Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          /4gv2Uh9x1q1E0FGytKvhjcSnblqv9WeQ7CR5pWvdGQ=
Subject key identifier:   1C:26:84:D9:A3:43:82:79:F2:88:AE:73:DB:7B:77:C3:E1:91:8B:DF
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019EBE7F7AB631B5A0511EA552FB9DC8D8D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          128A
Signing time:             Sat 13 Jun 2026 01:01:25 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:25 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:25 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: DUL9G5o0DWayClPROXW6PCLNXbggPlcBicKsHOHwXXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:7a:b6:31:b5:a0:51:1e:a5:52:fb:9d:c8:d8:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Jun 13 01:01:25 2026 GMT
            Not After : Jun 14 01:01:25 2026 GMT
        Subject: CN=1c2684d9a3438279f288ae73db7b77c3e1918bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:ce:93:e6:19:03:03:3d:e3:80:f1:46:3c:a2:
                    09:fd:e6:41:4a:d3:97:6b:06:a8:b5:b3:2b:54:d5:
                    56:bf:22:1a:98:24:e9:18:1d:28:40:45:6a:5f:e2:
                    10:d1:ce:b1:fa:70:6d:95:f7:ae:36:e9:b1:52:d7:
                    c6:b5:bd:40:1d:18:0d:f7:d3:ba:f2:cc:e0:b4:33:
                    f6:eb:e9:18:e1:10:5f:fe:46:3e:42:1d:ab:fb:d9:
                    7c:f4:70:1e:f4:64:3b:64:cc:d1:87:57:1d:1c:7c:
                    be:76:15:0c:65:f7:ea:e0:21:d7:83:13:f7:59:62:
                    8a:21:4a:53:04:9f:89:53:e9:1c:2c:8b:aa:19:ec:
                    2d:bf:49:01:74:a7:ad:b3:03:70:b5:cc:db:0b:76:
                    b6:5c:18:d6:cd:cb:da:0a:96:98:93:1e:03:c7:19:
                    e6:60:8b:09:d8:df:52:cc:ca:7b:6e:ad:1e:e3:ad:
                    86:33:01:27:e4:83:2d:77:7d:62:d2:fd:c7:dc:08:
                    b4:d5:65:98:01:2c:0e:47:4d:92:0c:60:f8:14:e0:
                    dd:0c:7c:84:76:f5:98:e0:25:89:b2:4f:7f:67:86:
                    47:2b:43:50:62:09:8b:89:90:fe:3e:4f:52:e0:48:
                    0f:3a:4c:58:9c:32:d8:43:77:59:ad:62:57:f6:bc:
                    8e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:26:84:D9:A3:43:82:79:F2:88:AE:73:DB:7B:77:C3:E1:91:8B:DF
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:e6:5f:ad:93:6d:8a:8c:33:50:aa:62:07:18:c2:17:5f:9d:
         5f:19:82:60:b3:23:fd:7f:62:ca:6e:b4:88:e2:fc:19:53:b8:
         b0:48:71:d9:73:3e:3a:01:73:86:01:da:d1:94:1a:08:42:59:
         50:39:29:f7:cc:c5:1c:b5:f2:53:48:ae:23:73:cc:c0:5f:26:
         f6:12:64:92:00:22:81:42:d7:3e:7e:4d:55:71:62:4a:73:d3:
         11:93:ff:8f:98:2c:c2:ad:a8:e1:c6:76:de:d7:30:13:4d:b3:
         88:cf:77:44:d8:8a:db:be:67:65:29:e7:6b:c8:49:0d:71:dc:
         32:39:0b:be:52:7a:43:2f:80:b2:6a:0f:b6:bc:99:44:47:f1:
         b6:d4:82:46:85:51:28:28:5c:ad:79:1e:d0:54:e3:67:86:fc:
         7b:1a:59:95:c4:70:5a:89:88:bc:3a:8a:21:bc:a2:99:75:85:
         d8:f5:57:08:97:a3:b5:10:c2:05:1a:2a:d4:a9:ba:83:9a:36:
         ca:e2:00:49:44:9a:46:ff:d0:f7:0e:84:b1:96:e9:d1:0e:ea:
         c4:6d:85:ff:b7:4c:80:c2:5a:c1:13:95:c4:c3:0b:e8:0c:53:
         29:0b:e3:9f:68:b9:3a:5b:7a:a2:e9:09:57:5c:0c:1a:06:6c:
         ab:83:8b:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f3q2MbWgUR6lUvudyNjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwNjEzMDEwMTI1WhcNMjYwNjE0MDEwMTI1WjAzMTEwLwYDVQQD
EygxYzI2ODRkOWEzNDM4Mjc5ZjI4OGFlNzNkYjdiNzdjM2UxOTE4YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8s6T5hkDAz3jgPFGPKIJ/eZBStOX
awaotbMrVNVWvyIamCTpGB0oQEVqX+IQ0c6x+nBtlfeuNumxUtfGtb1AHRgN99O6
8szgtDP26+kY4RBf/kY+Qh2r+9l89HAe9GQ7ZMzRh1cdHHy+dhUMZffq4CHXgxP3
WWKKIUpTBJ+JU+kcLIuqGewtv0kBdKetswNwtczbC3a2XBjWzcvaCpaYkx4Dxxnm
YIsJ2N9SzMp7bq0e462GMwEn5IMtd31i0v3H3Ai01WWYASwOR02SDGD4FODdDHyE
dvWY4CWJsk9/Z4ZHK0NQYgmLiZD+Pk9S4EgPOkxYnDLYQ3dZrWJX9ryOVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwmhNmjQ4J58oiuc9t7d8PhkYvfMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYeZfrZNt
iowzUKpiBxjCF1+dXxmCYLMj/X9iym60iOL8GVO4sEhx2XM+OgFzhgHa0ZQaCEJZ
UDkp98zFHLXyU0iuI3PMwF8m9hJkkgAigULXPn5NVXFiSnPTEZP/j5gswq2o4cZ2
3tcwE02ziM93RNiK275nZSnna8hJDXHcMjkLvlJ6Qy+AsmoPtryZREfxttSCRoVR
KChcrXke0FTjZ4b8expZlcRwWomIvDqKIbyimXWF2PVXCJejtRDCBRoq1Km6g5o2
yuIASUSaRv/Q9w6EsZbp0Q7qxG2F/7dMgMJawROVxMML6AxTKQvjn2i5Olt6oukJ
V1wMGgZsq4OLdg==
-----END CERTIFICATE-----