Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          CCIA1fZyFciITQNqrql/S6Q/gDcNmdS1PrNwxRiHo0A=
Subject key identifier:   21:57:21:18:26:5F:B0:95:6C:64:61:C1:7B:C4:57:28:64:D8:96:7A
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019D9C2C881B6DC5882F27C1F0A3C12BCB43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          1668
Signing time:             Fri 17 Apr 2026 16:00:57 +0000
Manifest this update:     Fri 17 Apr 2026 16:00:57 +0000
Manifest next update:     Sat 18 Apr 2026 16:00:57 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: tIVW3Fzw/eogJGQCYIp1h2jv/eg6zYiziPcbP3e0zVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:2c:88:1b:6d:c5:88:2f:27:c1:f0:a3:c1:2b:cb:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Apr 17 16:00:57 2026 GMT
            Not After : Apr 18 16:00:57 2026 GMT
        Subject: CN=21572118265fb0956c6461c17bc4572864d8967a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:a3:f0:7c:ab:16:95:ea:4f:e3:96:ae:d2:00:
                    50:ad:23:96:ff:96:bb:87:89:f1:02:6c:17:20:92:
                    e4:89:27:a9:10:67:f8:a2:e6:ec:76:47:3c:b7:fe:
                    48:20:45:df:54:00:f2:d6:03:1f:c3:ff:2f:b1:99:
                    13:bd:27:82:b0:c6:bd:41:c6:56:27:d9:ca:95:fa:
                    59:9c:c1:ca:35:10:6a:bd:cd:47:34:cf:14:ec:7f:
                    5f:39:fe:4a:f0:68:a0:fb:08:ad:a0:69:66:b6:6f:
                    4a:1f:b5:d8:c0:cd:0c:88:2f:09:13:23:14:42:7d:
                    37:bb:21:db:9b:11:3b:85:d7:7d:fd:dc:3f:fc:b0:
                    cc:65:e9:1d:1a:a7:4f:c9:29:29:a8:5e:27:63:fa:
                    0e:01:91:6f:88:64:85:24:9f:74:0d:2e:62:37:ca:
                    e3:fd:3a:09:fa:85:f7:40:cc:12:2c:db:57:81:04:
                    4c:03:6e:b9:32:6b:51:8e:0e:d7:f4:43:c4:a4:c6:
                    0a:72:64:da:8d:09:64:3a:a6:04:14:09:a4:01:df:
                    53:5e:e9:fe:44:b4:11:8e:55:7e:ac:db:ea:f0:17:
                    a6:4f:fd:57:8e:46:03:86:44:49:03:79:af:c6:ab:
                    b4:52:f8:33:fc:9d:1d:91:b8:4a:9c:04:38:25:bf:
                    1d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:57:21:18:26:5F:B0:95:6C:64:61:C1:7B:C4:57:28:64:D8:96:7A
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:17:76:57:45:6b:39:2a:c3:16:d1:48:b8:46:01:c7:f7:2d:
         52:cb:99:55:cb:3f:59:29:40:72:2f:19:2a:c5:d3:3c:aa:c0:
         bd:f6:03:ee:7b:f6:55:81:14:a5:c3:10:6c:f2:5f:31:f5:05:
         41:aa:d1:3c:50:99:36:83:28:b4:dd:54:0a:3e:ee:de:1f:16:
         47:d5:97:f8:8f:67:ac:da:8b:65:65:bd:10:4b:20:bd:4b:ff:
         05:aa:4e:5a:ae:9d:e1:04:eb:12:b1:b1:56:b4:24:cb:ed:32:
         2a:ee:42:db:f3:75:5e:41:46:a2:14:09:ff:78:68:56:68:ad:
         16:15:ad:77:c1:b3:c6:38:63:eb:86:0e:37:cd:9b:ac:99:27:
         d2:d1:6c:bb:8b:3e:73:35:f1:ee:af:ea:73:84:9a:4c:85:74:
         e1:65:e9:70:94:5a:45:db:59:be:a7:0b:a3:f9:83:2a:2e:e9:
         a9:2d:88:30:be:48:4f:a2:03:aa:87:ad:38:bc:1d:07:8c:c4:
         bd:3a:e7:4f:62:8d:48:85:58:a5:5f:c5:6b:72:5d:5b:f6:52:
         57:25:51:71:81:3e:0b:84:fa:a7:30:7b:bb:3b:21:b3:62:df:
         f3:8e:ec:54:79:0e:7f:7e:e8:0a:9c:b7:d9:04:5b:4f:44:1a:
         cb:19:8a:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLIgbbcWILyfB8KPBK8tDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjYwNDE3MTYwMDU3WhcNMjYwNDE4MTYwMDU3WjAzMTEwLwYDVQQD
EygyMTU3MjExODI2NWZiMDk1NmM2NDYxYzE3YmM0NTcyODY0ZDg5NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qPwfKsWlepP45au0gBQrSOW/5a7
h4nxAmwXIJLkiSepEGf4oubsdkc8t/5IIEXfVADy1gMfw/8vsZkTvSeCsMa9QcZW
J9nKlfpZnMHKNRBqvc1HNM8U7H9fOf5K8Gig+witoGlmtm9KH7XYwM0MiC8JEyMU
Qn03uyHbmxE7hdd9/dw//LDMZekdGqdPySkpqF4nY/oOAZFviGSFJJ90DS5iN8rj
/ToJ+oX3QMwSLNtXgQRMA265MmtRjg7X9EPEpMYKcmTajQlkOqYEFAmkAd9TXun+
RLQRjlV+rNvq8BemT/1XjkYDhkRJA3mvxqu0Uvgz/J0dkbhKnAQ4Jb8dwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFXIRgmX7CVbGRhwXvEVyhk2JZ6MB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEBd2V0Vr
OSrDFtFIuEYBx/ctUsuZVcs/WSlAci8ZKsXTPKrAvfYD7nv2VYEUpcMQbPJfMfUF
QarRPFCZNoMotN1UCj7u3h8WR9WX+I9nrNqLZWW9EEsgvUv/BapOWq6d4QTrErGx
VrQky+0yKu5C2/N1XkFGohQJ/3hoVmitFhWtd8Gzxjhj64YON82brJkn0tFsu4s+
czXx7q/qc4SaTIV04WXpcJRaRdtZvqcLo/mDKi7pqS2IML5IT6IDqoetOLwdB4zE
vTrnT2KNSIVYpV/Fa3JdW/ZSVyVRcYE+C4T6pzB7uzshs2Lf847sVHkOf37oCpy3
2QRbT0QayxmKvw==
-----END CERTIFICATE-----