Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          M3WXN4Jz9UDtQ/SV1we6imXoYYQDFHaEmojs0BvUlA0=
Subject key identifier:   B9:C2:A3:05:A7:62:49:E7:BB:42:5A:17:48:5B:B8:EF:F4:74:DC:2D
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019DA30A6F5856EC031A8D653A8742FCED4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0D28
Signing time:             Sun 19 Apr 2026 00:01:03 +0000
Manifest this update:     Sun 19 Apr 2026 00:01:03 +0000
Manifest next update:     Mon 20 Apr 2026 00:01:03 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: JjacVUU1IqdmTJD8pQmBQDS/G7W71M/rzGhtOFXYjz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:6f:58:56:ec:03:1a:8d:65:3a:87:42:fc:ed:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Apr 19 00:01:03 2026 GMT
            Not After : Apr 20 00:01:03 2026 GMT
        Subject: CN=b9c2a305a76249e7bb425a17485bb8eff474dc2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f5:03:73:4b:d2:aa:b2:d9:2b:15:51:c5:48:
                    2e:fd:db:ad:18:24:cb:97:94:b3:71:1c:e0:ee:4a:
                    b1:0b:77:d8:59:19:93:b1:d4:47:c9:7e:e3:f4:e8:
                    15:20:d6:69:f5:17:b7:59:54:82:bb:5f:4c:f6:dd:
                    9c:f7:45:3c:d3:e3:38:f7:ca:71:2b:8c:39:4c:d8:
                    1b:eb:89:3f:5e:b2:87:dd:d2:1f:33:4d:f9:be:9f:
                    2a:09:27:9e:54:75:3a:d5:76:f8:a3:40:df:8b:71:
                    8a:7a:b0:3f:c2:7a:87:cf:78:7f:4d:32:56:96:b3:
                    f5:d8:83:ba:45:9d:7c:2e:aa:39:a8:bf:8a:50:b2:
                    ac:d9:47:8f:48:9f:0b:2d:f9:cf:66:50:34:bf:69:
                    bd:bc:00:a9:a3:e8:ed:ca:ee:bc:fc:6a:97:07:8d:
                    e5:27:22:4d:b1:42:24:43:19:cb:2f:92:3c:41:7b:
                    b7:1f:9d:33:62:71:a4:b4:be:a6:c2:e5:15:49:91:
                    26:0b:2a:18:79:eb:fe:ec:d6:84:b7:52:25:14:97:
                    2b:c3:3a:01:c8:8a:87:22:fd:5c:d9:80:3c:8d:47:
                    2b:f3:25:73:e2:8e:73:ac:65:04:7e:f6:a3:75:41:
                    04:c5:01:06:dd:29:5c:6c:a9:93:ea:f9:fe:31:cd:
                    33:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C2:A3:05:A7:62:49:E7:BB:42:5A:17:48:5B:B8:EF:F4:74:DC:2D
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:e3:cc:fc:aa:9e:f4:3d:af:4a:e7:b4:d7:70:1b:43:f8:9a:
         4e:9a:41:72:38:34:4a:49:a6:7a:8b:56:72:8b:29:ea:56:9d:
         e8:f5:97:0e:2f:c0:d1:08:81:52:7d:3b:91:de:5e:8e:a9:f2:
         2d:83:b3:96:86:72:43:34:ad:95:27:4c:dd:85:a5:bc:42:a6:
         c6:46:38:e9:d6:aa:af:d2:e6:d5:fc:e7:30:c9:22:69:98:89:
         0d:79:1a:b6:cc:81:e3:99:86:3a:f1:3d:cb:19:f7:69:01:be:
         fc:28:42:e9:69:28:42:a9:e2:16:e7:4a:2f:d7:82:25:10:de:
         86:7a:80:42:39:3f:26:8f:73:3f:44:44:c5:a1:9e:3e:9b:c4:
         0f:39:73:b8:8e:dc:6d:cc:f7:84:97:51:a9:1b:b3:bb:43:d6:
         55:95:9d:58:87:e2:33:ad:b6:46:ac:ba:89:f5:43:e2:b8:7f:
         88:d9:34:aa:41:b6:f7:d2:1e:f5:77:b5:d4:a2:13:43:5a:fa:
         2a:9b:c1:d9:a2:c5:19:22:8f:13:8b:f1:f0:2c:de:ab:e8:cd:
         9a:1b:b1:4c:c8:d5:51:aa:4a:8e:69:a2:03:c4:82:21:b2:1d:
         1e:e9:dc:9e:2c:e0:c2:36:05:76:51:64:43:ba:64:b4:17:db:
         bd:1c:8e:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCm9YVuwDGo1lOodC/O1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjYwNDE5MDAwMTAzWhcNMjYwNDIwMDAwMTAzWjAzMTEwLwYDVQQD
EyhiOWMyYTMwNWE3NjI0OWU3YmI0MjVhMTc0ODViYjhlZmY0NzRkYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/UDc0vSqrLZKxVRxUgu/dutGCTL
l5SzcRzg7kqxC3fYWRmTsdRHyX7j9OgVINZp9Re3WVSCu19M9t2c90U80+M498px
K4w5TNgb64k/XrKH3dIfM035vp8qCSeeVHU61Xb4o0Dfi3GKerA/wnqHz3h/TTJW
lrP12IO6RZ18Lqo5qL+KULKs2UePSJ8LLfnPZlA0v2m9vACpo+jtyu68/GqXB43l
JyJNsUIkQxnLL5I8QXu3H50zYnGktL6mwuUVSZEmCyoYeev+7NaEt1IlFJcrwzoB
yIqHIv1c2YA8jUcr8yVz4o5zrGUEfvajdUEExQEG3SlcbKmT6vn+Mc0zowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnCowWnYknnu0JaF0hbuO/0dNwtMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqOPM/Kqe
9D2vSue013AbQ/iaTppBcjg0SkmmeotWcosp6lad6PWXDi/A0QiBUn07kd5ejqny
LYOzloZyQzStlSdM3YWlvEKmxkY46daqr9Lm1fznMMkiaZiJDXkatsyB45mGOvE9
yxn3aQG+/ChC6WkoQqniFudKL9eCJRDehnqAQjk/Jo9zP0RExaGePpvEDzlzuI7c
bcz3hJdRqRuzu0PWVZWdWIfiM622Rqy6ifVD4rh/iNk0qkG299Ie9Xe11KITQ1r6
KpvB2aLFGSKPE4vx8Czeq+jNmhuxTMjVUapKjmmiA8SCIbIdHuncnizgwjYFdlFk
Q7pktBfbvRyOeQ==
-----END CERTIFICATE-----