Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          fFRTNcuVMEMeMqEX/JgqrphfHxZAx62yVwc2lQvtGJ0=
Subject key identifier:   25:30:7D:86:E2:D3:71:96:AE:9C:19:B4:5C:AA:93:A5:B8:A7:3B:5F
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019CAA8F98A67B3055BC61E7B6298B36BEFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 18:01:03 +0000
Manifest this update:     Sun 01 Mar 2026 18:01:03 +0000
Manifest next update:     Mon 02 Mar 2026 18:01:03 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: 4Oxg9eg7KT0greEN2iIFyvpTPO4dvHxg2xMcm8X6TPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:98:a6:7b:30:55:bc:61:e7:b6:29:8b:36:be:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Mar  1 18:01:03 2026 GMT
            Not After : Mar  2 18:01:03 2026 GMT
        Subject: CN=25307d86e2d37196ae9c19b45caa93a5b8a73b5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:db:80:8a:c8:0c:97:87:c0:6c:d9:59:2b:ee:
                    6d:f2:f1:1e:d1:a5:2e:7a:0b:45:09:17:79:66:a9:
                    86:f6:02:2f:4e:59:b9:64:e7:cb:58:a2:6c:0f:7b:
                    56:e9:1f:56:6b:c2:bf:8d:63:c3:32:00:7c:ef:14:
                    45:cc:32:0d:62:4d:7f:8e:0a:e8:86:44:a7:4a:c1:
                    f3:36:c1:53:b1:c0:86:64:d7:2e:d1:79:d0:6a:22:
                    1d:b3:8b:08:d8:cd:0b:71:ab:be:fb:c4:1d:12:e8:
                    d6:b1:65:e3:1e:db:9c:c2:bc:53:3f:6c:8d:83:5f:
                    23:a8:44:f7:d2:c2:6f:0e:9a:a7:a4:ad:c6:3e:d0:
                    18:c7:1c:66:6f:7d:c6:5b:3f:72:5c:4d:84:f3:83:
                    7f:58:76:e6:8e:2c:f1:0a:3a:11:ba:b7:11:05:a3:
                    69:4f:af:1b:8c:6b:0a:0f:db:51:a4:07:6f:5b:ea:
                    d7:ef:40:4a:fc:21:a1:1f:c1:7a:80:6a:01:02:3c:
                    73:de:1b:46:26:2e:e4:45:b6:93:6e:25:5d:2b:9c:
                    01:b2:dc:e1:90:81:27:4c:da:f9:7b:b7:72:67:5a:
                    33:00:3a:55:b3:f5:e4:cb:62:f3:af:41:ac:bf:74:
                    8a:f9:bd:e7:9b:09:44:71:f7:f1:0c:16:f8:4f:6c:
                    5c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:30:7D:86:E2:D3:71:96:AE:9C:19:B4:5C:AA:93:A5:B8:A7:3B:5F
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:1b:6b:0a:fa:4f:53:47:e7:ef:f0:e1:0e:75:de:d7:97:68:
         f8:bc:fb:ce:6e:36:4c:a2:28:c3:1d:70:34:cb:af:15:92:f4:
         fc:27:07:ec:2b:46:30:da:80:70:a9:7a:7c:35:75:e2:c0:6c:
         c2:20:d6:5d:c1:db:51:e3:c4:c0:9b:8d:d9:ae:90:0c:61:5a:
         21:3a:32:6b:f9:b7:9b:c4:24:5a:9b:f4:ba:c1:e5:6e:89:4d:
         4f:31:ca:38:3f:16:c2:63:6a:95:17:db:57:e0:a7:f0:70:30:
         77:02:79:e0:28:0a:3f:25:4c:79:90:56:07:9e:ee:8d:f3:3f:
         a9:59:b2:ef:a4:3c:7f:ea:fd:a4:de:8d:66:40:67:30:96:c3:
         34:05:53:73:30:35:fb:db:32:eb:91:b1:2d:57:36:35:ee:81:
         7f:b6:72:26:67:bb:80:da:1e:cb:e3:39:f1:60:aa:94:2d:83:
         16:0f:b6:1c:85:04:41:19:7c:05:e9:df:83:2e:93:3e:30:b0:
         e8:6e:c3:4e:fe:14:01:cb:1e:58:2a:54:4f:e6:66:82:3f:15:
         eb:50:02:e9:33:a4:a0:cd:87:d7:e5:8f:2d:02:0a:c5:2f:cb:
         20:7e:16:1e:2f:6b:66:00:76:75:ec:c7:01:27:d2:29:cf:88:
         22:a4:e5:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj5imezBVvGHntimLNr7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjYwMzAxMTgwMTAzWhcNMjYwMzAyMTgwMTAzWjAzMTEwLwYDVQQD
EygyNTMwN2Q4NmUyZDM3MTk2YWU5YzE5YjQ1Y2FhOTNhNWI4YTczYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNuAisgMl4fAbNlZK+5t8vEe0aUu
egtFCRd5ZqmG9gIvTlm5ZOfLWKJsD3tW6R9Wa8K/jWPDMgB87xRFzDINYk1/jgro
hkSnSsHzNsFTscCGZNcu0XnQaiIds4sI2M0Lcau++8QdEujWsWXjHtucwrxTP2yN
g18jqET30sJvDpqnpK3GPtAYxxxmb33GWz9yXE2E84N/WHbmjizxCjoRurcRBaNp
T68bjGsKD9tRpAdvW+rX70BK/CGhH8F6gGoBAjxz3htGJi7kRbaTbiVdK5wBstzh
kIEnTNr5e7dyZ1ozADpVs/Xky2Lzr0Gsv3SK+b3nmwlEcffxDBb4T2xcCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUwfYbi03GWrpwZtFyqk6W4pztfMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAhtrCvpP
U0fn7/DhDnXe15do+Lz7zm42TKIowx1wNMuvFZL0/CcH7CtGMNqAcKl6fDV14sBs
wiDWXcHbUePEwJuN2a6QDGFaIToya/m3m8QkWpv0usHlbolNTzHKOD8WwmNqlRfb
V+Cn8HAwdwJ54CgKPyVMeZBWB57ujfM/qVmy76Q8f+r9pN6NZkBnMJbDNAVTczA1
+9sy65GxLVc2Ne6Bf7ZyJme7gNoey+M58WCqlC2DFg+2HIUEQRl8Benfgy6TPjCw
6G7DTv4UAcseWCpUT+Zmgj8V61AC6TOkoM2H1+WPLQIKxS/LIH4WHi9rZgB2dezH
ASfSKc+IIqTlJQ==
-----END CERTIFICATE-----