Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File:                     XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier:          CVaQ36onW5MPlus045xlVI/fudoSX+7t8GnfYjtgk9U=
Subject key identifier:   28:A2:9E:0E:FD:C5:34:92:92:E7:4E:21:6F:D0:6F:71:5E:80:FA:AF
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer:       /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial:       019CADFE8B5C61E8228EAB1EC26F86246FD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number:          091C
Signing time:             Mon 02 Mar 2026 10:01:06 +0000
Manifest this update:     Mon 02 Mar 2026 10:01:06 +0000
Manifest next update:     Tue 03 Mar 2026 10:01:06 +0000
Files and hashes:         1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: pLmpwApu5ZiSWuxAhvLkawYmDV5uiQwPU30rbtn/hNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 10:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:8b:5c:61:e8:22:8e:ab:1e:c2:6f:86:24:6f:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
        Validity
            Not Before: Mar  2 10:01:06 2026 GMT
            Not After : Mar  3 10:01:06 2026 GMT
        Subject: CN=28a29e0efdc5349292e74e216fd06f715e80faaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:1c:b6:13:f3:14:32:f2:41:29:5c:43:07:62:
                    9d:35:f9:28:e1:9f:23:7c:b1:45:ca:ff:ba:82:3d:
                    90:98:8f:43:b7:21:59:a9:bb:2b:66:94:f4:f1:32:
                    e0:11:5e:c3:0f:f2:0b:19:8a:6a:3c:47:aa:68:41:
                    b0:c2:29:f4:18:50:f2:9c:9a:7f:dd:1d:b3:a7:10:
                    09:91:82:78:2c:1a:bf:43:90:66:c5:c5:ea:1f:eb:
                    e7:a0:36:a7:f5:7a:1a:85:d6:47:93:a1:1e:d9:96:
                    c9:1a:22:61:c1:5f:91:7d:94:8f:a3:50:b8:0f:95:
                    30:56:48:7a:0f:a0:1b:be:90:0c:3b:cf:aa:fe:a8:
                    24:a1:0e:bb:38:37:5a:24:66:2a:77:c9:d3:34:1a:
                    c2:9f:6b:b1:d7:cf:24:b4:c4:fb:7e:19:33:2e:34:
                    a5:67:08:e1:e7:c0:12:12:32:1b:ec:12:a1:5e:0b:
                    60:e0:a4:1a:4b:d1:5e:d9:97:f2:dc:b1:c8:03:03:
                    34:19:4f:ab:68:08:c8:2b:98:ab:05:83:93:06:b3:
                    ca:07:34:7a:68:bc:34:a8:a9:48:e1:55:1a:00:3a:
                    8f:bd:61:2d:26:30:87:18:ae:a0:c8:8c:36:86:c6:
                    35:14:5f:46:96:ed:ae:fa:d0:3c:44:3c:0d:55:8f:
                    ff:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A2:9E:0E:FD:C5:34:92:92:E7:4E:21:6F:D0:6F:71:5E:80:FA:AF
            X509v3 Authority Key Identifier:
                keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:0b:ef:4f:7f:16:cb:c9:0e:0e:1f:b7:35:10:7d:91:f0:ad:
         bb:db:ba:be:12:60:0e:a8:99:63:59:92:6d:41:79:35:87:d2:
         e4:f8:66:65:29:6d:90:70:3f:a5:1b:07:1d:90:6c:13:00:ff:
         42:74:a1:05:14:1e:f8:47:71:2e:1e:da:5a:74:0b:1f:bc:f2:
         1e:33:c9:5e:77:09:30:2d:50:23:5e:6d:e9:40:89:e6:51:33:
         63:5f:fe:e7:e5:b5:6c:f1:8e:68:d6:93:2b:90:63:b2:23:d3:
         a2:9e:69:80:18:9c:c2:a8:33:43:e7:bd:fe:fa:50:39:a9:87:
         8a:d2:c6:62:2e:9a:6d:a8:b3:6e:a3:c1:df:73:ef:10:a5:0a:
         6e:b4:bd:2a:73:33:18:13:70:7c:37:8c:be:3f:c7:f7:ea:42:
         86:31:25:2d:aa:3b:c8:87:39:c2:99:6f:f3:81:47:bd:d6:e4:
         3e:60:a9:9d:f5:c3:fc:a2:46:cb:66:52:d1:c9:f4:30:c5:44:
         ae:79:d2:9f:ae:47:05:cf:ca:b0:f9:e0:f9:b7:4d:b1:3b:cd:
         00:51:a7:d5:44:9c:f0:5d:1e:ea:2b:2c:0f:99:4f:18:54:90:
         3b:e2:89:99:13:f1:7c:55:58:03:5f:de:7c:e7:57:fc:1c:50:
         62:59:e2:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/otcYegijqsewm+GJG/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjYwMzAyMTAwMTA2WhcNMjYwMzAzMTAwMTA2WjAzMTEwLwYDVQQD
EygyOGEyOWUwZWZkYzUzNDkyOTJlNzRlMjE2ZmQwNmY3MTVlODBmYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xy2E/MUMvJBKVxDB2KdNfko4Z8j
fLFFyv+6gj2QmI9DtyFZqbsrZpT08TLgEV7DD/ILGYpqPEeqaEGwwin0GFDynJp/
3R2zpxAJkYJ4LBq/Q5BmxcXqH+vnoDan9XoahdZHk6Ee2ZbJGiJhwV+RfZSPo1C4
D5UwVkh6D6AbvpAMO8+q/qgkoQ67ODdaJGYqd8nTNBrCn2ux188ktMT7fhkzLjSl
Zwjh58ASEjIb7BKhXgtg4KQaS9Fe2Zfy3LHIAwM0GU+raAjIK5irBYOTBrPKBzR6
aLw0qKlI4VUaADqPvWEtJjCHGK6gyIw2hsY1FF9Glu2u+tA8RDwNVY//nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiing79xTSSkudOIW/Qb3FegPqvMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwAvvT38W
y8kODh+3NRB9kfCtu9u6vhJgDqiZY1mSbUF5NYfS5PhmZSltkHA/pRsHHZBsEwD/
QnShBRQe+EdxLh7aWnQLH7zyHjPJXncJMC1QI15t6UCJ5lEzY1/+5+W1bPGOaNaT
K5BjsiPTop5pgBicwqgzQ+e9/vpQOamHitLGYi6abaizbqPB33PvEKUKbrS9KnMz
GBNwfDeMvj/H9+pChjElLao7yIc5wplv84FHvdbkPmCpnfXD/KJGy2ZS0cn0MMVE
rnnSn65HBc/KsPng+bdNsTvNAFGn1USc8F0e6issD5lPGFSQO+KJmRPxfFVYA1/e
fOdX/BxQYlnicQ==
-----END CERTIFICATE-----