Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          qOpkMWtrkWSdER4z3XaFhorErMfdHnBrNMx6Q6IRB04=
Subject key identifier:   53:19:54:09:D8:34:FE:B0:28:7F:F9:0B:1C:A3:AF:59:4A:E4:9E:37
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019D9B877C350BCFEB558391814F76A575C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          066C
Signing time:             Fri 17 Apr 2026 13:00:40 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:40 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:40 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: neoWDauHm/AmKsopVDlLnwDMxi5qD4raaP5V2uSNLJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:7c:35:0b:cf:eb:55:83:91:81:4f:76:a5:75:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Apr 17 13:00:40 2026 GMT
            Not After : Apr 18 13:00:40 2026 GMT
        Subject: CN=53195409d834feb0287ff90b1ca3af594ae49e37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:84:d8:56:66:0d:19:4b:67:4b:5c:2c:45:ff:
                    4a:8e:e6:8f:46:98:28:7d:03:98:f3:b8:06:4f:39:
                    e7:55:52:cd:96:3e:ab:f3:2e:4c:28:a4:69:62:6f:
                    be:07:06:73:b4:7c:78:95:2a:b8:fa:18:a2:cd:11:
                    89:7c:de:85:cb:e6:2b:ca:06:37:91:74:ed:63:22:
                    75:3b:a4:8a:0d:6b:95:23:92:a9:da:4c:f2:63:ea:
                    f2:f1:fa:ef:fb:19:cd:f4:27:df:96:60:45:77:2e:
                    53:9e:83:6c:5e:1e:e0:a6:a0:58:df:7b:fe:37:b1:
                    0a:d9:30:ea:2d:d2:35:fc:de:9a:fc:4f:5a:4c:f3:
                    4f:a1:5f:2e:bf:cc:6b:b2:a9:91:22:30:5b:1f:05:
                    4b:e9:24:62:29:40:65:1c:3b:41:c8:3a:11:4c:a0:
                    ab:e7:55:23:86:c0:6d:18:8b:8b:d3:c9:97:52:a6:
                    d2:c9:d4:26:41:16:9a:3d:1a:6a:97:2b:2b:2c:28:
                    94:49:f0:7d:b1:8c:26:c0:a3:f2:27:bf:0b:29:d0:
                    93:54:6e:ce:1c:98:01:84:a2:a4:c3:17:12:6c:7b:
                    ac:cf:62:22:e1:93:b1:13:09:62:ca:04:b9:91:4e:
                    96:41:22:18:4b:dd:9c:bd:57:1b:bd:ca:dd:78:c2:
                    8c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:19:54:09:D8:34:FE:B0:28:7F:F9:0B:1C:A3:AF:59:4A:E4:9E:37
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:c4:5f:92:19:d4:07:ce:f5:86:e6:88:3c:36:e8:05:b3:4e:
         ce:6c:9b:ce:6c:6e:84:ae:98:f7:c1:8a:3a:4d:2a:b6:8f:bc:
         5a:6f:a9:5b:fd:43:f6:71:e2:fc:ee:db:83:65:cc:12:92:51:
         f1:cd:b2:a9:be:ac:b4:54:5a:16:5e:68:2e:c4:f3:24:d4:d4:
         4d:1b:35:40:82:10:1a:b4:0a:19:5f:1e:33:25:96:32:a0:b7:
         30:a6:d4:17:b6:7a:4c:3f:47:de:cd:ef:d2:d8:36:2a:96:a5:
         55:a7:13:d9:df:2c:76:0e:15:e9:79:4d:24:3d:08:5c:21:5e:
         87:c4:4a:4d:ee:87:c1:61:ba:9e:44:b0:52:cf:f8:3c:b3:5b:
         07:92:34:f5:ae:11:1b:42:28:56:d5:c5:22:c4:77:6a:cb:e6:
         12:ca:ae:fd:18:00:f2:37:97:0d:5a:bf:d1:5b:c0:67:48:07:
         2a:10:9f:af:97:63:2e:d1:ed:81:2b:20:0d:bd:1a:8f:18:62:
         bd:6b:4c:6e:fc:f6:e9:9c:83:09:60:f9:c7:85:ad:5f:2d:c6:
         e5:1e:da:4f:aa:80:18:05:7b:90:6d:5a:39:e2:b0:19:b7:c4:
         8e:ed:39:fd:cf:c0:49:05:ef:db:4c:cc:ca:8d:ef:5e:e8:4b:
         1e:29:7f:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh3w1C8/rVYORgU92pXXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjYwNDE3MTMwMDQwWhcNMjYwNDE4MTMwMDQwWjAzMTEwLwYDVQQD
Eyg1MzE5NTQwOWQ4MzRmZWIwMjg3ZmY5MGIxY2EzYWY1OTRhZTQ5ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4TYVmYNGUtnS1wsRf9KjuaPRpgo
fQOY87gGTznnVVLNlj6r8y5MKKRpYm++BwZztHx4lSq4+hiizRGJfN6Fy+YrygY3
kXTtYyJ1O6SKDWuVI5Kp2kzyY+ry8frv+xnN9CfflmBFdy5TnoNsXh7gpqBY33v+
N7EK2TDqLdI1/N6a/E9aTPNPoV8uv8xrsqmRIjBbHwVL6SRiKUBlHDtByDoRTKCr
51UjhsBtGIuL08mXUqbSydQmQRaaPRpqlysrLCiUSfB9sYwmwKPyJ78LKdCTVG7O
HJgBhKKkwxcSbHusz2Ii4ZOxEwliygS5kU6WQSIYS92cvVcbvcrdeMKMkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMZVAnYNP6wKH/5Cxyjr1lK5J43MB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAksRfkhnU
B871huaIPDboBbNOzmybzmxuhK6Y98GKOk0qto+8Wm+pW/1D9nHi/O7bg2XMEpJR
8c2yqb6stFRaFl5oLsTzJNTUTRs1QIIQGrQKGV8eMyWWMqC3MKbUF7Z6TD9H3s3v
0tg2KpalVacT2d8sdg4V6XlNJD0IXCFeh8RKTe6HwWG6nkSwUs/4PLNbB5I09a4R
G0IoVtXFIsR3asvmEsqu/RgA8jeXDVq/0VvAZ0gHKhCfr5djLtHtgSsgDb0ajxhi
vWtMbvz26ZyDCWD5x4WtXy3G5R7aT6qAGAV7kG1aOeKwGbfEju05/c/ASQXv20zM
yo3vXuhLHil/Sg==
-----END CERTIFICATE-----