Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          tEnrIF/CN8IUBSpN4ILkyPk/XtCJHATwhf6qYgJ036g=
Subject key identifier:   84:5D:4C:73:5D:A2:15:B7:0F:EA:57:D6:CB:F8:31:8F:02:11:81:E8
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019EC06D487CD08FF3A1B88644E2DF30932E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          13BE
Signing time:             Sat 13 Jun 2026 10:00:47 +0000
Manifest this update:     Sat 13 Jun 2026 10:00:47 +0000
Manifest next update:     Sun 14 Jun 2026 10:00:47 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: puKRBhobC4UizFN1rmqVtNmCINN/5E7HwZQMro9GK9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:48:7c:d0:8f:f3:a1:b8:86:44:e2:df:30:93:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Jun 13 10:00:47 2026 GMT
            Not After : Jun 14 10:00:47 2026 GMT
        Subject: CN=845d4c735da215b70fea57d6cbf8318f021181e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5a:dc:f7:3a:fb:be:91:e4:50:d6:d5:19:f1:
                    12:43:4f:86:96:de:79:e0:92:19:1f:59:67:c3:95:
                    7b:41:b8:73:6e:6d:66:a1:2c:42:0b:1b:16:5d:e4:
                    9a:f0:56:76:25:7f:4b:8b:e0:6e:83:ff:ce:72:de:
                    0f:9a:ca:e0:53:c9:0b:0c:93:cb:13:b5:97:e4:6b:
                    7f:50:fb:25:a5:f8:53:de:0a:01:d1:1e:06:5b:93:
                    5d:17:72:f5:4f:de:9b:b1:db:bb:5b:ae:99:08:e9:
                    6b:db:8b:b8:1c:16:15:e3:fa:6e:05:f3:1a:5d:45:
                    2d:ae:94:6f:30:10:a2:33:bb:5b:e8:6b:ac:82:65:
                    76:da:2e:85:6f:56:ef:fb:1f:32:6d:c0:f9:f6:09:
                    76:cc:b9:77:88:65:b5:be:a6:06:85:80:89:d3:b2:
                    74:c2:cf:4b:e4:d6:fe:8c:e9:b3:76:1c:fa:fa:75:
                    3f:42:0a:b7:ef:36:1d:9a:c8:74:44:70:f8:82:3f:
                    22:94:39:f4:10:20:81:ba:00:22:35:1b:20:4e:8d:
                    11:b5:02:e8:13:d4:92:68:1d:1a:f7:d0:3f:3a:a1:
                    1d:79:15:ac:b0:52:c4:ba:0f:29:9e:74:1e:18:e6:
                    78:79:5b:12:e1:90:ec:cc:97:55:8f:c6:26:6e:09:
                    54:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5D:4C:73:5D:A2:15:B7:0F:EA:57:D6:CB:F8:31:8F:02:11:81:E8
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:61:39:93:d7:76:80:89:a5:58:58:4e:cb:20:a1:af:cb:7e:
         ac:41:67:04:3b:bd:7e:10:b2:1b:b0:cb:13:a4:f3:96:79:f6:
         94:55:03:9a:4c:88:93:47:e6:01:37:84:5c:54:96:94:82:ce:
         93:e4:89:9a:aa:fc:9a:02:9a:1e:71:e8:81:2a:39:6d:6c:3b:
         8d:63:e9:2a:2b:9c:29:76:12:14:21:67:3b:26:a8:98:18:9a:
         58:71:a8:0f:29:64:1b:d2:e0:3c:7c:b8:b8:c7:a5:b6:c7:b1:
         58:ac:7a:a0:2a:e3:c5:7a:c7:39:9c:c7:24:ef:21:38:d7:4d:
         ac:90:58:3a:ad:40:28:95:c0:82:d6:7f:83:6a:15:a1:1c:7d:
         1c:58:3f:27:dc:1a:9a:f6:6b:db:52:7b:5b:5b:7e:da:40:6d:
         2b:d9:4c:11:44:52:ac:07:91:14:92:a4:39:df:7f:7d:7f:ff:
         10:5f:f4:a8:48:b1:91:7d:d5:75:db:90:3c:8f:18:12:04:d4:
         c7:9b:8b:7a:59:67:61:a1:16:ad:2c:47:77:f4:b7:60:81:bc:
         ce:3e:1f:14:fc:80:0e:60:d2:53:19:b7:03:73:41:5d:33:52:
         f0:c0:80:6d:c6:51:7a:82:09:f8:1e:5a:f5:eb:1d:8a:b4:9b:
         31:b8:26:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbUh80I/zobiGROLfMJMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjYwNjEzMTAwMDQ3WhcNMjYwNjE0MTAwMDQ3WjAzMTEwLwYDVQQD
Eyg4NDVkNGM3MzVkYTIxNWI3MGZlYTU3ZDZjYmY4MzE4ZjAyMTE4MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1rc9zr7vpHkUNbVGfESQ0+Glt55
4JIZH1lnw5V7Qbhzbm1moSxCCxsWXeSa8FZ2JX9Li+Bug//Oct4PmsrgU8kLDJPL
E7WX5Gt/UPslpfhT3goB0R4GW5NdF3L1T96bsdu7W66ZCOlr24u4HBYV4/puBfMa
XUUtrpRvMBCiM7tb6GusgmV22i6Fb1bv+x8ybcD59gl2zLl3iGW1vqYGhYCJ07J0
ws9L5Nb+jOmzdhz6+nU/Qgq37zYdmsh0RHD4gj8ilDn0ECCBugAiNRsgTo0RtQLo
E9SSaB0a99A/OqEdeRWssFLEug8pnnQeGOZ4eVsS4ZDszJdVj8YmbglU6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRdTHNdohW3D+pX1sv4MY8CEYHoMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmE5k9d2
gImlWFhOyyChr8t+rEFnBDu9fhCyG7DLE6Tzlnn2lFUDmkyIk0fmATeEXFSWlILO
k+SJmqr8mgKaHnHogSo5bWw7jWPpKiucKXYSFCFnOyaomBiaWHGoDylkG9LgPHy4
uMeltsexWKx6oCrjxXrHOZzHJO8hONdNrJBYOq1AKJXAgtZ/g2oVoRx9HFg/J9wa
mvZr21J7W1t+2kBtK9lMEURSrAeRFJKkOd9/fX//EF/0qEixkX3VdduQPI8YEgTU
x5uLellnYaEWrSxHd/S3YIG8zj4fFPyADmDSUxm3A3NBXTNS8MCAbcZReoIJ+B5a
9esdirSbMbgm7A==
-----END CERTIFICATE-----