Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
File:                     dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft (raw, json)
Hash identifier:          MxDwRMdzxlgroT9VIECFp/tvBygHiwjlD9Dk3t8YhVI=
Subject key identifier:   09:AF:89:FF:78:FC:08:CD:F0:A2:95:0C:4E:A1:AD:F8:C4:08:DC:09
Authority key identifier: 74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94
Certificate issuer:       /CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
Certificate serial:       019D9962D78DF25A66B17B104B5B98D0C5B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
Manifest number:          1098
Signing time:             Fri 17 Apr 2026 03:01:24 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:24 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:24 +0000
Files and hashes:         1: dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl (hash: 7fakj4Zyy7VzrgWdY+vOCeh14SmQ27dbthQktdD77ws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:d7:8d:f2:5a:66:b1:7b:10:4b:5b:98:d0:c5:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
        Validity
            Not Before: Apr 17 03:01:24 2026 GMT
            Not After : Apr 18 03:01:24 2026 GMT
        Subject: CN=09af89ff78fc08cdf0a2950c4ea1adf8c408dc09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:56:05:d4:72:62:14:5c:20:1f:36:53:d8:5c:
                    22:73:0f:11:c3:aa:aa:81:c9:43:64:9c:4b:10:01:
                    63:2e:45:20:57:45:73:da:5c:5c:c7:f3:e3:40:92:
                    ba:7f:69:2d:c0:2b:32:98:d8:40:7c:02:e8:d3:12:
                    9e:ae:e1:f6:fd:ba:c0:30:73:08:79:48:1a:d3:16:
                    11:d0:64:1c:22:ae:ff:f3:f7:69:20:ce:47:f1:b2:
                    a0:01:9a:b6:d3:a1:c3:60:a4:b0:1d:da:8f:1a:63:
                    97:5e:a5:23:86:58:87:64:cb:c0:29:e2:35:3a:04:
                    50:2d:58:9f:e8:0d:aa:03:cd:fa:9f:45:44:33:a8:
                    f1:9c:db:64:01:9c:aa:ef:a9:21:7d:7c:62:f9:9b:
                    31:8b:e2:e7:78:db:2c:8c:05:10:64:b0:5c:34:d6:
                    30:32:8f:73:4b:8f:e5:7c:9e:71:db:a7:55:66:e0:
                    78:33:79:10:e4:8d:4c:83:c3:63:9b:31:1f:95:80:
                    09:b3:76:42:48:bb:81:e2:29:0a:e3:ea:34:92:f0:
                    ca:34:2b:cc:58:8c:54:ef:b0:76:e0:60:42:94:e6:
                    d0:74:8a:44:3c:9e:a3:b0:3c:5c:cf:95:bd:18:45:
                    5c:74:eb:1a:a9:d3:cb:11:33:c2:01:ce:e4:89:f0:
                    d8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:AF:89:FF:78:FC:08:CD:F0:A2:95:0C:4E:A1:AD:F8:C4:08:DC:09
            X509v3 Authority Key Identifier:
                keyid:74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:c6:7b:6b:df:7a:b6:87:2d:c6:36:ef:84:22:0e:fd:62:aa:
         e5:04:99:b3:0a:85:6f:48:7a:4a:ce:98:17:be:cb:aa:11:28:
         85:ea:ea:8b:51:33:80:48:cb:61:a8:75:d0:a0:d8:c0:40:a1:
         78:cc:aa:8f:ab:bf:53:b5:3f:ee:92:68:cc:74:fc:5b:37:0a:
         a9:58:21:9a:a5:ea:a3:2f:c4:6b:d3:3f:46:28:9b:a1:77:c2:
         80:21:b9:5b:5e:9d:23:a0:20:fb:95:8b:30:e1:0a:0d:1b:5c:
         56:0a:23:62:b3:d2:3b:81:ac:61:1b:a4:78:b1:a5:70:c6:26:
         f6:92:33:42:76:4f:60:69:5f:99:79:01:f9:2f:e5:54:e6:b0:
         2c:ff:11:c7:ff:b2:08:a3:e0:34:27:34:48:88:67:76:55:33:
         e2:4e:99:4d:14:f9:6e:93:5d:3d:9b:4d:6e:66:cc:5c:eb:5a:
         10:3c:e6:97:7a:a4:1e:cd:3f:6e:2b:e9:27:a5:dc:af:bc:17:
         92:36:ec:1a:79:e2:62:77:0a:ad:dc:6c:bd:51:62:de:39:64:
         a5:44:f2:96:d8:05:cb:8d:5f:82:67:4e:c5:7a:a2:36:7e:19:
         71:ff:5b:e7:de:cd:cb:be:bd:63:6d:c3:42:a2:a1:ee:e9:11:
         cc:1e:e4:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYteN8lpmsXsQS1uY0MWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjJmOTg1Y2IzNGEwM2M3YzU1ODE2NDJjNmQ2ZWI0MzJj
ODNlOTQwHhcNMjYwNDE3MDMwMTI0WhcNMjYwNDE4MDMwMTI0WjAzMTEwLwYDVQQD
EygwOWFmODlmZjc4ZmMwOGNkZjBhMjk1MGM0ZWExYWRmOGM0MDhkYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlYF1HJiFFwgHzZT2Fwicw8Rw6qq
gclDZJxLEAFjLkUgV0Vz2lxcx/PjQJK6f2ktwCsymNhAfALo0xKeruH2/brAMHMI
eUga0xYR0GQcIq7/8/dpIM5H8bKgAZq206HDYKSwHdqPGmOXXqUjhliHZMvAKeI1
OgRQLVif6A2qA836n0VEM6jxnNtkAZyq76khfXxi+Zsxi+LneNssjAUQZLBcNNYw
Mo9zS4/lfJ5x26dVZuB4M3kQ5I1Mg8NjmzEflYAJs3ZCSLuB4ikK4+o0kvDKNCvM
WIxU77B24GBClObQdIpEPJ6jsDxcz5W9GEVcdOsaqdPLETPCAc7kifDYfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmvif94/AjN8KKVDE6hrfjECNwJMB8GA1UdIwQY
MBaAFHQi+YXLNKA8fFWBZCxtbrQyyD6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmIt
NTE0MWZhMzkwODBhLzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmItNTE0MWZhMzkwODBh
LzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb8Z7a996
toctxjbvhCIO/WKq5QSZswqFb0h6Ss6YF77LqhEoherqi1EzgEjLYah10KDYwECh
eMyqj6u/U7U/7pJozHT8WzcKqVghmqXqoy/Ea9M/RiiboXfCgCG5W16dI6Ag+5WL
MOEKDRtcVgojYrPSO4GsYRukeLGlcMYm9pIzQnZPYGlfmXkB+S/lVOawLP8Rx/+y
CKPgNCc0SIhndlUz4k6ZTRT5bpNdPZtNbmbMXOtaEDzml3qkHs0/bivpJ6Xcr7wX
kjbsGnniYncKrdxsvVFi3jlkpUTyltgFy41fgmdOxXqiNn4Zcf9b597Ny769Y23D
QqKh7ukRzB7kkw==
-----END CERTIFICATE-----