Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          Xu75TtFp0kIJ6h9i3qJFPCypNf6toFSDepn5mWyJIuU=
Subject key identifier:   15:97:9C:B9:0D:45:6D:84:99:AF:A8:5D:93:22:0F:CD:01:6F:F4:E7
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019D98F520B908877472BB5736A0E58A07A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0CCF
Signing time:             Fri 17 Apr 2026 01:01:34 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:34 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:34 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: 9MpdGVZURp8kvAajxSirHJ/AWOPluPp4+vqGn29g4Ow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:20:b9:08:87:74:72:bb:57:36:a0:e5:8a:07:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Apr 17 01:01:34 2026 GMT
            Not After : Apr 18 01:01:34 2026 GMT
        Subject: CN=15979cb90d456d8499afa85d93220fcd016ff4e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5b:10:ad:b5:e2:f1:6b:19:89:56:9c:20:17:
                    8e:c4:16:b2:94:5a:86:d1:62:ed:38:25:2e:c0:10:
                    f8:3b:f5:57:7a:96:45:2f:7d:63:fb:7a:f0:a5:96:
                    82:16:d8:34:10:59:c6:2f:40:91:32:d5:dd:db:f8:
                    26:69:29:5e:43:6f:72:d8:d6:d1:1f:a1:a5:a4:ea:
                    56:dd:9b:e5:fc:1e:02:ed:a9:ff:0d:eb:c0:49:f5:
                    05:76:3b:01:c3:15:ca:25:ac:b5:f8:36:ce:7c:e3:
                    21:4d:dd:3c:d3:9c:59:32:cf:4c:5f:18:c8:88:73:
                    c0:46:40:5b:03:0b:32:c3:e3:65:41:de:c2:9f:95:
                    0f:ab:6f:74:f1:ba:7b:d8:33:d0:d1:4c:13:74:5c:
                    41:55:ae:0a:68:58:f3:a4:1c:05:2d:04:ad:a1:f8:
                    9c:59:03:4c:0b:e0:6e:79:cc:25:7c:14:5b:53:f9:
                    7b:45:0b:5b:4d:98:ab:39:e7:dc:78:e5:06:71:f4:
                    7e:62:2a:b9:34:ee:80:2f:dd:5b:27:40:84:d2:71:
                    22:e7:23:e7:16:b1:b4:39:df:dc:f3:14:7f:ea:38:
                    b0:15:44:ec:3b:76:e0:c4:e2:72:50:cd:92:89:e0:
                    95:fc:a4:af:43:69:5b:12:39:cb:ad:22:0f:00:c0:
                    0e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:97:9C:B9:0D:45:6D:84:99:AF:A8:5D:93:22:0F:CD:01:6F:F4:E7
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:10:46:4e:fa:d9:42:1d:34:ce:43:76:cf:8e:54:d0:70:06:
         fc:60:1f:61:2a:ba:cf:56:0a:bd:f2:f4:8d:5c:25:f3:61:6c:
         bc:4c:b6:f9:07:fe:54:ce:66:10:d3:16:7c:e9:35:2b:ba:66:
         9f:12:d1:98:7e:f5:12:cc:af:eb:c6:13:da:5e:76:ee:64:5b:
         82:51:c7:b4:33:93:e7:db:04:6b:83:bc:45:b4:13:60:2f:97:
         90:47:c2:e8:a0:27:ba:a9:44:8c:3f:01:4b:79:ac:2e:21:ca:
         0c:eb:35:d2:27:d9:c9:db:01:7b:ae:b8:85:43:66:4e:11:32:
         80:cf:64:01:d3:a0:eb:8a:c5:03:ec:e9:bf:65:9e:28:97:22:
         2f:f8:6b:34:a2:04:d8:fb:d1:df:7f:01:fd:ad:91:3a:4f:c4:
         f7:d5:e2:4b:26:13:70:8e:ef:6a:f2:8d:93:f4:c9:5a:11:24:
         9b:01:4c:6e:3d:03:79:84:4b:5a:d1:9a:5c:e3:53:3f:e0:da:
         12:3d:ed:e6:ea:8b:63:bd:ae:f2:dd:fd:d3:7b:82:f3:c9:af:
         69:29:d9:c5:9d:7a:23:89:2b:55:88:02:74:27:2c:12:e5:8e:
         1f:b6:b3:d3:b3:fa:e4:86:72:e2:6e:46:ad:f5:c6:9d:34:5f:
         0b:c7:5e:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9SC5CId0crtXNqDligemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwNDE3MDEwMTM0WhcNMjYwNDE4MDEwMTM0WjAzMTEwLwYDVQQD
EygxNTk3OWNiOTBkNDU2ZDg0OTlhZmE4NWQ5MzIyMGZjZDAxNmZmNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVsQrbXi8WsZiVacIBeOxBaylFqG
0WLtOCUuwBD4O/VXepZFL31j+3rwpZaCFtg0EFnGL0CRMtXd2/gmaSleQ29y2NbR
H6GlpOpW3Zvl/B4C7an/DevASfUFdjsBwxXKJay1+DbOfOMhTd0805xZMs9MXxjI
iHPARkBbAwsyw+NlQd7Cn5UPq2908bp72DPQ0UwTdFxBVa4KaFjzpBwFLQStofic
WQNMC+BuecwlfBRbU/l7RQtbTZirOefceOUGcfR+Yiq5NO6AL91bJ0CE0nEi5yPn
FrG0Od/c8xR/6jiwFUTsO3bgxOJyUM2SieCV/KSvQ2lbEjnLrSIPAMAOGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWXnLkNRW2Ema+oXZMiD80Bb/TnMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBBGTvrZ
Qh00zkN2z45U0HAG/GAfYSq6z1YKvfL0jVwl82FsvEy2+Qf+VM5mENMWfOk1K7pm
nxLRmH71Esyv68YT2l527mRbglHHtDOT59sEa4O8RbQTYC+XkEfC6KAnuqlEjD8B
S3msLiHKDOs10ifZydsBe664hUNmThEygM9kAdOg64rFA+zpv2WeKJciL/hrNKIE
2PvR338B/a2ROk/E99XiSyYTcI7vavKNk/TJWhEkmwFMbj0DeYRLWtGaXONTP+Da
Ej3t5uqLY72u8t3903uC88mvaSnZxZ16I4krVYgCdCcsEuWOH7az07P65IZy4m5G
rfXGnTRfC8dejw==
-----END CERTIFICATE-----