Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          OcVuR9w6kYdhU/uVgUeQm5ixcDeQQpcjjb+I2hH5pQY=
Subject key identifier:   7F:E3:98:C1:FD:72:F5:3C:DA:0D:9C:8C:99:15:0F:7D:56:5E:8C:B2
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       019D28F291E9A789DB8B3F94A97A96AB7C54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0BA4
Signing time:             Thu 26 Mar 2026 07:01:18 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:18 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:18 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: WqeWmoRwWhm+a2WEHZajMda7+O7dLlQUfCKpNs+QJ2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:91:e9:a7:89:db:8b:3f:94:a9:7a:96:ab:7c:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Mar 26 07:01:18 2026 GMT
            Not After : Mar 27 07:01:18 2026 GMT
        Subject: CN=7fe398c1fd72f53cda0d9c8c99150f7d565e8cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:30:ae:13:0d:89:fe:21:4a:46:29:f4:d9:50:
                    90:d6:d9:15:6f:6f:dc:f2:11:fc:02:32:eb:58:e4:
                    29:29:fe:ed:be:d8:5b:b2:83:8d:46:30:81:93:90:
                    18:ef:5d:e9:32:fa:3b:03:47:b0:d3:be:4f:a7:df:
                    a7:7d:ac:35:cb:aa:c1:0d:75:53:b9:77:df:a0:b6:
                    74:9c:81:41:c4:bb:03:45:5f:6f:6d:92:a3:4d:8e:
                    a3:ba:69:6f:66:f2:82:14:88:41:d0:51:c3:68:c4:
                    a5:d2:14:77:d2:8e:05:ca:da:04:d8:8d:c0:b2:48:
                    70:6a:e9:10:91:02:08:88:67:4a:ea:d4:a4:05:cf:
                    ac:82:dc:f3:5f:8b:a0:b3:4c:1a:5b:9a:2c:cf:5b:
                    eb:c7:a3:13:35:87:4e:1d:02:72:29:08:de:79:ca:
                    a9:18:75:ba:5f:46:1a:15:07:16:82:13:56:e8:7a:
                    0e:da:86:fa:81:63:84:11:65:4a:aa:14:b3:8c:95:
                    20:3e:4b:da:32:37:d5:35:de:8a:de:32:d3:d9:6a:
                    22:35:a2:25:4e:30:e8:3e:f3:5c:0b:ec:86:7e:5b:
                    bb:d8:b7:db:b6:d6:69:49:86:cd:b9:00:76:a6:70:
                    d4:c4:57:60:8f:d2:18:db:67:18:86:65:6d:aa:88:
                    cb:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E3:98:C1:FD:72:F5:3C:DA:0D:9C:8C:99:15:0F:7D:56:5E:8C:B2
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:f1:8a:e8:92:87:b5:05:d1:c7:5e:fc:7a:78:50:83:9e:7e:
         01:68:24:3f:1e:ae:f1:44:8d:6c:cd:72:c3:34:3a:b6:a0:d1:
         30:1f:da:1d:86:67:99:4f:18:b6:92:cb:3a:79:90:c7:a4:ec:
         4a:8d:88:3b:25:3e:d5:65:65:fb:df:13:22:b2:66:c0:0d:7a:
         6c:f4:88:74:77:ab:f2:a1:48:02:62:7e:10:c4:75:eb:0b:36:
         ce:0f:98:58:ef:4d:95:db:2c:82:30:5c:4c:a4:d8:f4:17:7f:
         c5:2b:bd:0f:da:fb:9a:52:da:a2:da:5a:46:17:52:37:32:c5:
         f6:31:cd:d7:6f:19:46:0e:3a:9a:63:3f:68:b5:41:6e:2a:a3:
         63:7d:c3:97:28:94:2a:60:db:87:2c:37:0e:c6:d6:95:3f:45:
         b0:9a:63:3f:0e:ca:aa:21:e2:1b:8a:b7:4c:23:cf:6f:4c:b4:
         97:2d:8a:f9:69:23:4e:cb:02:bd:7f:16:b6:84:56:b5:a6:c3:
         15:a3:15:00:3b:a0:14:a8:19:25:cf:d8:9d:e4:15:36:15:4e:
         0c:f0:d1:fa:d0:75:9f:84:87:a8:5d:0e:4f:fb:01:ee:6e:23:
         5b:1c:6c:29:c4:c1:e9:75:a0:35:4e:95:f0:67:a7:5d:35:02:
         da:6d:1e:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8pHpp4nbiz+UqXqWq3xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjYwMzI2MDcwMTE4WhcNMjYwMzI3MDcwMTE4WjAzMTEwLwYDVQQD
Eyg3ZmUzOThjMWZkNzJmNTNjZGEwZDljOGM5OTE1MGY3ZDU2NWU4Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTCuEw2J/iFKRin02VCQ1tkVb2/c
8hH8AjLrWOQpKf7tvthbsoONRjCBk5AY713pMvo7A0ew075Pp9+nfaw1y6rBDXVT
uXffoLZ0nIFBxLsDRV9vbZKjTY6jumlvZvKCFIhB0FHDaMSl0hR30o4FytoE2I3A
skhwaukQkQIIiGdK6tSkBc+sgtzzX4ugs0waW5osz1vrx6MTNYdOHQJyKQjeecqp
GHW6X0YaFQcWghNW6HoO2ob6gWOEEWVKqhSzjJUgPkvaMjfVNd6K3jLT2WoiNaIl
TjDoPvNcC+yGflu72LfbttZpSYbNuQB2pnDUxFdgj9IY22cYhmVtqojLDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/jmMH9cvU82g2cjJkVD31WXoyyMB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsvGK6JKH
tQXRx178enhQg55+AWgkPx6u8USNbM1ywzQ6tqDRMB/aHYZnmU8YtpLLOnmQx6Ts
So2IOyU+1WVl+98TIrJmwA16bPSIdHer8qFIAmJ+EMR16ws2zg+YWO9NldssgjBc
TKTY9Bd/xSu9D9r7mlLaotpaRhdSNzLF9jHN128ZRg46mmM/aLVBbiqjY33DlyiU
KmDbhyw3DsbWlT9FsJpjPw7KqiHiG4q3TCPPb0y0ly2K+WkjTssCvX8WtoRWtabD
FaMVADugFKgZJc/YneQVNhVODPDR+tB1n4SHqF0OT/sB7m4jWxxsKcTB6XWgNU6V
8GenXTUC2m0eag==
-----END CERTIFICATE-----