Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          paQ0O0yJn3jy0KaM2kpo1X/cxkWHghZzbxaR4B+IB+8=
Subject key identifier:   DC:AD:02:16:63:B4:4D:A4:25:10:A9:BF:3A:80:D8:3E:18:BC:77:41
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       019CAAC6C03323983CDB3959B82418B80DAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          1165
Signing time:             Sun 01 Mar 2026 19:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:17 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: 3LTNSoohgTWMWvU8xxcL3H/ftJbj2LvqJ8tv81YMEKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:c0:33:23:98:3c:db:39:59:b8:24:18:b8:0d:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Mar  1 19:01:17 2026 GMT
            Not After : Mar  2 19:01:17 2026 GMT
        Subject: CN=dcad021663b44da42510a9bf3a80d83e18bc7741
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6e:92:a5:af:01:98:5f:19:73:17:8c:29:b2:
                    1e:77:15:ca:a2:1e:db:3c:cf:7e:db:69:89:38:fb:
                    2f:83:b1:d3:76:eb:06:7a:0e:41:2e:86:24:98:14:
                    67:df:c8:8b:71:7b:a0:e4:07:7c:f5:1b:99:c3:71:
                    0a:66:92:47:df:7f:9f:38:52:7e:c6:4b:d9:ed:a9:
                    e0:89:12:e1:57:3b:5a:01:05:16:ee:f4:69:b6:8c:
                    e5:99:b3:c7:8f:8d:28:30:65:8d:d3:25:7d:91:30:
                    61:d2:ff:17:4d:c6:ae:48:0c:43:9d:4e:be:c9:34:
                    79:e3:81:d9:7b:64:0e:4f:ee:c5:25:d1:6d:be:a0:
                    31:12:a8:cb:ad:ba:e1:0d:b0:c6:3d:8d:81:39:f1:
                    55:4d:3d:54:34:ae:f9:6f:aa:5d:c9:2c:74:43:71:
                    e0:f1:51:ab:09:28:8b:e6:a9:23:f0:28:dd:b3:57:
                    93:6a:53:9f:14:92:3c:17:1d:cc:03:36:60:9f:1c:
                    e7:b1:f0:40:08:29:0f:17:d6:a6:e1:5b:54:24:d4:
                    8a:a3:ec:53:3c:4b:2b:92:e1:d4:b5:46:72:14:75:
                    f2:82:15:0e:50:88:b2:a0:a1:ce:18:92:3e:75:70:
                    7e:bd:70:2d:f9:ab:62:8b:ab:2c:b3:59:27:ce:fd:
                    e0:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:AD:02:16:63:B4:4D:A4:25:10:A9:BF:3A:80:D8:3E:18:BC:77:41
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:3b:44:1d:18:66:c9:b7:bf:99:2a:b8:d9:8f:4c:0a:f1:c2:
         4c:43:a8:f5:e9:0b:38:f4:a0:8f:3a:66:65:38:91:76:92:24:
         4a:4a:8d:41:b9:46:ae:60:3a:9f:2d:d4:4f:e3:0c:59:6e:4b:
         cf:9f:21:fa:e7:2e:25:9d:32:f3:de:1b:0a:30:4f:4f:1d:ad:
         de:16:23:a0:5d:f4:ed:60:f9:8e:c2:38:ae:d0:24:48:52:18:
         5d:de:26:2b:d8:ca:ce:47:0f:39:fd:ca:d4:5c:26:aa:59:4e:
         a4:a1:dc:cf:09:81:15:e7:fa:3e:dd:38:d1:73:94:6b:12:f2:
         60:7d:3e:04:36:c2:e7:88:3a:78:ab:a3:1b:e6:f0:b0:88:da:
         c2:1e:a7:9d:05:ee:a4:6f:8f:37:57:dd:1b:5a:ce:fa:e4:5f:
         8b:19:ed:9c:3c:d1:ad:0c:ab:fb:d1:ac:29:98:b2:3c:da:db:
         4a:23:b3:fd:fd:f7:11:6b:3f:65:23:af:8a:02:00:1f:c7:4f:
         e2:6d:4c:2a:95:b4:1d:81:91:72:b6:24:ac:ed:96:cc:50:36:
         8a:38:29:b5:43:6a:59:fc:61:d0:66:c5:bb:0c:e1:ee:ed:33:
         a7:b2:4b:d5:7b:63:8e:70:f2:13:8e:d2:35:f4:00:27:f2:f9:
         73:6c:9b:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxsAzI5g82zlZuCQYuA2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjYwMzAxMTkwMTE3WhcNMjYwMzAyMTkwMTE3WjAzMTEwLwYDVQQD
EyhkY2FkMDIxNjYzYjQ0ZGE0MjUxMGE5YmYzYTgwZDgzZTE4YmM3NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm6Spa8BmF8ZcxeMKbIedxXKoh7b
PM9+22mJOPsvg7HTdusGeg5BLoYkmBRn38iLcXug5Ad89RuZw3EKZpJH33+fOFJ+
xkvZ7angiRLhVztaAQUW7vRptozlmbPHj40oMGWN0yV9kTBh0v8XTcauSAxDnU6+
yTR544HZe2QOT+7FJdFtvqAxEqjLrbrhDbDGPY2BOfFVTT1UNK75b6pdySx0Q3Hg
8VGrCSiL5qkj8Cjds1eTalOfFJI8Fx3MAzZgnxznsfBACCkPF9am4VtUJNSKo+xT
PEsrkuHUtUZyFHXyghUOUIiyoKHOGJI+dXB+vXAt+atii6sss1knzv3gdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNytAhZjtE2kJRCpvzqA2D4YvHdBMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAijtEHRhm
ybe/mSq42Y9MCvHCTEOo9ekLOPSgjzpmZTiRdpIkSkqNQblGrmA6ny3UT+MMWW5L
z58h+ucuJZ0y894bCjBPTx2t3hYjoF307WD5jsI4rtAkSFIYXd4mK9jKzkcPOf3K
1FwmqllOpKHczwmBFef6Pt040XOUaxLyYH0+BDbC54g6eKujG+bwsIjawh6nnQXu
pG+PN1fdG1rO+uRfixntnDzRrQyr+9GsKZiyPNrbSiOz/f33EWs/ZSOvigIAH8dP
4m1MKpW0HYGRcrYkrO2WzFA2ijgptUNqWfxh0GbFuwzh7u0zp7JL1XtjjnDyE47S
NfQAJ/L5c2ybYw==
-----END CERTIFICATE-----