Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
File:                     AquPiJLQHdTIQHJMu6uQwMpglDI.mft (raw, json)
Hash identifier:          lJoWNmbqubYh6HiBJqQF/nEj48Et/YXY69zC3KuTRYE=
Subject key identifier:   2D:CB:B6:17:51:01:A2:92:C5:60:40:5D:DD:94:4E:86:46:BD:9F:B1
Authority key identifier: 02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32
Certificate issuer:       /CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
Certificate serial:       019EBE7FB61DC961D0756F9C4F1CE8CF1FA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
Manifest number:          1954
Signing time:             Sat 13 Jun 2026 01:01:41 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:41 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:41 +0000
Files and hashes:         1: AquPiJLQHdTIQHJMu6uQwMpglDI.crl (hash: MlhU92LIIP8d36vzU4cpH4F8y8S+F/Qak3+Zrnm3oYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:b6:1d:c9:61:d0:75:6f:9c:4f:1c:e8:cf:1f:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
        Validity
            Not Before: Jun 13 01:01:41 2026 GMT
            Not After : Jun 14 01:01:41 2026 GMT
        Subject: CN=2dcbb6175101a292c560405ddd944e8646bd9fb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:aa:15:05:18:df:4c:1c:df:62:19:9d:6f:b4:
                    c4:fe:dd:14:96:2d:8b:d2:56:58:ca:5a:83:d9:1a:
                    e8:5e:fd:88:5e:18:ad:31:10:77:f5:d7:80:f5:08:
                    f6:48:60:d5:4f:c3:96:ee:35:cf:98:bb:17:d6:84:
                    21:24:2d:3f:40:a6:2c:20:87:d2:b0:2c:dc:60:31:
                    23:dd:be:27:a4:08:a6:39:bd:76:43:fb:c6:a9:40:
                    0f:5e:78:1c:36:a7:05:81:03:cf:c5:63:af:a6:61:
                    12:ad:f1:8c:0c:1f:d5:43:38:8e:4c:9b:29:6a:3e:
                    73:d9:e6:a6:77:78:08:ee:8d:17:32:19:15:30:07:
                    40:cc:19:65:9b:46:91:98:28:52:8f:fe:2b:db:1e:
                    0c:01:fe:df:c1:4b:ed:b0:53:68:c5:59:01:7b:f2:
                    e0:c3:77:a1:fd:a3:9e:f0:41:c3:61:db:62:cb:90:
                    94:2f:92:89:db:df:30:04:54:a6:ee:ef:ce:20:1b:
                    5e:bd:43:f6:f4:74:59:36:4e:99:e6:4f:e4:b6:88:
                    7f:d8:9f:64:af:d4:83:9b:0f:c6:77:10:fc:8e:13:
                    35:e4:97:2f:46:c8:dc:28:72:9f:fc:c6:d6:98:56:
                    9e:da:e2:87:56:7a:4f:e2:82:a2:8f:69:15:ef:33:
                    3e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:CB:B6:17:51:01:A2:92:C5:60:40:5D:DD:94:4E:86:46:BD:9F:B1
            X509v3 Authority Key Identifier:
                keyid:02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:0c:14:b6:d8:0c:89:a4:1a:53:98:92:9b:eb:0c:d6:5d:96:
         e3:e5:f3:77:04:74:76:a2:f6:4c:e3:14:62:1e:13:a2:36:43:
         fc:e4:d1:cb:b9:41:39:0d:1e:0a:2a:b2:20:c7:e8:47:18:a4:
         81:05:a5:09:b8:9d:41:e4:30:3d:48:b8:a3:52:22:77:b7:86:
         f9:2e:13:78:6c:fa:de:e0:d9:cd:30:02:7e:2b:4b:cc:d1:24:
         76:09:3d:b5:55:ce:ff:50:1f:04:75:74:51:4c:a3:88:bf:0d:
         23:8c:e4:09:9f:ad:81:92:bc:b9:c7:71:88:21:53:e2:09:e7:
         40:74:65:55:68:37:a9:a1:da:51:cb:9e:2f:02:08:cd:ef:0b:
         37:6e:da:96:bf:15:b5:92:76:14:3d:ad:e7:c6:74:96:1b:01:
         45:d5:4f:47:70:83:07:55:18:9e:01:0d:43:0f:db:2c:b8:36:
         51:3d:e9:79:55:30:b2:dc:9a:88:73:64:c0:03:f2:e2:30:b6:
         82:da:33:01:25:06:74:d3:93:02:01:3b:c2:6f:15:08:f6:b7:
         6a:af:46:87:8c:db:03:b6:a3:d1:83:35:a8:23:43:04:d8:a7:
         4e:c6:c8:57:ee:83:d0:25:54:3c:55:fd:eb:ee:74:0a:c2:f0:
         d3:f6:51:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f7YdyWHQdW+cTxzozx+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWI4Zjg4OTJkMDFkZDRjODQwNzI0Y2JiYWI5MGMwY2E2
MDk0MzIwHhcNMjYwNjEzMDEwMTQxWhcNMjYwNjE0MDEwMTQxWjAzMTEwLwYDVQQD
EygyZGNiYjYxNzUxMDFhMjkyYzU2MDQwNWRkZDk0NGU4NjQ2YmQ5ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KoVBRjfTBzfYhmdb7TE/t0Uli2L
0lZYylqD2RroXv2IXhitMRB39deA9Qj2SGDVT8OW7jXPmLsX1oQhJC0/QKYsIIfS
sCzcYDEj3b4npAimOb12Q/vGqUAPXngcNqcFgQPPxWOvpmESrfGMDB/VQziOTJsp
aj5z2eamd3gI7o0XMhkVMAdAzBllm0aRmChSj/4r2x4MAf7fwUvtsFNoxVkBe/Lg
w3eh/aOe8EHDYdtiy5CUL5KJ298wBFSm7u/OIBtevUP29HRZNk6Z5k/ktoh/2J9k
r9SDmw/GdxD8jhM15JcvRsjcKHKf/MbWmFae2uKHVnpP4oKij2kV7zM+3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3LthdRAaKSxWBAXd2UToZGvZ+xMB8GA1UdIwQY
MBaAFAKrj4iS0B3UyEByTLurkMDKYJQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEt
ZTNiNzcwMTNmZGI3LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEtZTNiNzcwMTNmZGI3
LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfgwUttgM
iaQaU5iSm+sM1l2W4+XzdwR0dqL2TOMUYh4TojZD/OTRy7lBOQ0eCiqyIMfoRxik
gQWlCbidQeQwPUi4o1Iid7eG+S4TeGz63uDZzTACfitLzNEkdgk9tVXO/1AfBHV0
UUyjiL8NI4zkCZ+tgZK8ucdxiCFT4gnnQHRlVWg3qaHaUcueLwIIze8LN27alr8V
tZJ2FD2t58Z0lhsBRdVPR3CDB1UYngENQw/bLLg2UT3peVUwstyaiHNkwAPy4jC2
gtozASUGdNOTAgE7wm8VCPa3aq9Gh4zbA7aj0YM1qCNDBNinTsbIV+6D0CVUPFX9
6+50CsLw0/ZR8Q==
-----END CERTIFICATE-----