Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          jIIyEFWqXV4dngnfdTn/LIgq/agyfg9RgMvu2NPmC/4=
Subject key identifier:   92:5D:61:96:35:DE:F5:EE:99:E3:29:1F:9D:B7:D7:88:B4:D3:8A:80
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       019D9BF5238408C99459FE834B32D8EBB9A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          099B
Signing time:             Fri 17 Apr 2026 15:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 15:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 15:00:26 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: r9Vf6A5H51pr/JpR7DacW6erSM3aRozMqIqUv3Ef9XY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:47:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:f5:23:84:08:c9:94:59:fe:83:4b:32:d8:eb:b9:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Apr 17 15:00:26 2026 GMT
            Not After : Apr 18 15:00:26 2026 GMT
        Subject: CN=925d619635def5ee99e3291f9db7d788b4d38a80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:90:9e:c9:79:54:2d:ce:4c:d2:33:53:99:06:
                    5c:b5:a4:5e:30:93:65:74:49:88:3c:75:02:9a:4e:
                    54:15:25:7e:a5:f1:6c:fd:87:a2:eb:97:5b:a8:4d:
                    8c:0e:bd:5b:54:f3:9b:99:16:0c:15:9f:16:e3:c0:
                    b2:c0:dc:b6:62:41:41:43:98:cd:84:c7:66:b2:53:
                    26:f2:19:a7:18:ef:ad:47:c7:fa:a8:5d:b1:ad:9c:
                    db:3d:d2:a1:fb:40:2f:59:d8:c8:50:11:32:e2:2c:
                    0e:54:25:2a:8c:e2:bf:97:d5:98:6a:93:d5:be:49:
                    dd:48:30:ed:d9:04:91:00:fd:8c:82:c3:1e:68:c4:
                    df:01:59:43:7c:79:88:1e:da:02:fd:1d:ad:1d:23:
                    b4:68:26:1c:61:f5:a4:f8:ce:79:fa:8c:d2:06:d2:
                    da:49:e8:a8:84:9c:de:9a:33:9f:6a:2f:fe:ba:57:
                    fd:20:f8:fe:61:cc:81:12:81:38:ae:27:34:6d:55:
                    df:93:8f:52:5e:24:df:5e:87:f2:5a:b8:6d:97:8f:
                    3d:ae:55:30:ab:b5:94:c5:d0:62:57:2f:ec:95:71:
                    96:9a:a3:eb:48:aa:95:dc:e9:3a:7f:e2:26:c3:69:
                    4e:ac:ec:ae:a3:9f:b2:16:ea:00:6b:5c:6d:20:43:
                    f1:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:5D:61:96:35:DE:F5:EE:99:E3:29:1F:9D:B7:D7:88:B4:D3:8A:80
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:15:e7:89:71:78:31:56:11:76:f4:66:f7:ab:01:1d:7c:dc:
         37:15:f2:4d:2b:5a:ef:16:27:b0:e3:4b:d2:b9:b3:86:77:e7:
         3f:57:6d:d9:99:d2:3b:9b:d8:fe:f1:00:b1:10:45:06:ef:59:
         fc:58:c9:35:1c:7c:f1:4f:7e:76:75:ee:f2:24:6b:ff:28:8c:
         c4:49:1f:28:5d:b6:3c:6d:60:3d:e9:47:9e:71:e4:e4:1d:ec:
         0b:40:b3:87:0e:d8:66:97:25:84:38:0e:b2:66:d4:a7:c8:0f:
         68:94:2a:2e:27:03:93:ff:d3:bf:ea:04:d6:bf:af:0b:da:d1:
         b8:e7:8d:e1:cc:36:76:49:ea:9f:94:5f:02:4e:ba:dd:ed:70:
         55:f3:1e:44:fc:f2:ef:ab:92:1f:e0:b2:f0:63:de:7b:7f:a9:
         5a:9c:e5:21:ca:6b:cc:4c:71:f8:37:5f:e2:ae:87:d8:57:d1:
         dd:ae:8c:d7:07:9d:30:2b:0e:75:a7:82:6b:ef:b4:ce:83:ad:
         b9:be:76:a6:3e:e6:f5:0a:5f:2f:d5:72:b6:ba:8c:96:14:b5:
         1c:a7:80:d0:25:a7:ac:ba:bb:42:47:99:b1:04:2b:ec:61:3f:
         8e:8f:8c:38:15:11:bf:06:6f:95:ff:21:09:e5:4b:c8:54:a8:
         61:b9:44:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2b9SOECMmUWf6DSzLY67mpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjYwNDE3MTUwMDI2WhcNMjYwNDE4MTUwMDI2WjAzMTEwLwYDVQQD
Eyg5MjVkNjE5NjM1ZGVmNWVlOTllMzI5MWY5ZGI3ZDc4OGI0ZDM4YTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZCeyXlULc5M0jNTmQZctaReMJNl
dEmIPHUCmk5UFSV+pfFs/Yei65dbqE2MDr1bVPObmRYMFZ8W48CywNy2YkFBQ5jN
hMdmslMm8hmnGO+tR8f6qF2xrZzbPdKh+0AvWdjIUBEy4iwOVCUqjOK/l9WYapPV
vkndSDDt2QSRAP2MgsMeaMTfAVlDfHmIHtoC/R2tHSO0aCYcYfWk+M55+ozSBtLa
SeiohJzemjOfai/+ulf9IPj+YcyBEoE4ric0bVXfk49SXiTfXofyWrhtl489rlUw
q7WUxdBiVy/slXGWmqPrSKqV3Ok6f+Imw2lOrOyuo5+yFuoAa1xtIEPxNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJdYZY13vXumeMpH52314i004qAMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRXniXF4
MVYRdvRm96sBHXzcNxXyTSta7xYnsONL0rmzhnfnP1dt2ZnSO5vY/vEAsRBFBu9Z
/FjJNRx88U9+dnXu8iRr/yiMxEkfKF22PG1gPelHnnHk5B3sC0Czhw7YZpclhDgO
smbUp8gPaJQqLicDk//Tv+oE1r+vC9rRuOeN4cw2dknqn5RfAk663e1wVfMeRPzy
76uSH+Cy8GPee3+pWpzlIcprzExx+Ddf4q6H2FfR3a6M1wedMCsOdaeCa++0zoOt
ub52pj7m9QpfL9VytrqMlhS1HKeA0CWnrLq7QkeZsQQr7GE/jo+MOBURvwZvlf8h
CeVLyFSoYblEQg==
-----END CERTIFICATE-----