Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          yS2QCbM6oaa/Ee1DqVFrCI4VaoqII9jLV/w1B+NJx9s=
Subject key identifier:   AE:83:AC:46:C1:3B:6F:EB:41:D5:02:12:8F:9B:09:03:FD:E0:83:8C
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019D984FD31B26DC435F9FDC2D6E4DD12790
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          0A75
Signing time:             Thu 16 Apr 2026 22:01:01 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:01 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:01 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: +IiMFAi9Ayhh0/R3Be0w0agbCfUzaAChnmd1jNaEoKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:d3:1b:26:dc:43:5f:9f:dc:2d:6e:4d:d1:27:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Apr 16 22:01:01 2026 GMT
            Not After : Apr 17 22:01:01 2026 GMT
        Subject: CN=ae83ac46c13b6feb41d502128f9b0903fde0838c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:31:db:0a:2b:ab:05:86:81:f9:6b:3b:52:3e:
                    86:46:0c:a9:e9:a9:7c:f1:54:00:7a:be:cd:90:1e:
                    79:83:f5:54:78:4c:05:ec:c9:39:58:19:98:77:0c:
                    c2:cf:57:7c:b2:86:3a:2a:bd:83:c7:bc:42:73:6e:
                    25:c1:e1:9b:36:7b:1b:58:bf:73:de:a7:f7:48:8f:
                    b9:25:02:34:fa:42:13:82:00:cd:e5:06:c1:5e:43:
                    08:66:11:f2:ad:0c:96:66:cf:db:6c:d8:86:56:f5:
                    a3:db:a7:bd:7d:1b:10:61:d4:62:69:77:3e:91:e6:
                    77:0c:b6:d2:10:53:40:1f:cd:2e:a7:74:50:35:fa:
                    1b:0e:88:f0:76:eb:bd:a7:1e:19:66:3c:ea:35:10:
                    6f:41:e4:22:03:a0:e0:cf:09:66:78:dd:1f:de:9e:
                    2e:8d:40:35:11:e2:b5:e6:86:ee:dc:fa:fa:d9:5a:
                    b7:ce:91:cf:11:95:9c:86:23:f2:7c:b5:75:06:8a:
                    cc:9a:5e:17:64:71:19:3b:4a:0e:80:64:b7:8a:11:
                    5c:77:5f:ea:c9:1a:75:61:b0:34:9b:0f:4b:95:ee:
                    9f:7f:8f:b8:14:23:b9:9e:dd:bb:23:ee:7c:14:69:
                    a7:43:01:70:8f:c4:c9:ff:93:8c:88:88:77:fe:db:
                    13:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:83:AC:46:C1:3B:6F:EB:41:D5:02:12:8F:9B:09:03:FD:E0:83:8C
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:5e:b2:df:1b:37:14:c9:32:ab:5b:3e:72:fc:2f:6c:f2:da:
         24:d1:2c:62:dd:4d:72:6c:71:71:a6:d7:5e:a5:e2:75:61:d1:
         c9:7a:af:e6:0b:99:e6:09:ff:a4:1b:12:82:1d:d0:cb:13:3e:
         2e:21:a8:f2:7f:de:28:41:ba:5d:89:24:e1:fe:43:7b:78:d1:
         0d:c5:ea:19:84:11:7a:ea:4f:40:55:52:2d:ae:44:e3:37:8b:
         4e:f5:2d:ce:e6:5d:c6:46:be:7a:30:7e:2d:b2:bf:22:c4:41:
         cf:01:d7:98:60:ba:43:f5:15:be:0f:86:69:d9:e9:b7:97:95:
         c6:56:05:ba:87:19:79:ea:de:21:4b:11:67:a0:ba:99:91:19:
         52:ac:b7:54:23:84:3c:53:d7:00:d5:2b:7a:63:3f:b1:99:ec:
         f4:a2:5b:97:be:e6:50:36:1a:24:2d:1d:11:c9:ba:e4:d2:5d:
         36:48:fb:0c:8e:98:4d:14:5a:41:6a:75:ab:eb:ee:6d:64:6b:
         c1:70:e4:58:40:b1:04:c2:e8:e4:35:10:26:76:21:11:d6:3e:
         af:b8:3a:38:c1:ed:f3:ab:d0:d2:83:5b:8c:c2:6d:ee:88:07:
         5d:b2:3d:c5:51:46:9d:5a:cc:88:ca:a5:0a:06:99:3a:fb:ec:
         cd:e5:77:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT9MbJtxDX5/cLW5N0SeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjYwNDE2MjIwMTAxWhcNMjYwNDE3MjIwMTAxWjAzMTEwLwYDVQQD
EyhhZTgzYWM0NmMxM2I2ZmViNDFkNTAyMTI4ZjliMDkwM2ZkZTA4MzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizHbCiurBYaB+Ws7Uj6GRgyp6al8
8VQAer7NkB55g/VUeEwF7Mk5WBmYdwzCz1d8soY6Kr2Dx7xCc24lweGbNnsbWL9z
3qf3SI+5JQI0+kITggDN5QbBXkMIZhHyrQyWZs/bbNiGVvWj26e9fRsQYdRiaXc+
keZ3DLbSEFNAH80up3RQNfobDojwduu9px4ZZjzqNRBvQeQiA6DgzwlmeN0f3p4u
jUA1EeK15obu3Pr62Vq3zpHPEZWchiPyfLV1BorMml4XZHEZO0oOgGS3ihFcd1/q
yRp1YbA0mw9Lle6ff4+4FCO5nt27I+58FGmnQwFwj8TJ/5OMiIh3/tsT2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6DrEbBO2/rQdUCEo+bCQP94IOMMB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPl6y3xs3
FMkyq1s+cvwvbPLaJNEsYt1NcmxxcabXXqXidWHRyXqv5guZ5gn/pBsSgh3QyxM+
LiGo8n/eKEG6XYkk4f5De3jRDcXqGYQReupPQFVSLa5E4zeLTvUtzuZdxka+ejB+
LbK/IsRBzwHXmGC6Q/UVvg+Gadnpt5eVxlYFuocZeereIUsRZ6C6mZEZUqy3VCOE
PFPXANUremM/sZns9KJbl77mUDYaJC0dEcm65NJdNkj7DI6YTRRaQWp1q+vubWRr
wXDkWECxBMLo5DUQJnYhEdY+r7g6OMHt86vQ0oNbjMJt7ogHXbI9xVFGnVrMiMql
CgaZOvvszeV3Qg==
-----END CERTIFICATE-----