Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          b32DYyokgxIE25yWPHpRGiocvuOyidat7N0sRYyaAHM=
Subject key identifier:   87:A8:D5:3D:A4:EE:05:C7:E6:E6:14:E0:99:0D:79:40:15:85:8E:32
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       019CAB6AC9056A174BA93C3284CDB908F1AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:00:27 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:27 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:27 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: vpHt9BTYIHJ/sbBoJnNIzDif3Hx5aFGu4m/knQFSk34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:c9:05:6a:17:4b:a9:3c:32:84:cd:b9:08:f1:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Mar  1 22:00:27 2026 GMT
            Not After : Mar  2 22:00:27 2026 GMT
        Subject: CN=87a8d53da4ee05c7e6e614e0990d794015858e32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:37:c3:4b:8d:5b:64:05:51:16:cf:fe:8a:92:
                    86:30:b8:7a:0d:76:5e:4f:83:aa:9f:78:de:5e:b0:
                    6e:61:85:23:2d:d2:2f:e8:29:3f:91:1b:24:89:11:
                    bc:52:86:9f:0e:54:29:d3:33:f5:02:b5:ef:6f:d7:
                    05:32:0a:84:9c:f8:d3:3e:a1:1f:a9:4a:cf:3e:c6:
                    a7:a7:d0:11:d5:7f:73:4d:3c:c4:52:ef:09:e0:c9:
                    9f:f2:05:71:9a:ac:9b:c2:a4:64:93:89:b5:e1:d1:
                    09:b7:d4:24:6b:a9:8b:c0:18:10:c0:3f:43:f9:ed:
                    69:6e:e1:11:97:a7:74:d1:16:be:9a:5f:ad:80:f8:
                    de:4d:24:48:20:28:d4:81:c3:d6:44:63:be:4f:a5:
                    72:e9:4a:71:08:89:96:b4:48:fe:22:0f:57:47:ff:
                    02:3f:66:96:75:96:15:81:60:08:78:42:a4:86:d5:
                    ed:57:63:25:4f:f9:3f:a6:ce:9b:85:06:1f:66:53:
                    11:4d:aa:d0:62:66:c8:c4:ce:ba:fd:be:99:c2:d4:
                    e3:fb:e9:49:c1:69:6d:4b:c1:cc:99:5b:b7:43:5d:
                    c4:3a:55:02:9b:5a:49:3e:f0:3b:82:3a:72:87:0a:
                    7e:f5:85:63:1c:7b:d2:ff:43:b5:06:1f:10:4d:25:
                    68:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:A8:D5:3D:A4:EE:05:C7:E6:E6:14:E0:99:0D:79:40:15:85:8E:32
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:0e:b8:df:75:f1:8b:cd:d7:e6:a4:0c:55:56:d3:c5:44:a1:
         3f:39:3a:28:f3:95:07:73:b9:1e:83:18:38:7a:d4:45:c4:6e:
         b9:a9:f1:01:30:5f:78:18:2e:b3:01:43:a8:ba:5b:d2:c7:63:
         0e:1e:fe:1f:3f:28:9a:6d:70:f9:84:94:91:0b:79:09:8b:2b:
         6c:01:aa:04:43:be:94:4a:ce:77:fc:fe:a5:4b:b8:8b:54:8f:
         9c:31:62:95:73:df:ac:54:f1:1f:8d:de:b3:9c:ec:ce:73:d8:
         83:a0:85:54:af:cd:55:9d:96:41:b0:3d:9d:90:4c:0a:6f:01:
         a9:a3:96:77:7d:57:fc:db:e4:f8:a3:55:00:f2:84:c2:7a:e6:
         00:18:0b:48:c7:8a:be:22:9a:ff:2f:60:20:c4:fa:4c:1b:6e:
         b0:6f:a0:65:6b:6b:c6:56:64:6f:54:1f:07:f4:d7:e5:64:64:
         6f:a1:4f:93:da:6c:aa:a4:38:6a:35:f8:4d:95:b8:9c:f0:68:
         c8:0f:ba:4f:2b:7f:90:0c:6e:ad:d6:75:da:eb:f8:d3:e9:9f:
         66:1d:b5:b7:df:70:7d:a5:e2:2c:d8:4b:90:46:68:85:88:86:
         84:d9:9c:91:31:79:a0:dc:4f:bb:31:a2:df:0c:d2:5a:40:54:
         ee:61:c5:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraskFahdLqTwyhM25CPGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjYwMzAxMjIwMDI3WhcNMjYwMzAyMjIwMDI3WjAzMTEwLwYDVQQD
Eyg4N2E4ZDUzZGE0ZWUwNWM3ZTZlNjE0ZTA5OTBkNzk0MDE1ODU4ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDfDS41bZAVRFs/+ipKGMLh6DXZe
T4Oqn3jeXrBuYYUjLdIv6Ck/kRskiRG8UoafDlQp0zP1ArXvb9cFMgqEnPjTPqEf
qUrPPsanp9AR1X9zTTzEUu8J4Mmf8gVxmqybwqRkk4m14dEJt9Qka6mLwBgQwD9D
+e1pbuERl6d00Ra+ml+tgPjeTSRIICjUgcPWRGO+T6Vy6UpxCImWtEj+Ig9XR/8C
P2aWdZYVgWAIeEKkhtXtV2MlT/k/ps6bhQYfZlMRTarQYmbIxM66/b6ZwtTj++lJ
wWltS8HMmVu3Q13EOlUCm1pJPvA7gjpyhwp+9YVjHHvS/0O1Bh8QTSVozwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIeo1T2k7gXH5uYU4JkNeUAVhY4yMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlg6433Xx
i83X5qQMVVbTxUShPzk6KPOVB3O5HoMYOHrURcRuuanxATBfeBguswFDqLpb0sdj
Dh7+Hz8omm1w+YSUkQt5CYsrbAGqBEO+lErOd/z+pUu4i1SPnDFilXPfrFTxH43e
s5zsznPYg6CFVK/NVZ2WQbA9nZBMCm8BqaOWd31X/Nvk+KNVAPKEwnrmABgLSMeK
viKa/y9gIMT6TBtusG+gZWtrxlZkb1QfB/TX5WRkb6FPk9psqqQ4ajX4TZW4nPBo
yA+6Tyt/kAxurdZ12uv40+mfZh21t99wfaXiLNhLkEZohYiGhNmckTF5oNxPuzGi
3wzSWkBU7mHFEw==
-----END CERTIFICATE-----