Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          yOb9nquVJ58xtXPNjV0xrGhnRfHbZpzMLKVSORkKjXE=
Subject key identifier:   5D:B1:41:E9:8C:F2:D0:5F:41:9C:4F:94:4D:53:5E:25:3F:A5:7C:F7
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019DA41C9591B176A99A5C4B83AA1E010A59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          05DB
Signing time:             Sun 19 Apr 2026 05:00:29 +0000
Manifest this update:     Sun 19 Apr 2026 05:00:29 +0000
Manifest next update:     Mon 20 Apr 2026 05:00:29 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: WifzcQn1n85WlwLY3HPtbNOv8sPIaP9WLwpr3Xx6fpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:1c:95:91:b1:76:a9:9a:5c:4b:83:aa:1e:01:0a:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Apr 19 05:00:29 2026 GMT
            Not After : Apr 20 05:00:29 2026 GMT
        Subject: CN=5db141e98cf2d05f419c4f944d535e253fa57cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:18:3e:14:6b:3c:45:2d:7e:c3:a4:ed:dd:40:
                    a1:f7:3f:45:d2:62:26:03:0c:65:0d:49:75:8f:f1:
                    0f:5a:a7:c5:8e:0d:49:cc:81:c6:b9:fb:13:5a:67:
                    e5:64:ca:1e:97:55:e3:1a:a2:b6:7a:92:63:dc:92:
                    38:25:03:db:92:f4:c7:e7:0c:b6:1d:2b:00:c5:7d:
                    31:f5:56:61:63:de:6e:0b:fc:2d:b9:5a:57:d9:dc:
                    36:cf:1c:78:16:ed:26:3a:64:2f:8d:8b:95:c8:bc:
                    df:04:ea:3c:54:88:89:50:30:b2:c5:b2:15:c0:b4:
                    45:72:c6:a5:f6:c6:c1:f1:0d:55:ac:e0:99:c7:ef:
                    f7:69:05:28:b5:a6:3e:ce:ee:90:92:66:de:f5:99:
                    af:17:fa:b0:9a:21:47:ec:91:4e:2e:50:25:11:d4:
                    7e:62:35:25:c6:15:04:e3:23:de:03:98:aa:7a:9c:
                    41:c5:7c:53:6a:2a:4e:68:ec:f2:e9:5a:52:16:94:
                    03:f3:d6:2a:db:a5:b7:6c:43:f9:a1:bf:89:2b:e9:
                    51:ef:95:51:c2:3d:71:57:c7:74:b6:e7:cb:b8:1e:
                    7d:77:25:9d:6c:0e:5f:fd:e7:06:b9:96:7a:40:b4:
                    82:3b:c1:5c:c8:78:71:13:ad:ae:d5:d4:c4:26:52:
                    e3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:B1:41:E9:8C:F2:D0:5F:41:9C:4F:94:4D:53:5E:25:3F:A5:7C:F7
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:62:b3:16:15:6e:19:f4:dc:e8:e7:14:cd:06:ec:c8:6b:d0:
         52:2a:9a:f5:fd:44:19:ce:6f:7d:12:4f:52:d1:22:00:27:09:
         8a:07:4d:65:83:ac:6f:4a:8b:2d:94:bf:c9:59:c2:ea:2f:57:
         bc:cc:0c:52:8b:80:a5:18:f0:62:73:13:15:8c:59:6b:64:b0:
         4d:e0:6d:6b:c1:f5:56:bc:d2:e9:47:97:9b:73:f1:5e:b3:0f:
         f1:1f:12:8b:7c:44:c3:0c:28:4a:92:91:ca:cc:3c:a0:62:45:
         c6:9f:47:cf:46:87:8f:c5:22:e0:41:90:db:53:fd:3a:2c:bd:
         7b:75:c2:a2:52:ce:a5:c8:1c:57:64:a5:bd:28:98:90:3c:bc:
         3e:bb:03:30:a2:b7:79:b4:54:6b:0b:8f:49:21:37:e4:4e:9b:
         b4:95:b2:d1:d9:18:a0:3c:df:70:6d:3b:d1:2c:32:f6:82:f5:
         42:e2:42:c5:54:c9:ce:80:e1:32:25:3c:b4:b6:d0:6a:9a:53:
         bb:2b:32:ca:77:be:20:de:eb:08:d7:17:ae:dc:30:bf:5d:63:
         4d:b8:00:33:c4:08:a8:98:87:db:70:68:e7:b1:2f:47:c9:fa:
         5b:9a:01:a7:8d:8b:52:8c:d9:03:47:7d:56:62:fe:b8:11:b5:
         cf:1a:ca:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kHJWRsXapmlxLg6oeAQpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjYwNDE5MDUwMDI5WhcNMjYwNDIwMDUwMDI5WjAzMTEwLwYDVQQD
Eyg1ZGIxNDFlOThjZjJkMDVmNDE5YzRmOTQ0ZDUzNWUyNTNmYTU3Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Rg+FGs8RS1+w6Tt3UCh9z9F0mIm
AwxlDUl1j/EPWqfFjg1JzIHGufsTWmflZMoel1XjGqK2epJj3JI4JQPbkvTH5wy2
HSsAxX0x9VZhY95uC/wtuVpX2dw2zxx4Fu0mOmQvjYuVyLzfBOo8VIiJUDCyxbIV
wLRFcsal9sbB8Q1VrOCZx+/3aQUotaY+zu6Qkmbe9ZmvF/qwmiFH7JFOLlAlEdR+
YjUlxhUE4yPeA5iqepxBxXxTaipOaOzy6VpSFpQD89Yq26W3bEP5ob+JK+lR75VR
wj1xV8d0tufLuB59dyWdbA5f/ecGuZZ6QLSCO8FcyHhxE62u1dTEJlLj7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2xQemM8tBfQZxPlE1TXiU/pXz3MB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArWKzFhVu
GfTc6OcUzQbsyGvQUiqa9f1EGc5vfRJPUtEiACcJigdNZYOsb0qLLZS/yVnC6i9X
vMwMUouApRjwYnMTFYxZa2SwTeBta8H1VrzS6UeXm3PxXrMP8R8Si3xEwwwoSpKR
ysw8oGJFxp9Hz0aHj8Ui4EGQ21P9Oiy9e3XColLOpcgcV2SlvSiYkDy8PrsDMKK3
ebRUawuPSSE35E6btJWy0dkYoDzfcG070Swy9oL1QuJCxVTJzoDhMiU8tLbQappT
uysyyne+IN7rCNcXrtwwv11jTbgAM8QIqJiH23Bo57EvR8n6W5oBp42LUozZA0d9
VmL+uBG1zxrKxQ==
-----END CERTIFICATE-----