Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          1LroUj6KP5JvhrF7Sd9cEhR7FAjj2RqrQ1YOrYA6oGQ=
Subject key identifier:   0C:77:EC:62:EA:E6:66:F9:41:28:AA:13:61:F3:C6:10:DC:02:A5:29
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       019D27724922C363B5A138E2319E50C7EB36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          1816
Signing time:             Thu 26 Mar 2026 00:01:34 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:34 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:34 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: VNE6rK3V7RmyQ7GU6S/6dXdWFxAu6X1JprWJg9PzlSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:49:22:c3:63:b5:a1:38:e2:31:9e:50:c7:eb:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Mar 26 00:01:34 2026 GMT
            Not After : Mar 27 00:01:34 2026 GMT
        Subject: CN=0c77ec62eae666f94128aa1361f3c610dc02a529
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c8:59:1f:88:e7:37:62:07:6c:10:63:d5:c2:
                    56:69:ac:a7:da:c9:96:ec:92:c0:db:bc:ae:54:67:
                    b1:b5:a1:f4:65:82:b8:0a:3a:fa:3a:e1:2a:bc:03:
                    cb:15:9b:96:06:5d:71:91:bf:03:d1:24:5a:16:32:
                    38:64:55:e8:7f:1c:98:64:1a:96:12:2a:54:1d:1e:
                    81:09:c4:3c:66:40:e8:ce:14:e5:e4:5d:fc:a6:70:
                    cf:ed:ff:28:db:fb:26:3b:75:7c:95:01:9a:43:d4:
                    82:2d:31:af:7e:af:fa:68:fa:8d:59:a4:31:c4:07:
                    c3:ed:31:13:0c:4c:2c:87:f6:24:99:c0:00:6b:9e:
                    92:63:b9:61:35:2c:77:8d:8d:33:d0:a1:a3:86:88:
                    96:b9:9f:50:33:4c:b6:f7:92:1e:c8:e8:43:58:f7:
                    3e:06:37:f7:50:a4:5c:a5:e8:9c:33:18:14:a5:a4:
                    13:fb:d5:85:38:6e:dd:4d:92:8d:45:aa:13:7c:2e:
                    92:5e:65:a1:46:db:ce:bb:6f:74:25:6e:80:59:1a:
                    2f:20:85:0b:19:a6:2e:eb:7c:ce:7c:7a:ef:c1:35:
                    c4:77:d3:79:d6:df:f6:56:b6:a5:20:91:24:cf:d6:
                    0b:5c:35:df:77:de:4c:29:41:40:6c:84:c0:e2:da:
                    54:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:77:EC:62:EA:E6:66:F9:41:28:AA:13:61:F3:C6:10:DC:02:A5:29
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:52:39:6d:e8:86:2f:f0:4d:be:65:15:b0:10:86:f8:27:3e:
         5c:9b:2c:f6:b7:97:80:3a:d8:88:a2:17:4e:16:02:2c:15:55:
         e3:f6:b6:97:2a:8c:21:bc:e3:f0:3b:b2:86:ce:77:a0:0f:0f:
         ec:06:a6:9b:4e:0c:d0:c6:7a:ce:79:ae:b1:b8:40:da:fc:2e:
         eb:8c:48:53:df:ce:b7:e2:52:fc:1f:bd:5a:53:2c:ee:37:58:
         81:bc:83:43:f5:ad:3f:c0:a9:be:f3:c6:ae:cc:ed:cf:bd:6a:
         62:07:ed:10:6a:60:6c:cf:1c:db:04:af:63:f9:cd:ef:c6:d2:
         1b:a2:d5:cf:30:87:f8:7f:8d:11:61:8c:1b:6e:9b:bd:a9:66:
         15:3d:7e:29:16:45:d9:db:12:cd:fe:07:1b:8a:b3:72:fe:46:
         48:25:19:6a:11:b3:9b:c9:da:90:85:27:1e:84:69:ee:2a:4e:
         62:db:be:a2:a8:88:34:43:e1:df:5a:6b:d5:71:8f:42:d5:fa:
         06:78:b0:2f:32:02:44:55:70:26:ac:66:29:8c:8f:8a:b5:da:
         08:a6:c9:08:fc:0c:80:19:42:6d:af:11:6b:02:40:a6:d7:6d:
         a3:42:ee:24:c4:29:7f:18:e4:0b:d1:ba:13:0e:17:ab:10:14:
         7d:24:16:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nckkiw2O1oTjiMZ5Qx+s2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjYwMzI2MDAwMTM0WhcNMjYwMzI3MDAwMTM0WjAzMTEwLwYDVQQD
EygwYzc3ZWM2MmVhZTY2NmY5NDEyOGFhMTM2MWYzYzYxMGRjMDJhNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvchZH4jnN2IHbBBj1cJWaayn2smW
7JLA27yuVGextaH0ZYK4Cjr6OuEqvAPLFZuWBl1xkb8D0SRaFjI4ZFXofxyYZBqW
EipUHR6BCcQ8ZkDozhTl5F38pnDP7f8o2/smO3V8lQGaQ9SCLTGvfq/6aPqNWaQx
xAfD7TETDEwsh/YkmcAAa56SY7lhNSx3jY0z0KGjhoiWuZ9QM0y295IeyOhDWPc+
Bjf3UKRcpeicMxgUpaQT+9WFOG7dTZKNRaoTfC6SXmWhRtvOu290JW6AWRovIIUL
GaYu63zOfHrvwTXEd9N51t/2VralIJEkz9YLXDXfd95MKUFAbITA4tpUmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAx37GLq5mb5QSiqE2HzxhDcAqUpMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFI5beiG
L/BNvmUVsBCG+Cc+XJss9reXgDrYiKIXThYCLBVV4/a2lyqMIbzj8Duyhs53oA8P
7Aamm04M0MZ6znmusbhA2vwu64xIU9/Ot+JS/B+9WlMs7jdYgbyDQ/WtP8CpvvPG
rsztz71qYgftEGpgbM8c2wSvY/nN78bSG6LVzzCH+H+NEWGMG26bvalmFT1+KRZF
2dsSzf4HG4qzcv5GSCUZahGzm8nakIUnHoRp7ipOYtu+oqiINEPh31pr1XGPQtX6
BniwLzICRFVwJqxmKYyPirXaCKbJCPwMgBlCba8RawJAptdto0LuJMQpfxjkC9G6
Ew4XqxAUfSQWIw==
-----END CERTIFICATE-----