Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          idUFk/RW22GU0dfzJ2inj07GpOP9My/05L9ywBUmeRk=
Subject key identifier:   00:3C:76:3A:F2:2A:3D:28:5B:C7:28:28:0F:ED:AE:A7:A9:61:11:3C
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019CAAC70EF45232B44C48323F864D632573
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          09FA
Signing time:             Sun 01 Mar 2026 19:01:38 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:38 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:38 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: ekwTy6wJS+fvCvKrTK+BXb0gy8lNox15ZGTkKiYEKOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c7:0e:f4:52:32:b4:4c:48:32:3f:86:4d:63:25:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Mar  1 19:01:38 2026 GMT
            Not After : Mar  2 19:01:38 2026 GMT
        Subject: CN=003c763af22a3d285bc728280fedaea7a961113c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f0:a8:02:72:9c:de:c0:24:a9:54:bf:38:0a:
                    75:30:5d:e8:54:7f:19:d8:ba:a7:3a:21:cc:9c:05:
                    a1:d1:cd:ad:69:6d:ed:e4:8b:4a:38:84:7f:65:6c:
                    40:f6:0a:5b:2a:5b:ae:38:a9:27:e5:79:15:30:4c:
                    f7:b4:5f:c5:b7:63:95:36:cc:6a:fa:68:10:e7:b4:
                    ab:eb:40:4e:70:8c:68:66:65:84:c6:b4:52:24:7d:
                    41:1b:cf:70:9c:c2:f4:68:2e:35:6e:13:3e:93:44:
                    98:17:06:ec:d8:3e:e5:80:8f:ae:ee:1c:ad:1b:69:
                    32:85:64:f7:ba:d9:b3:ee:02:c7:2d:50:02:b1:49:
                    71:87:49:5d:a4:d3:bc:dc:5e:f0:a8:2a:0d:12:bc:
                    7e:be:ce:15:eb:fe:f0:cf:b4:94:9a:97:19:01:f6:
                    07:4b:da:11:5a:7c:1d:22:5f:e4:e7:31:2a:17:16:
                    64:94:0d:19:36:ed:91:3e:e8:af:e2:38:ee:6f:f5:
                    b9:a4:26:03:9b:05:37:fe:4f:11:6e:7f:be:c1:b1:
                    4b:d3:1c:e1:f1:d1:56:bd:b6:11:cb:92:c9:df:a0:
                    d1:fe:84:42:e6:ac:0d:ed:fe:54:cb:1f:db:c3:63:
                    b4:55:a9:a1:32:3b:bf:a8:3d:46:2d:03:e7:c0:08:
                    b5:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:3C:76:3A:F2:2A:3D:28:5B:C7:28:28:0F:ED:AE:A7:A9:61:11:3C
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:3b:93:5f:09:e3:8c:d3:b6:92:38:bb:61:18:9b:cc:59:73:
         b9:24:7b:8c:f9:02:0c:46:cc:3d:3b:66:9d:de:8e:17:27:a4:
         83:d8:8d:0e:03:ca:15:19:3a:d6:3a:54:9b:69:24:85:ba:05:
         05:04:17:6e:1a:33:1a:28:0e:21:38:30:52:34:91:3c:7c:90:
         c4:be:8c:97:c6:ba:27:b9:e7:9b:3e:18:c1:10:1d:ba:c4:75:
         6b:3a:2a:70:bc:39:57:9e:46:e3:33:ff:a1:af:5e:c1:2b:e2:
         cb:71:ab:1d:0e:48:f4:93:36:2e:cd:3b:54:f2:21:a2:23:fb:
         1a:17:6d:2e:63:4f:3e:79:8f:30:c5:83:5f:80:b3:0a:27:49:
         50:54:14:7f:d6:c2:22:40:b3:0e:1f:9c:59:1a:31:fd:08:61:
         c8:21:be:54:17:f8:6e:98:93:25:93:c4:0d:f0:64:eb:01:8d:
         da:91:1c:09:e3:14:c1:2f:ee:7e:ce:dc:e8:2d:ab:14:9a:1f:
         ba:14:7f:f1:8f:8a:1a:57:55:66:18:17:17:aa:04:20:6e:45:
         7c:91:be:92:d1:bb:25:c7:96:a7:c3:b5:fd:1a:30:14:41:43:
         39:a7:5c:29:18:2c:eb:0d:6a:41:17:85:95:86:e6:c8:46:c4:
         81:ed:26:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxw70UjK0TEgyP4ZNYyVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjYwMzAxMTkwMTM4WhcNMjYwMzAyMTkwMTM4WjAzMTEwLwYDVQQD
EygwMDNjNzYzYWYyMmEzZDI4NWJjNzI4MjgwZmVkYWVhN2E5NjExMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvCoAnKc3sAkqVS/OAp1MF3oVH8Z
2LqnOiHMnAWh0c2taW3t5ItKOIR/ZWxA9gpbKluuOKkn5XkVMEz3tF/Ft2OVNsxq
+mgQ57Sr60BOcIxoZmWExrRSJH1BG89wnML0aC41bhM+k0SYFwbs2D7lgI+u7hyt
G2kyhWT3utmz7gLHLVACsUlxh0ldpNO83F7wqCoNErx+vs4V6/7wz7SUmpcZAfYH
S9oRWnwdIl/k5zEqFxZklA0ZNu2RPuiv4jjub/W5pCYDmwU3/k8Rbn++wbFL0xzh
8dFWvbYRy5LJ36DR/oRC5qwN7f5Uyx/bw2O0VamhMju/qD1GLQPnwAi1SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAA8djryKj0oW8coKA/trqepYRE8MB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejuTXwnj
jNO2kji7YRibzFlzuSR7jPkCDEbMPTtmnd6OFyekg9iNDgPKFRk61jpUm2kkhboF
BQQXbhozGigOITgwUjSRPHyQxL6Ml8a6J7nnmz4YwRAdusR1azoqcLw5V55G4zP/
oa9ewSviy3GrHQ5I9JM2Ls07VPIhoiP7GhdtLmNPPnmPMMWDX4CzCidJUFQUf9bC
IkCzDh+cWRox/QhhyCG+VBf4bpiTJZPEDfBk6wGN2pEcCeMUwS/ufs7c6C2rFJof
uhR/8Y+KGldVZhgXF6oEIG5FfJG+ktG7JceWp8O1/RowFEFDOadcKRgs6w1qQReF
lYbmyEbEge0mDg==
-----END CERTIFICATE-----