Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
File:                     xrjeVShQrOhfyMDhaFLMc98QFp0.mft (raw, json)
Hash identifier:          XWwOj9PlKsL63bLLY+dkw5dPxEntdpCV57/HIhRnEO0=
Subject key identifier:   4E:69:B1:CA:71:54:02:73:B0:A3:BE:A9:EF:1C:61:B7:E7:01:88:E5
Authority key identifier: C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D
Certificate issuer:       /CN=c6b8de552850ace85fc8c0e16852cc73df10169d
Certificate serial:       019CADFE674183CB908ECE26CFAE6273337E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
Manifest number:          0A1D
Signing time:             Mon 02 Mar 2026 10:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:56 +0000
Files and hashes:         1: xrjeVShQrOhfyMDhaFLMc98QFp0.crl (hash: jzJlJteU1X/41NlB03Xt18ZnvnxU9n8pu7CMZy5jtZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 10:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:67:41:83:cb:90:8e:ce:26:cf:ae:62:73:33:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6b8de552850ace85fc8c0e16852cc73df10169d
        Validity
            Not Before: Mar  2 10:00:56 2026 GMT
            Not After : Mar  3 10:00:56 2026 GMT
        Subject: CN=4e69b1ca71540273b0a3bea9ef1c61b7e70188e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3c:69:f0:31:28:33:37:cc:0c:9b:d9:3f:89:
                    19:92:04:7a:78:e5:93:18:a3:44:69:be:df:48:52:
                    fd:37:15:80:87:7f:64:9e:e0:43:09:3e:d0:6c:1b:
                    6c:56:17:f7:4c:0d:bc:5b:6c:8d:4e:d0:46:12:f0:
                    10:d7:cf:99:7f:f2:4b:3d:02:0a:90:08:0e:eb:2b:
                    19:df:7e:0a:9b:b9:f7:e0:02:e9:80:2a:8c:c1:cf:
                    63:8d:14:8f:70:dc:dc:bf:e5:53:b4:58:56:09:b4:
                    bf:c4:e7:17:0d:12:36:62:c2:3a:37:b8:c4:5d:64:
                    c3:76:41:c1:bf:ce:93:84:90:1e:f2:7f:e8:ff:62:
                    30:d1:f6:c5:07:be:1f:c0:f5:37:b0:8e:8f:69:5d:
                    2b:ac:25:dd:02:27:97:d1:dc:39:26:50:3f:08:7d:
                    4c:9a:4c:51:86:13:a6:3c:86:71:11:4d:ed:ad:7d:
                    aa:90:6b:3f:bc:7f:e3:71:6d:40:dd:e1:c4:16:ce:
                    08:c0:ef:b6:27:c5:2c:73:75:f5:22:09:74:8d:82:
                    28:1b:36:dd:67:40:e1:1e:ec:ce:ed:af:dd:b9:2d:
                    a2:2b:cd:b7:40:44:f7:26:77:b4:41:91:21:c2:a7:
                    59:c3:2f:4c:2e:c7:98:0f:7f:85:b1:ed:55:38:75:
                    65:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:69:B1:CA:71:54:02:73:B0:A3:BE:A9:EF:1C:61:B7:E7:01:88:E5
            X509v3 Authority Key Identifier:
                keyid:C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:d4:25:71:98:84:fb:7e:aa:b0:66:81:71:ec:c0:6a:61:69:
         c3:c7:c5:d0:e9:62:81:d3:8b:0e:94:2c:a6:31:67:6f:c3:9a:
         1b:3b:61:ee:0c:8e:27:6a:c7:ea:ff:e9:62:69:f5:fd:47:21:
         53:ff:0c:6c:46:32:ed:cb:f6:f6:e4:11:a1:29:d4:91:ba:4a:
         b3:43:c8:e1:0d:98:95:01:f2:13:0f:5a:11:a0:80:7d:1c:ec:
         de:11:f2:80:74:f1:64:40:15:ae:11:a4:a3:00:c0:46:e9:8a:
         34:8f:19:77:43:39:65:d4:74:05:c9:72:c8:e9:a6:f1:3f:cd:
         2a:89:99:d7:ca:db:49:e7:ab:7e:0b:4b:0c:08:9c:46:ac:e4:
         1d:8b:77:d4:f1:b4:3b:70:a1:ce:17:23:da:b9:ac:9a:95:1b:
         7a:29:78:45:3f:5a:50:bd:8d:ab:4e:a2:03:ba:74:a3:8a:31:
         1b:77:15:a8:a2:d0:04:a1:ee:55:5d:1f:d9:0d:fc:e9:2e:df:
         55:16:36:e1:c1:77:50:38:d7:38:40:98:44:d0:bd:28:98:54:
         48:5b:5e:ce:89:bf:04:5b:2b:b7:92:e8:8d:fc:42:e4:57:35:
         40:be:a9:98:b8:07:49:e5:52:a9:d4:9e:2c:3f:d6:90:13:12:
         37:76:04:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/mdBg8uQjs4mz65iczN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YjhkZTU1Mjg1MGFjZTg1ZmM4YzBlMTY4NTJjYzczZGYx
MDE2OWQwHhcNMjYwMzAyMTAwMDU2WhcNMjYwMzAzMTAwMDU2WjAzMTEwLwYDVQQD
Eyg0ZTY5YjFjYTcxNTQwMjczYjBhM2JlYTllZjFjNjFiN2U3MDE4OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTxp8DEoMzfMDJvZP4kZkgR6eOWT
GKNEab7fSFL9NxWAh39knuBDCT7QbBtsVhf3TA28W2yNTtBGEvAQ18+Zf/JLPQIK
kAgO6ysZ334Km7n34ALpgCqMwc9jjRSPcNzcv+VTtFhWCbS/xOcXDRI2YsI6N7jE
XWTDdkHBv86ThJAe8n/o/2Iw0fbFB74fwPU3sI6PaV0rrCXdAieX0dw5JlA/CH1M
mkxRhhOmPIZxEU3trX2qkGs/vH/jcW1A3eHEFs4IwO+2J8Usc3X1Igl0jYIoGzbd
Z0DhHuzO7a/duS2iK823QET3Jne0QZEhwqdZwy9MLseYD3+Fse1VOHVlPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5pscpxVAJzsKO+qe8cYbfnAYjlMB8GA1UdIwQY
MBaAFMa43lUoUKzoX8jA4WhSzHPfEBadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMt
ZDI0MGQzNjExMDU4LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMtZDI0MGQzNjExMDU4
LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNQlcZiE
+36qsGaBcezAamFpw8fF0OligdOLDpQspjFnb8OaGzth7gyOJ2rH6v/pYmn1/Uch
U/8MbEYy7cv29uQRoSnUkbpKs0PI4Q2YlQHyEw9aEaCAfRzs3hHygHTxZEAVrhGk
owDARumKNI8Zd0M5ZdR0BclyyOmm8T/NKomZ18rbSeerfgtLDAicRqzkHYt31PG0
O3Chzhcj2rmsmpUbeil4RT9aUL2Nq06iA7p0o4oxG3cVqKLQBKHuVV0f2Q386S7f
VRY24cF3UDjXOECYRNC9KJhUSFtezom/BFsrt5LojfxC5Fc1QL6pmLgHSeVSqdSe
LD/WkBMSN3YECw==
-----END CERTIFICATE-----