Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          e3sOYG5dtMVqhQlJr48GlM4BlyhecquMFRMVBy/gwV0=
Subject key identifier:   37:01:39:92:D1:89:AA:76:F1:96:32:2A:DE:F6:FC:CD:58:46:C7:78
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       019D28F32553CFBEF1E622A4319C08AF6078
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          0320
Signing time:             Thu 26 Mar 2026 07:01:56 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:56 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:56 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: sPj5Kp9BXIG2dJFDoc6bJ7O0zJQWC5h7O9MdzTnGXg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:25:53:cf:be:f1:e6:22:a4:31:9c:08:af:60:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Mar 26 07:01:56 2026 GMT
            Not After : Mar 27 07:01:56 2026 GMT
        Subject: CN=37013992d189aa76f196322adef6fccd5846c778
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:fd:52:1f:8e:b7:ba:4d:8a:80:48:7c:45:f5:
                    ed:08:ee:d5:1c:b0:e1:b8:52:d2:c5:2a:c6:92:21:
                    28:b7:7b:92:e5:5e:39:73:e8:f5:c7:f5:13:26:ed:
                    a4:a1:8d:41:cf:0a:ee:e7:66:7c:ad:3e:70:d1:36:
                    8b:c7:86:94:0d:53:da:fd:b8:b2:82:69:ef:15:e5:
                    5f:04:b7:50:e7:2b:71:63:a1:b4:63:d8:50:94:74:
                    f1:89:28:d9:00:bd:ad:64:40:f8:19:56:ad:91:be:
                    21:56:b9:a5:22:25:cd:f3:61:4b:96:de:96:97:cf:
                    06:fd:3e:5e:28:6b:e1:d5:9e:c4:f0:06:c8:de:11:
                    42:8f:8a:c0:2a:f6:4a:d4:ee:ce:be:3b:e9:99:c2:
                    fc:9c:d1:fa:3d:74:41:64:73:e7:ea:92:24:d4:04:
                    9b:7b:db:4e:e8:44:cd:76:7d:24:89:48:2b:e7:bf:
                    d8:a8:22:10:a4:1b:13:39:92:bd:7f:76:18:52:ed:
                    5d:86:c7:c5:72:34:77:14:58:c3:ee:97:8f:c3:0b:
                    5f:b0:e8:6e:a3:e1:02:30:31:26:a0:d0:e7:b9:bc:
                    ab:73:96:d9:42:67:bb:0b:09:0c:f6:98:b1:9a:78:
                    d1:d3:50:ab:39:fa:7b:54:02:e3:a5:59:81:48:74:
                    57:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:01:39:92:D1:89:AA:76:F1:96:32:2A:DE:F6:FC:CD:58:46:C7:78
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:c3:17:2d:97:4d:2e:89:d1:ce:02:c0:12:e7:25:31:f2:bb:
         4a:ef:4d:2e:cc:2b:b9:78:12:0a:65:96:1f:f6:53:47:08:4f:
         f5:92:ff:92:72:06:7f:f8:1b:70:6c:15:1e:be:a5:34:2f:4b:
         7c:4c:48:46:d4:91:dd:c3:04:49:d7:3c:3a:2c:4e:0f:13:d1:
         d5:2e:a5:51:45:87:04:98:55:1a:9a:0d:eb:59:43:87:61:e0:
         0e:93:24:36:69:92:0e:3c:18:98:ca:eb:79:12:7d:25:77:ba:
         5d:80:56:5d:40:97:85:ea:b9:56:50:ae:08:06:69:c4:57:7f:
         73:4b:6e:39:c3:20:2e:a0:08:af:c9:ab:96:e0:02:5a:a6:38:
         99:3b:f2:42:f3:c0:6d:9b:13:b8:9e:e4:4c:bb:4e:3d:c0:86:
         16:c2:56:4a:24:6c:8b:b9:55:0a:3d:0b:e2:78:91:fb:30:f9:
         0b:28:0f:e5:80:24:f4:e7:71:b4:89:89:2b:75:ff:bd:7c:e5:
         7a:36:2f:df:1c:62:4d:0f:ce:7d:e5:9f:39:9e:c6:ed:04:f2:
         99:a3:99:05:ee:f7:ce:14:66:06:26:c0:f5:ea:ca:14:02:10:
         21:4e:75:83:0e:09:72:29:15:5a:d1:69:57:48:25:cf:80:61:
         a5:59:77:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8yVTz77x5iKkMZwIr2B4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjYwMzI2MDcwMTU2WhcNMjYwMzI3MDcwMTU2WjAzMTEwLwYDVQQD
EygzNzAxMzk5MmQxODlhYTc2ZjE5NjMyMmFkZWY2ZmNjZDU4NDZjNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7P1SH463uk2KgEh8RfXtCO7VHLDh
uFLSxSrGkiEot3uS5V45c+j1x/UTJu2koY1Bzwru52Z8rT5w0TaLx4aUDVPa/biy
gmnvFeVfBLdQ5ytxY6G0Y9hQlHTxiSjZAL2tZED4GVatkb4hVrmlIiXN82FLlt6W
l88G/T5eKGvh1Z7E8AbI3hFCj4rAKvZK1O7OvjvpmcL8nNH6PXRBZHPn6pIk1ASb
e9tO6ETNdn0kiUgr57/YqCIQpBsTOZK9f3YYUu1dhsfFcjR3FFjD7pePwwtfsOhu
o+ECMDEmoNDnubyrc5bZQme7CwkM9pixmnjR01CrOfp7VALjpVmBSHRXfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcBOZLRiap28ZYyKt72/M1YRsd4MB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAicMXLZdN
LonRzgLAEuclMfK7Su9NLswruXgSCmWWH/ZTRwhP9ZL/knIGf/gbcGwVHr6lNC9L
fExIRtSR3cMESdc8OixODxPR1S6lUUWHBJhVGpoN61lDh2HgDpMkNmmSDjwYmMrr
eRJ9JXe6XYBWXUCXheq5VlCuCAZpxFd/c0tuOcMgLqAIr8mrluACWqY4mTvyQvPA
bZsTuJ7kTLtOPcCGFsJWSiRsi7lVCj0L4niR+zD5CygP5YAk9OdxtImJK3X/vXzl
ejYv3xxiTQ/OfeWfOZ7G7QTymaOZBe73zhRmBibA9erKFAIQIU51gw4JcikVWtFp
V0glz4BhpVl3Dg==
-----END CERTIFICATE-----