Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          aVjEyN9NjDvjvFkXJU194yiGpgQ3wz7FnitMK2WL03A=
Subject key identifier:   BC:FB:35:C2:9D:7B:E5:44:73:9E:8A:CF:4F:43:0C:D7:EA:B2:AF:C3
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019D98F495595405F240093E57EEC8779D11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0D23
Signing time:             Fri 17 Apr 2026 01:00:58 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:58 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:58 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: jrAgNYZbrtpI82/ApIyrwEWA41+OE477VYmaMJA5NkE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:95:59:54:05:f2:40:09:3e:57:ee:c8:77:9d:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Apr 17 01:00:58 2026 GMT
            Not After : Apr 18 01:00:58 2026 GMT
        Subject: CN=bcfb35c29d7be544739e8acf4f430cd7eab2afc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b4:98:8f:d1:a6:74:25:a7:89:10:bf:e5:dc:
                    1d:3b:a3:a3:a5:44:a0:c3:78:f5:13:b7:1e:f7:bd:
                    24:a1:3f:2e:0f:4f:8f:a0:74:44:00:1b:ad:3c:6a:
                    18:ab:6d:e0:38:e4:73:cf:41:4c:66:dd:09:2f:2f:
                    c5:7b:65:69:bf:5c:fc:80:1a:1e:ab:5f:17:50:e2:
                    69:78:33:10:41:75:f9:19:54:72:0f:ee:ee:0e:c6:
                    df:f6:d5:83:32:12:d9:e6:2b:f1:01:0d:e3:b2:7c:
                    1f:d2:2d:f6:7d:db:b8:76:b3:4a:52:7d:2d:8a:17:
                    d2:47:ce:dc:65:6d:e1:58:65:84:a2:9f:2d:90:cb:
                    87:26:03:2b:d1:9a:85:c9:ac:44:a1:9a:00:6b:c7:
                    9c:51:35:9d:9d:a6:35:09:7f:6e:79:7b:a3:88:bf:
                    67:67:a5:3b:01:9f:de:a6:e4:12:31:d3:fb:5b:96:
                    2b:68:42:bb:97:63:0f:6c:45:39:2c:3f:79:06:25:
                    0a:eb:48:26:13:01:f9:a2:33:19:b0:52:57:a7:9f:
                    fe:fe:0d:c4:65:9d:ff:fa:53:69:8b:f2:5e:62:38:
                    04:27:eb:ad:d1:fd:1f:c3:6b:76:1a:75:52:5b:8d:
                    43:fe:59:89:bd:24:e0:bf:eb:1b:45:42:52:80:3c:
                    03:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:FB:35:C2:9D:7B:E5:44:73:9E:8A:CF:4F:43:0C:D7:EA:B2:AF:C3
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:d5:a2:2e:88:b6:73:a8:22:9d:fd:31:4c:f8:44:6d:07:31:
         a9:27:4f:89:c6:e1:4f:9d:84:5e:39:e7:3d:46:52:7e:61:87:
         34:d1:46:5b:1f:6b:1a:d8:da:15:50:b5:b3:53:90:25:71:1b:
         63:5b:7e:d6:2e:7e:e5:86:f9:b6:85:6a:8d:be:6f:7f:f8:3f:
         03:9f:36:2d:92:00:31:a6:fa:71:c5:f9:1e:bd:62:e4:db:da:
         5d:01:3b:35:c5:f0:1c:60:30:c7:d3:23:82:37:5f:bb:c1:78:
         cd:85:01:9b:3b:dc:56:98:04:69:fe:d4:f4:d1:61:87:8c:87:
         94:4e:49:8b:19:62:e5:c2:ce:fa:cb:10:3d:9a:31:a9:d8:87:
         74:5c:8b:ec:a2:7d:ac:05:7c:83:68:4d:1c:5d:65:97:86:66:
         2b:69:18:a2:e7:ba:0c:c8:27:4a:0b:fc:04:4e:c1:e4:0d:12:
         f0:22:54:b4:02:06:61:ce:9c:d0:2a:16:1c:f7:3d:6c:e5:ca:
         f2:23:d9:ff:f0:16:3c:ae:69:de:f2:fd:60:b2:e4:80:e0:c4:
         3b:f4:e6:b4:39:00:ab:07:1f:2a:5c:9e:f5:7b:fe:0a:28:31:
         be:d0:d9:7a:d1:6a:8f:49:4a:29:c9:1a:82:33:23:ea:97:e9:
         e4:35:0a:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9JVZVAXyQAk+V+7Id50RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjYwNDE3MDEwMDU4WhcNMjYwNDE4MDEwMDU4WjAzMTEwLwYDVQQD
EyhiY2ZiMzVjMjlkN2JlNTQ0NzM5ZThhY2Y0ZjQzMGNkN2VhYjJhZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrSYj9GmdCWniRC/5dwdO6OjpUSg
w3j1E7ce970koT8uD0+PoHREAButPGoYq23gOORzz0FMZt0JLy/Fe2Vpv1z8gBoe
q18XUOJpeDMQQXX5GVRyD+7uDsbf9tWDMhLZ5ivxAQ3jsnwf0i32fdu4drNKUn0t
ihfSR87cZW3hWGWEop8tkMuHJgMr0ZqFyaxEoZoAa8ecUTWdnaY1CX9ueXujiL9n
Z6U7AZ/epuQSMdP7W5YraEK7l2MPbEU5LD95BiUK60gmEwH5ojMZsFJXp5/+/g3E
ZZ3/+lNpi/JeYjgEJ+ut0f0fw2t2GnVSW41D/lmJvSTgv+sbRUJSgDwDqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLz7NcKde+VEc56Kz09DDNfqsq/DMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtWiLoi2
c6ginf0xTPhEbQcxqSdPicbhT52EXjnnPUZSfmGHNNFGWx9rGtjaFVC1s1OQJXEb
Y1t+1i5+5Yb5toVqjb5vf/g/A582LZIAMab6ccX5Hr1i5NvaXQE7NcXwHGAwx9Mj
gjdfu8F4zYUBmzvcVpgEaf7U9NFhh4yHlE5Jixli5cLO+ssQPZoxqdiHdFyL7KJ9
rAV8g2hNHF1ll4ZmK2kYoue6DMgnSgv8BE7B5A0S8CJUtAIGYc6c0CoWHPc9bOXK
8iPZ//AWPK5p3vL9YLLkgODEO/TmtDkAqwcfKlye9Xv+CigxvtDZetFqj0lKKcka
gjMj6pfp5DUK7Q==
-----END CERTIFICATE-----