Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          SqrAes4r6An8yb9FAahkdbrSZrNhRpACU2ga1GpX7n8=
Subject key identifier:   D5:63:0C:17:77:0B:36:3E:B9:07:62:D1:D1:22:37:CB:98:3B:9B:E7
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       019D97E255C91AF40EBFE72448B5C1AA34BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          156E
Signing time:             Thu 16 Apr 2026 20:01:25 +0000
Manifest this update:     Thu 16 Apr 2026 20:01:25 +0000
Manifest next update:     Fri 17 Apr 2026 20:01:25 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: oowHGFr4U2ulwLXq7lEQf0PebZJXz+8/rClTIi86PFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e2:55:c9:1a:f4:0e:bf:e7:24:48:b5:c1:aa:34:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Apr 16 20:01:25 2026 GMT
            Not After : Apr 17 20:01:25 2026 GMT
        Subject: CN=d5630c17770b363eb90762d1d12237cb983b9be7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:be:4f:9e:59:2c:0f:6f:47:07:09:f7:ae:97:
                    30:9e:a0:4b:9d:74:ff:24:aa:f9:ee:16:28:45:53:
                    74:c1:d9:44:2a:bc:6d:0a:13:e0:49:47:08:80:56:
                    ef:76:2f:fd:24:da:32:91:b5:32:b7:b8:d7:6b:ec:
                    3d:2b:81:41:aa:b4:e8:c4:92:04:2c:35:8a:f3:66:
                    b2:60:58:46:66:b6:7c:60:a8:ee:80:60:4f:20:a5:
                    1c:c2:39:33:31:16:bb:eb:3c:f2:b8:52:33:4a:ed:
                    70:2c:c5:22:d8:8d:86:59:79:9f:0a:59:62:0f:f2:
                    00:0b:5d:65:af:ad:91:c1:25:0a:d3:67:83:a6:f2:
                    a9:9d:63:7d:f1:83:c1:91:bb:15:5d:fa:1b:12:15:
                    99:3e:4b:dc:57:5f:98:86:88:3a:47:f3:7b:23:63:
                    a2:6f:31:f1:e8:bc:e9:23:68:b3:e9:80:5e:56:47:
                    51:4c:d7:66:66:51:c3:c0:19:be:4f:07:1c:1a:d3:
                    16:06:8d:86:72:44:23:e7:7f:f7:3a:95:4b:af:e2:
                    5b:ab:e8:91:38:5f:15:55:0b:e6:6e:f1:49:b6:27:
                    71:28:a6:36:e3:93:bf:2c:0a:de:cc:39:7c:fe:4a:
                    9d:fd:6f:72:83:cd:7e:88:d7:28:9f:2d:32:92:82:
                    ac:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:63:0C:17:77:0B:36:3E:B9:07:62:D1:D1:22:37:CB:98:3B:9B:E7
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:ab:bc:33:40:40:a9:e4:ac:36:f9:4b:2e:02:a6:20:72:6f:
         a6:28:da:bd:42:81:9f:25:fa:03:2f:97:cc:39:3d:70:7c:6a:
         b9:c7:a1:da:f4:1f:da:97:1b:8c:56:97:55:11:7d:c0:87:42:
         fe:3e:0c:45:81:bc:55:16:1a:c7:29:9e:06:ee:dc:6b:e6:f6:
         93:e1:31:12:b8:31:d7:73:6f:f2:80:15:03:f6:95:46:6a:b7:
         73:23:00:75:9c:0d:6e:29:09:e3:d6:7c:ff:a0:32:1a:b6:4c:
         70:87:85:82:35:7a:b5:9e:ae:ec:1f:81:c7:87:7f:2c:0c:97:
         d5:dd:64:8b:b8:d5:93:a3:06:63:f0:35:a1:8c:18:bb:9b:97:
         9c:62:5e:a6:b4:62:6a:1a:45:8c:a7:35:69:a7:2f:1f:6b:e5:
         74:a9:df:02:ea:f7:f4:a8:5a:8d:eb:df:7c:4c:2d:45:79:b6:
         8a:cb:c0:14:35:7b:36:ad:a5:c5:7c:56:b2:d1:51:4f:eb:38:
         67:dd:8f:75:64:68:c2:1f:ed:49:ef:89:31:fe:a4:6e:4e:f1:
         8c:81:db:b4:6a:e1:fd:1b:0d:a2:fc:ca:2d:68:20:35:34:51:
         04:1c:06:e8:50:03:0c:c3:f3:90:c1:47:00:4c:09:1d:34:5c:
         cf:64:28:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4lXJGvQOv+ckSLXBqjS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjYwNDE2MjAwMTI1WhcNMjYwNDE3MjAwMTI1WjAzMTEwLwYDVQQD
EyhkNTYzMGMxNzc3MGIzNjNlYjkwNzYyZDFkMTIyMzdjYjk4M2I5YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb5PnlksD29HBwn3rpcwnqBLnXT/
JKr57hYoRVN0wdlEKrxtChPgSUcIgFbvdi/9JNoykbUyt7jXa+w9K4FBqrToxJIE
LDWK82ayYFhGZrZ8YKjugGBPIKUcwjkzMRa76zzyuFIzSu1wLMUi2I2GWXmfClli
D/IAC11lr62RwSUK02eDpvKpnWN98YPBkbsVXfobEhWZPkvcV1+Yhog6R/N7I2Oi
bzHx6LzpI2iz6YBeVkdRTNdmZlHDwBm+TwccGtMWBo2GckQj53/3OpVLr+Jbq+iR
OF8VVQvmbvFJtidxKKY245O/LArezDl8/kqd/W9yg81+iNcony0ykoKsjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVjDBd3CzY+uQdi0dEiN8uYO5vnMB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKu8M0BA
qeSsNvlLLgKmIHJvpijavUKBnyX6Ay+XzDk9cHxquceh2vQf2pcbjFaXVRF9wIdC
/j4MRYG8VRYaxymeBu7ca+b2k+ExErgx13Nv8oAVA/aVRmq3cyMAdZwNbikJ49Z8
/6AyGrZMcIeFgjV6tZ6u7B+Bx4d/LAyX1d1ki7jVk6MGY/A1oYwYu5uXnGJeprRi
ahpFjKc1aacvH2vldKnfAur39KhajevffEwtRXm2isvAFDV7Nq2lxXxWstFRT+s4
Z92PdWRowh/tSe+JMf6kbk7xjIHbtGrh/RsNovzKLWggNTRRBBwG6FADDMPzkMFH
AEwJHTRcz2QomA==
-----END CERTIFICATE-----