Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
File:                     z32kMRhYgiWjduwhScczbEYzZEA.mft (raw, json)
Hash identifier:          A83Ig130lRQ/grprILAKc0Lu4wJv2cYAZxrAhIU61jw=
Subject key identifier:   86:EB:7C:89:29:A9:0D:6A:7F:59:78:55:E7:97:D7:56:58:FB:E2:03
Authority key identifier: CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40
Certificate issuer:       /CN=cf7da43118588225a376ec2149c7336c46336440
Certificate serial:       019D9AAB7D3D3F28175CFC8C5E643FBC8804
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
Manifest number:          10E0
Signing time:             Fri 17 Apr 2026 09:00:23 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:23 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:23 +0000
Files and hashes:         1: z32kMRhYgiWjduwhScczbEYzZEA.crl (hash: QutYr57jTligW5vNgmqiGAEHT/67mBs43FkBYdtgQR8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ab:7d:3d:3f:28:17:5c:fc:8c:5e:64:3f:bc:88:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7da43118588225a376ec2149c7336c46336440
        Validity
            Not Before: Apr 17 09:00:23 2026 GMT
            Not After : Apr 18 09:00:23 2026 GMT
        Subject: CN=86eb7c8929a90d6a7f597855e797d75658fbe203
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:72:08:c5:e3:30:af:63:5d:4a:e5:b1:c4:0c:
                    de:9b:57:2a:16:8c:8f:8c:5b:b0:e1:f3:82:82:91:
                    85:d1:ae:5b:e1:8a:2d:ef:fc:72:b3:88:e9:bb:c8:
                    39:1a:60:59:8e:80:b6:dd:8b:7e:fd:b4:03:b7:f0:
                    ec:36:ae:16:82:2c:0c:8f:25:d3:a8:b0:a7:02:c7:
                    83:69:58:a0:bb:bb:e3:71:65:bd:93:17:d9:96:fb:
                    ee:4e:e7:e6:73:30:9f:b3:ae:38:0a:b8:ec:25:d1:
                    94:37:85:24:b0:69:b5:3c:30:26:c2:11:95:8e:b4:
                    14:e3:a3:2c:a8:2f:fa:08:99:6e:57:e8:68:07:d2:
                    66:8a:b2:95:9f:7f:79:0b:78:db:f2:37:0c:58:e5:
                    d7:ba:36:8b:0e:77:ac:56:83:98:db:8a:9d:d8:32:
                    d0:f1:f1:40:c6:e7:6e:f4:cd:d5:fd:93:6e:11:19:
                    e8:d2:4c:32:16:db:c2:52:ee:65:23:b1:a6:67:48:
                    45:d7:1b:10:49:dc:3f:39:a8:d8:a1:40:d2:da:a3:
                    e2:8d:4b:15:1c:54:44:26:77:d4:66:df:21:ab:df:
                    4a:2a:b7:f4:d8:83:89:1e:8f:be:ad:95:dc:ab:16:
                    1f:eb:99:be:00:2f:88:02:f9:0c:49:00:da:bb:87:
                    d3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:EB:7C:89:29:A9:0D:6A:7F:59:78:55:E7:97:D7:56:58:FB:E2:03
            X509v3 Authority Key Identifier:
                keyid:CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:0f:44:77:aa:dc:4c:d7:96:c2:6f:bd:b2:1e:72:4a:be:88:
         46:ef:6a:47:15:8a:f7:5f:6b:34:13:60:a4:ae:54:41:2e:5c:
         d0:04:13:a2:e1:13:4f:28:20:74:fb:13:4a:cb:94:47:1e:24:
         03:b5:22:30:54:4f:b0:2d:df:b3:39:db:79:eb:31:cb:33:a7:
         8b:53:9f:37:7d:a1:2d:60:3a:9b:87:df:59:e5:77:b0:9a:7b:
         a0:b9:f6:cb:d4:f6:c9:33:ca:81:5a:8a:ed:3c:0b:0f:e1:c5:
         5e:8e:f5:1b:8e:27:cf:bd:c7:f1:c6:d6:3e:4a:f8:fa:ab:50:
         e6:1a:30:92:ae:29:28:19:3f:c0:26:23:fa:4d:2f:db:0e:7f:
         77:29:b9:c0:77:ea:14:21:ec:7a:0a:33:2a:67:e5:5b:77:0f:
         df:03:fb:2d:f2:67:11:06:6e:5a:8b:3d:ec:90:44:b5:82:f2:
         50:30:b7:62:2a:96:6f:64:3c:c8:84:43:95:49:e2:a4:bd:19:
         33:2d:5f:fd:db:b2:b0:a2:c1:9f:ca:97:d3:5a:13:44:73:4a:
         cd:d7:d9:e0:49:18:52:8a:04:ba:e6:80:21:3f:b2:61:04:63:
         12:98:a3:ff:da:2a:20:e9:d4:da:12:02:16:95:2b:14:dd:aa:
         d7:97:17:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq309PygXXPyMXmQ/vIgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2RhNDMxMTg1ODgyMjVhMzc2ZWMyMTQ5YzczMzZjNDYz
MzY0NDAwHhcNMjYwNDE3MDkwMDIzWhcNMjYwNDE4MDkwMDIzWjAzMTEwLwYDVQQD
Eyg4NmViN2M4OTI5YTkwZDZhN2Y1OTc4NTVlNzk3ZDc1NjU4ZmJlMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3IIxeMwr2NdSuWxxAzem1cqFoyP
jFuw4fOCgpGF0a5b4Yot7/xys4jpu8g5GmBZjoC23Yt+/bQDt/DsNq4WgiwMjyXT
qLCnAseDaVigu7vjcWW9kxfZlvvuTufmczCfs644CrjsJdGUN4UksGm1PDAmwhGV
jrQU46MsqC/6CJluV+hoB9JmirKVn395C3jb8jcMWOXXujaLDnesVoOY24qd2DLQ
8fFAxudu9M3V/ZNuERno0kwyFtvCUu5lI7GmZ0hF1xsQSdw/OajYoUDS2qPijUsV
HFREJnfUZt8hq99KKrf02IOJHo++rZXcqxYf65m+AC+IAvkMSQDau4fTnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbrfIkpqQ1qf1l4VeeX11ZY++IDMB8GA1UdIwQY
MBaAFM99pDEYWIIlo3bsIUnHM2xGM2RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUt
YzVmMTdlYWI0MWQ1LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUtYzVmMTdlYWI0MWQ1
LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApA9Ed6rc
TNeWwm+9sh5ySr6IRu9qRxWK919rNBNgpK5UQS5c0AQTouETTyggdPsTSsuURx4k
A7UiMFRPsC3fsznbeesxyzOni1OfN32hLWA6m4ffWeV3sJp7oLn2y9T2yTPKgVqK
7TwLD+HFXo71G44nz73H8cbWPkr4+qtQ5howkq4pKBk/wCYj+k0v2w5/dym5wHfq
FCHsegozKmflW3cP3wP7LfJnEQZuWos97JBEtYLyUDC3YiqWb2Q8yIRDlUnipL0Z
My1f/duysKLBn8qX01oTRHNKzdfZ4EkYUooEuuaAIT+yYQRjEpij/9oqIOnU2hIC
FpUrFN2q15cXFQ==
-----END CERTIFICATE-----