Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          jJVucecddLVz2+Ey9rR16WbO3MTZhf2uqm0QzeA9gx8=
Subject key identifier:   BC:2F:E8:20:FD:FD:16:F1:72:E5:0E:27:F2:FE:D5:2C:48:2B:86:6B
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       019DA52FC1C95A76FBEDBD6CA79C955CC945
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          18C5
Signing time:             Sun 19 Apr 2026 10:01:03 +0000
Manifest this update:     Sun 19 Apr 2026 10:01:03 +0000
Manifest next update:     Mon 20 Apr 2026 10:01:03 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: AQkWjKHa1GibyIkAEf9CwhsDvr5zaOeDNJkRY4B/HJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a5:2f:c1:c9:5a:76:fb:ed:bd:6c:a7:9c:95:5c:c9:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Apr 19 10:01:03 2026 GMT
            Not After : Apr 20 10:01:03 2026 GMT
        Subject: CN=bc2fe820fdfd16f172e50e27f2fed52c482b866b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:4c:94:96:7a:4a:3c:76:dd:72:1b:c7:29:b8:
                    d7:6b:f6:a5:08:4f:42:fa:c6:6b:8b:00:78:48:4e:
                    18:74:09:60:e3:d5:72:ed:8f:87:eb:b6:63:bd:9c:
                    25:c0:08:88:92:6d:29:78:0f:76:87:b2:01:46:76:
                    86:9b:bd:20:d4:38:08:97:34:15:0e:c3:79:4b:51:
                    26:ca:42:b0:37:63:c7:4d:01:ec:ac:dd:a5:e1:bf:
                    67:33:21:ea:eb:34:7b:74:0a:e6:46:2f:07:bd:ad:
                    6b:4a:60:4c:36:fc:b2:8a:73:dd:9b:86:88:a2:e8:
                    12:01:39:e1:a8:aa:65:40:10:ed:ec:79:a9:4c:15:
                    ce:ce:e8:53:b1:67:e2:2d:73:56:c7:31:bb:15:68:
                    33:0f:e2:06:4e:d9:7e:b9:c2:38:43:1b:c9:17:98:
                    49:66:0e:0f:41:f9:a5:87:0b:4e:16:d2:c7:e8:4c:
                    89:ab:73:f8:b2:02:50:ce:4b:11:99:4e:47:28:5b:
                    af:04:0e:ee:27:38:29:7b:f9:39:90:ba:77:57:c3:
                    03:c9:33:68:46:bc:f8:a5:ce:1b:1b:90:69:34:bb:
                    46:aa:fd:10:be:6b:be:71:c0:b5:30:41:d9:ca:64:
                    1d:03:6e:5b:63:bb:43:f7:86:41:e9:ca:e4:ec:9f:
                    b8:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:2F:E8:20:FD:FD:16:F1:72:E5:0E:27:F2:FE:D5:2C:48:2B:86:6B
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:8f:2c:16:c4:00:0b:b9:77:74:47:d2:2a:ab:c7:d2:ef:fb:
         31:e0:4f:71:67:86:eb:d0:cc:bb:d2:5d:16:51:d3:f2:b1:35:
         bd:49:17:c9:95:39:00:c1:d2:93:8a:da:5f:6b:0d:8e:39:57:
         22:68:ec:b0:77:12:45:e6:4c:43:7c:eb:dc:6a:c1:96:f6:e6:
         53:3a:d0:6c:58:f4:47:40:f0:e5:76:f5:80:77:0d:c9:10:0e:
         fe:94:97:af:cd:98:16:4d:20:f4:62:6c:60:90:74:33:ad:ce:
         75:70:60:3d:91:cd:64:3a:71:10:c1:1f:d3:e5:7b:29:d4:cf:
         72:51:dc:6e:7a:65:0e:c8:3f:1c:7a:fc:9f:73:8a:93:de:d9:
         60:1a:57:81:f3:25:6f:7f:67:1a:a0:1d:82:6f:dd:d4:ef:c8:
         50:06:76:57:47:4a:72:ab:5b:b6:3f:8a:bb:0f:6e:97:c2:79:
         a7:72:af:79:3e:29:7f:08:44:50:bc:db:6b:fb:44:7b:8d:2b:
         3a:86:4e:3a:63:2e:e8:17:13:3e:cc:10:9f:4b:60:6c:8b:5b:
         aa:4b:e4:93:70:b2:7e:ea:0b:ad:5a:ac:e8:a8:ee:43:f9:39:
         ac:89:30:ec:f6:9a:0b:d4:84:44:8c:f3:6c:e7:9a:12:fb:c3:
         d1:74:cc:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lL8HJWnb77b1sp5yVXMlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjYwNDE5MTAwMTAzWhcNMjYwNDIwMTAwMTAzWjAzMTEwLwYDVQQD
EyhiYzJmZTgyMGZkZmQxNmYxNzJlNTBlMjdmMmZlZDUyYzQ4MmI4NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0yUlnpKPHbdchvHKbjXa/alCE9C
+sZriwB4SE4YdAlg49Vy7Y+H67ZjvZwlwAiIkm0peA92h7IBRnaGm70g1DgIlzQV
DsN5S1EmykKwN2PHTQHsrN2l4b9nMyHq6zR7dArmRi8Hva1rSmBMNvyyinPdm4aI
ougSATnhqKplQBDt7HmpTBXOzuhTsWfiLXNWxzG7FWgzD+IGTtl+ucI4QxvJF5hJ
Zg4PQfmlhwtOFtLH6EyJq3P4sgJQzksRmU5HKFuvBA7uJzgpe/k5kLp3V8MDyTNo
Rrz4pc4bG5BpNLtGqv0Qvmu+ccC1MEHZymQdA25bY7tD94ZB6crk7J+4qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwv6CD9/RbxcuUOJ/L+1SxIK4ZrMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVY8sFsQA
C7l3dEfSKqvH0u/7MeBPcWeG69DMu9JdFlHT8rE1vUkXyZU5AMHSk4raX2sNjjlX
ImjssHcSReZMQ3zr3GrBlvbmUzrQbFj0R0Dw5Xb1gHcNyRAO/pSXr82YFk0g9GJs
YJB0M63OdXBgPZHNZDpxEMEf0+V7KdTPclHcbnplDsg/HHr8n3OKk97ZYBpXgfMl
b39nGqAdgm/d1O/IUAZ2V0dKcqtbtj+Kuw9ul8J5p3KveT4pfwhEULzba/tEe40r
OoZOOmMu6BcTPswQn0tgbItbqkvkk3CyfuoLrVqs6KjuQ/k5rIkw7PaaC9SERIzz
bOeaEvvD0XTMSw==
-----END CERTIFICATE-----