:40:05:20:00:58:D1:81:82:28:F0:E1:B9:F5:3A
            X509v3 Authority Key Identifier:
                keyid:5D:B7:92:75:65:9D:D9:61:C7:42:BF:21:D8:DC:A1:84:A4:43:0D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:4b:53:be:69:f2:45:56:26:f0:f1:ca:b4:92:4e:56:3b:92:
         99:ea:83:30:0a:56:f7:0b:7f:d9:99:a4:e0:dd:e7:3c:1a:58:
         32:5a:3d:31:7c:df:f9:52:43:97:21:0c:84:d4:90:3f:ef:08:
         80:61:25:cb:04:0e:45:8b:9a:fd:51:d7:1a:20:bc:18:e1:93:
         21:a3:92:ff:b4:23:2c:75:b3:ac:e9:db:ec:a8:5e:21:f2:6e:
         33:6f:69:c3:78:d6:b7:12:d9:69:d8:08:d9:85:51:3c:fa:39:
         5a:7d:5a:eb:de:d6:80:1c:54:9c:91:67:8f:04:8c:44:f0:de:
         0a:92:3e:f6:51:5c:a9:39:d9:f8:a0:6f:ff:3a:2c:1f:5d:b2:
         67:d0:e2:0a:de:40:56:17:07:1c:3f:a4:50:a3:68:4d:22:ac:
         be:03:65:9b:28:8f:85:c3:5d:91:09:9e:ea:58:97:3f:05:c1:
         1b:da:4f:a9:09:9a:5d:a2:47:0c:a2:a1:16:31:33:7b:43:b9:
         07:00:45:37:72:d9:50:4c:40:b2:94:13:6e:83:d4:c2:4f:6a:
         da:40:f9:a2:6c:53:8c:44:a6:d7:3d:46:06:c5:b1:33:1a:6a:
         e6:25:19:89:b7:e4:6d:5b:e8:f9:e0:c7:fb:1d:e0:ba:45:a9:
         59:08:db:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBD79XF0DCQf5J/N0zXneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc5Mjc1NjU5ZGQ5NjFjNzQyYmYyMWQ4ZGNhMTg0YTQ0
MzBkODUwHhcNMjYwMzI1MjIwMTIyWhcNMjYwMzI2MjIwMTIyWjAzMTEwLwYDVQQD
EyhhODZmODQ1MTk3N2E0MDA1MjAwMDU4ZDE4MTgyMjhmMGUxYjlmNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD93xMDF/Af1n3C9vSUkYzzyJQ7+
0+8SxBimdO18IdnFuVJKrAIspOnIsG1CPBa0lMH2DJlY4aF+mv8RJ/p1FfnPXsIe
/LVxVqEOdcIsExHIGYdEVjqMpm1yooesfb9xZs0rR8WaJhr/dRfzvR5V5YTaf4zx
wOuESZdQm9kol6HzWFzw0jUNTDlQaPHyqhIiaMtdJKbOzUaIzgJFeBq3BjbFBd4r
JmZRn5Uk5nLi+pM9HOTs1o2qSZF7N7ZLtDvY1niRHAMQkkwtIe7LRgZ+JEXWRfhK
cZVMFYr4WwNVmpkuHDs+TIlFfXgkedb+bBmoQlp31JQjtmJu/9Ay3cZGAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhvhFGXekAFIABY0YGCKPDhufU6MB8GA1UdIwQY
MBaAFF23knVlndlhx0K/IdjcoYSkQw2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81Mjc0MGUtNWNiMC00ODE0LWEyMWEt
YTA5NjdhNDM1YTZhLzEvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81Mjc0MGUtNWNiMC00ODE0LWEyMWEtYTA5NjdhNDM1YTZh
LzEvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEtTvmny
RVYm8PHKtJJOVjuSmeqDMApW9wt/2Zmk4N3nPBpYMlo9MXzf+VJDlyEMhNSQP+8I
gGElywQORYua/VHXGiC8GOGTIaOS/7QjLHWzrOnb7KheIfJuM29pw3jWtxLZadgI
2YVRPPo5Wn1a697WgBxUnJFnjwSMRPDeCpI+9lFcqTnZ+KBv/zosH12yZ9DiCt5A
VhcHHD+kUKNoTSKsvgNlmyiPhcNdkQme6liXPwXBG9pPqQmaXaJHDKKhFjEze0O5
BwBFN3LZUExAspQTboPUwk9q2kD5omxTjESm1z1GBsWxMxpq5iUZibfkbVvo+eDH
+x3gukWpWQjb6g==
-----END CERTIFICATE-----