Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
File:                     XbdXv1dG8moHySCHAbDVS2m8M2Q.mft (raw, json)
Hash identifier:          fAhPVOggBOH0xZYRsDe5GjaUWrMVr32PZd2x2EgiThw=
Subject key identifier:   0F:66:1A:1A:21:9D:50:C8:6D:C0:7A:22:3B:69:08:F5:7C:EC:80:CC
Authority key identifier: 5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64
Certificate issuer:       /CN=5db757bf5746f26a07c9208701b0d54b69bc3364
Certificate serial:       019D9D3FC7A4DABECB1572CB93252F95609C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
Manifest number:          078F
Signing time:             Fri 17 Apr 2026 21:01:35 +0000
Manifest this update:     Fri 17 Apr 2026 21:01:35 +0000
Manifest next update:     Sat 18 Apr 2026 21:01:35 +0000
Files and hashes:         1: XbdXv1dG8moHySCHAbDVS2m8M2Q.crl (hash: j32/jPYQnPno+DM1e0/BEvqs5JCnA1lZoD7S25xJFDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9d:3f:c7:a4:da:be:cb:15:72:cb:93:25:2f:95:60:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5db757bf5746f26a07c9208701b0d54b69bc3364
        Validity
            Not Before: Apr 17 21:01:35 2026 GMT
            Not After : Apr 18 21:01:35 2026 GMT
        Subject: CN=0f661a1a219d50c86dc07a223b6908f57cec80cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9d:b7:df:6d:a5:cf:24:80:e5:f7:70:ed:51:
                    3c:ee:0f:ea:00:c5:86:f2:a9:95:4d:44:a8:0a:8a:
                    7e:e7:8b:70:df:f5:3a:10:1d:50:d4:eb:bc:19:a9:
                    e0:1f:20:72:2c:30:9f:0e:9e:27:a8:9f:b4:d4:6f:
                    6a:4d:a7:ef:96:89:44:c9:e8:f2:83:8d:08:3f:45:
                    59:af:49:d3:7b:1b:91:91:a2:85:f9:2c:4f:50:cb:
                    3f:bd:a1:35:6a:2d:d7:c6:63:eb:f2:b9:f9:05:e3:
                    be:02:6b:7f:ed:27:2d:46:d6:d5:94:0c:83:dd:a9:
                    3e:66:a3:27:3c:4d:3a:0b:e5:41:0e:31:93:61:60:
                    d3:b2:57:f8:02:7f:44:aa:39:af:22:1c:0f:4a:54:
                    17:f8:f2:aa:a9:4f:e7:ec:04:63:98:c7:9d:71:de:
                    d5:4a:d1:d0:33:a1:a6:a2:da:c0:1f:0f:7e:a8:55:
                    9c:1b:9d:de:10:f1:06:15:b3:ca:20:2b:34:56:c3:
                    4a:08:01:02:f8:11:0d:3b:fd:27:fa:7e:b3:0c:23:
                    bc:5d:15:7c:2b:58:50:0d:20:54:ba:c8:af:17:e4:
                    f6:79:b7:3d:0d:de:9b:61:70:7f:b6:8c:7a:e3:27:
                    c9:fd:df:60:46:a2:73:59:e2:b1:3a:f0:83:eb:29:
                    17:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:66:1A:1A:21:9D:50:C8:6D:C0:7A:22:3B:69:08:F5:7C:EC:80:CC
            X509v3 Authority Key Identifier:
                keyid:5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:8f:e9:4b:42:93:96:37:c7:1a:6d:69:9c:18:70:a2:ef:df:
         cb:1e:bf:4e:99:ad:fc:09:b4:c5:1f:5b:64:2a:d0:1c:66:2a:
         d8:4f:55:43:57:23:34:6e:fb:34:d3:55:98:4c:38:21:0a:94:
         8e:bb:61:35:4c:22:23:0a:37:cb:44:81:93:dd:66:75:ac:b4:
         ed:69:96:19:4f:e2:db:c4:eb:cf:6e:58:fa:40:99:66:78:d9:
         8c:ce:5a:3d:15:55:65:75:70:38:52:2b:04:47:20:d9:9f:b0:
         f6:9d:a6:60:10:5f:88:d1:9f:17:e5:02:4c:02:98:6c:61:90:
         96:16:51:b8:22:d0:79:ee:af:99:01:f4:6f:23:da:0a:78:d8:
         2f:f1:6a:70:3b:6e:fe:ba:ad:84:32:67:99:a9:1d:9f:b9:c4:
         92:96:c3:56:e3:9b:31:a5:e6:53:88:93:59:f1:31:af:fc:58:
         7f:5c:45:03:4c:35:13:45:46:2c:22:e5:3a:62:8d:f9:5b:42:
         f2:90:76:a6:c4:64:ef:d2:2c:4c:c8:00:cb:77:9d:71:08:23:
         7b:0f:17:c2:d1:e2:bd:2a:3c:0d:99:c3:b2:22:d2:b2:8d:2b:
         c5:2b:bd:e5:1a:af:b0:e1:8f:8a:3b:53:ab:f9:87:a2:17:16:
         c4:dc:12:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2dP8ek2r7LFXLLkyUvlWCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc1N2JmNTc0NmYyNmEwN2M5MjA4NzAxYjBkNTRiNjli
YzMzNjQwHhcNMjYwNDE3MjEwMTM1WhcNMjYwNDE4MjEwMTM1WjAzMTEwLwYDVQQD
EygwZjY2MWExYTIxOWQ1MGM4NmRjMDdhMjIzYjY5MDhmNTdjZWM4MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ23322lzySA5fdw7VE87g/qAMWG
8qmVTUSoCop+54tw3/U6EB1Q1Ou8GangHyByLDCfDp4nqJ+01G9qTafvlolEyejy
g40IP0VZr0nTexuRkaKF+SxPUMs/vaE1ai3XxmPr8rn5BeO+Amt/7SctRtbVlAyD
3ak+ZqMnPE06C+VBDjGTYWDTslf4An9EqjmvIhwPSlQX+PKqqU/n7ARjmMedcd7V
StHQM6GmotrAHw9+qFWcG53eEPEGFbPKICs0VsNKCAEC+BENO/0n+n6zDCO8XRV8
K1hQDSBUusivF+T2ebc9Dd6bYXB/tox64yfJ/d9gRqJzWeKxOvCD6ykXhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9mGhohnVDIbcB6IjtpCPV87IDMMB8GA1UdIwQY
MBaAFF23V79XRvJqB8kghwGw1UtpvDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMt
M2FiNTJiM2JjYzNiLzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMtM2FiNTJiM2JjYzNi
LzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACI/pS0KT
ljfHGm1pnBhwou/fyx6/Tpmt/Am0xR9bZCrQHGYq2E9VQ1cjNG77NNNVmEw4IQqU
jrthNUwiIwo3y0SBk91mday07WmWGU/i28Trz25Y+kCZZnjZjM5aPRVVZXVwOFIr
BEcg2Z+w9p2mYBBfiNGfF+UCTAKYbGGQlhZRuCLQee6vmQH0byPaCnjYL/FqcDtu
/rqthDJnmakdn7nEkpbDVuObMaXmU4iTWfExr/xYf1xFA0w1E0VGLCLlOmKN+VtC
8pB2psRk79IsTMgAy3edcQgjew8XwtHivSo8DZnDsiLSso0rxSu95RqvsOGPijtT
q/mHohcWxNwSlg==
-----END CERTIFICATE-----