Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          wcGIg9DKpj6e72hneNphbkM/cM6AWXXWsxdDSs7YmM4=
Subject key identifier:   0B:86:FE:6E:8A:5C:79:EF:8F:EB:80:2C:37:9F:5C:89:9D:8B:9A:99
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019D99CFC65C05C7DAAD6AC64A7A25D3B133
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          14C0
Signing time:             Fri 17 Apr 2026 05:00:23 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:23 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:23 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: iaDdgDb6wpJTgEWrDW+gYXBOlxmj/RAwyOKQvHgdXPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:c6:5c:05:c7:da:ad:6a:c6:4a:7a:25:d3:b1:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Apr 17 05:00:23 2026 GMT
            Not After : Apr 18 05:00:23 2026 GMT
        Subject: CN=0b86fe6e8a5c79ef8feb802c379f5c899d8b9a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:2c:b8:06:65:27:da:6a:59:5e:a7:3c:f8:06:
                    c2:04:f3:6c:81:9f:34:4c:c5:85:38:02:f1:07:57:
                    bb:db:47:1a:6a:43:35:3d:1b:3c:4f:85:3d:b2:6c:
                    0a:95:44:bf:b5:86:cb:8e:8c:3a:46:4a:23:44:71:
                    79:b2:87:52:94:3c:29:f8:73:c2:52:3e:41:21:0c:
                    74:cb:2a:49:da:23:32:58:af:22:dc:55:8e:7c:37:
                    c8:6c:40:46:29:54:e7:6e:23:00:25:96:f5:d2:1c:
                    61:e2:6c:bc:d0:15:7d:d1:79:66:28:1a:36:ee:a9:
                    6a:f6:38:f6:7e:51:43:8d:9a:73:fc:15:9c:67:19:
                    7d:11:a2:88:d2:2a:56:3a:43:3f:17:72:2d:78:eb:
                    ca:f5:bb:b1:68:8e:ac:0d:c8:86:c8:a9:09:bb:2a:
                    a2:00:63:69:58:e3:58:b6:68:06:9c:26:ba:82:90:
                    e2:09:4a:2b:bf:b6:1b:28:e8:32:c7:3d:fc:41:6a:
                    4f:15:ee:4a:29:08:e5:89:b6:6d:4c:af:c4:db:77:
                    9b:72:79:84:66:e5:a0:a7:c6:e4:4c:71:18:3a:db:
                    65:99:a7:18:85:be:6c:a4:63:09:33:ee:fd:e7:21:
                    8a:ae:5b:9a:da:eb:f5:5c:38:55:02:1a:b4:80:96:
                    a2:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:86:FE:6E:8A:5C:79:EF:8F:EB:80:2C:37:9F:5C:89:9D:8B:9A:99
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b7:7b:45:fa:6c:70:b6:e7:9d:13:9a:f9:4d:d7:00:b6:e3:
         3e:93:f8:6e:9d:ec:a2:cc:30:ee:9a:3a:a4:c9:f7:af:ae:d9:
         22:d6:e2:d3:1e:60:32:a7:1f:87:72:dd:d5:7a:3e:2a:8a:8b:
         f8:66:5f:7f:8b:c3:85:71:63:d6:96:d4:21:76:a5:9f:a2:c1:
         e3:20:53:1f:15:c2:48:53:f1:5e:39:42:48:f4:76:16:82:23:
         19:ac:eb:51:3f:40:7d:51:8b:2c:1d:88:ac:11:37:85:50:f4:
         e0:bf:18:49:5a:3b:f6:44:fb:18:0b:70:8b:99:a5:5a:c8:5a:
         11:cd:79:17:10:4b:03:28:5b:76:ad:43:eb:ad:44:1b:1f:de:
         e2:47:ff:64:7e:2f:85:c1:0f:b1:e0:ea:64:7f:f0:50:21:bf:
         d7:f6:f1:63:51:e3:cb:11:06:b9:7c:0e:35:88:8d:0e:10:a9:
         88:3b:da:56:14:64:99:37:b1:0b:43:69:c3:5b:0a:1e:8d:70:
         d3:df:e1:64:d7:b4:56:83:d4:2d:14:67:44:b7:da:e5:0f:b5:
         12:a2:07:9d:6f:52:16:21:0c:99:e5:2c:05:0d:cc:bd:43:75:
         5e:cd:a3:55:49:a1:a6:d0:1c:84:02:a9:25:7e:cf:43:0b:1b:
         7d:99:3e:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz8ZcBcfarWrGSnol07EzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjYwNDE3MDUwMDIzWhcNMjYwNDE4MDUwMDIzWjAzMTEwLwYDVQQD
EygwYjg2ZmU2ZThhNWM3OWVmOGZlYjgwMmMzNzlmNWM4OTlkOGI5YTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniy4BmUn2mpZXqc8+AbCBPNsgZ80
TMWFOALxB1e720caakM1PRs8T4U9smwKlUS/tYbLjow6RkojRHF5sodSlDwp+HPC
Uj5BIQx0yypJ2iMyWK8i3FWOfDfIbEBGKVTnbiMAJZb10hxh4my80BV90XlmKBo2
7qlq9jj2flFDjZpz/BWcZxl9EaKI0ipWOkM/F3IteOvK9buxaI6sDciGyKkJuyqi
AGNpWONYtmgGnCa6gpDiCUorv7YbKOgyxz38QWpPFe5KKQjlibZtTK/E23ebcnmE
ZuWgp8bkTHEYOttlmacYhb5spGMJM+795yGKrlua2uv1XDhVAhq0gJaiQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAuG/m6KXHnvj+uALDefXImdi5qZMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLd7Rfps
cLbnnROa+U3XALbjPpP4bp3sosww7po6pMn3r67ZItbi0x5gMqcfh3Ld1Xo+KoqL
+GZff4vDhXFj1pbUIXaln6LB4yBTHxXCSFPxXjlCSPR2FoIjGazrUT9AfVGLLB2I
rBE3hVD04L8YSVo79kT7GAtwi5mlWshaEc15FxBLAyhbdq1D661EGx/e4kf/ZH4v
hcEPseDqZH/wUCG/1/bxY1HjyxEGuXwONYiNDhCpiDvaVhRkmTexC0Npw1sKHo1w
09/hZNe0VoPULRRnRLfa5Q+1EqIHnW9SFiEMmeUsBQ3MvUN1Xs2jVUmhptAchAKp
JX7PQwsbfZk+ow==
-----END CERTIFICATE-----