Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft
File:                     dQRxYHUyqMev1g1PMXqtxJDrogY.mft (raw, json)
Hash identifier:          QZKv+q4+BslA9T5ytzCCxX/ye0ToGmmxS6sUQt7py8w=
Subject key identifier:   A5:9B:B3:44:08:84:B8:CE:E6:5C:29:22:F0:FD:C5:26:32:9E:54:0E
Authority key identifier: 75:04:71:60:75:32:A8:C7:AF:D6:0D:4F:31:7A:AD:C4:90:EB:A2:06
Certificate issuer:       /CN=750471607532a8c7afd60d4f317aadc490eba206
Certificate serial:       019DA48A4FCD462CD7068BC44175993EB2EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dQRxYHUyqMev1g1PMXqtxJDrogY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft
Manifest number:          18C3
Signing time:             Sun 19 Apr 2026 07:00:20 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:20 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:20 +0000
Files and hashes:         1: dQRxYHUyqMev1g1PMXqtxJDrogY.crl (hash: zYVqA5oOaStz2RoR70aqkkfqaGaeTwLxLcoMGjJ9rkI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dQRxYHUyqMev1g1PMXqtxJDrogY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:4f:cd:46:2c:d7:06:8b:c4:41:75:99:3e:b2:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=750471607532a8c7afd60d4f317aadc490eba206
        Validity
            Not Before: Apr 19 07:00:20 2026 GMT
            Not After : Apr 20 07:00:20 2026 GMT
        Subject: CN=a59bb3440884b8cee65c2922f0fdc526329e540e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8d:8e:31:57:a0:d1:62:49:bf:e4:95:63:f5:
                    c4:a6:2e:19:e3:86:a3:84:7d:96:70:aa:c5:75:57:
                    f3:49:65:ea:f4:f9:24:8b:56:8e:fa:86:23:81:0b:
                    c8:71:ac:32:54:4d:9c:14:f0:f6:ae:13:8f:54:85:
                    4f:58:b2:e2:45:7d:7c:03:59:1d:4a:1c:c6:a0:c0:
                    31:3a:3b:82:3c:4e:b4:f6:0f:af:63:26:89:68:dd:
                    92:d6:e0:88:d3:ab:d4:0c:be:4b:4e:0f:1e:4b:a0:
                    c7:5a:9c:ac:4f:c2:87:56:3b:12:55:e3:00:ab:75:
                    c3:f9:31:00:09:b2:e5:2d:81:73:63:94:95:dc:1f:
                    eb:44:07:95:f6:23:ce:66:cc:84:50:4f:32:84:cf:
                    2b:e4:37:a3:8e:2a:7b:1d:c9:f5:ed:2e:ac:93:04:
                    85:07:da:14:b3:2d:b8:fb:1f:cc:f2:54:47:37:cf:
                    bf:cc:86:d4:52:d8:ce:d7:50:13:ef:93:4a:99:90:
                    9c:76:37:31:a3:b9:95:4b:65:2d:53:9f:d2:25:72:
                    53:b2:4e:67:7e:37:74:e8:de:a7:6f:a9:96:11:46:
                    ad:3c:f2:64:f9:e1:9f:a7:34:d4:2d:b4:f0:c0:0d:
                    0b:cd:dc:2b:05:20:f5:f1:f5:d8:0b:40:e6:cf:db:
                    fd:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:9B:B3:44:08:84:B8:CE:E6:5C:29:22:F0:FD:C5:26:32:9E:54:0E
            X509v3 Authority Key Identifier:
                keyid:75:04:71:60:75:32:A8:C7:AF:D6:0D:4F:31:7A:AD:C4:90:EB:A2:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQRxYHUyqMev1g1PMXqtxJDrogY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:a1:48:f4:09:c2:41:e5:1c:00:d6:e9:cc:89:e8:e7:26:e1:
         4a:b7:e6:3e:cc:61:b3:e0:60:bb:fd:9d:0d:98:41:df:0e:b7:
         a3:94:09:06:f5:14:f6:41:c8:da:83:4c:a5:b2:bc:1f:f4:91:
         a7:1e:a0:b2:c3:8f:30:b6:09:48:cb:5e:26:b6:44:0b:cc:02:
         2e:b2:20:ae:71:b5:94:13:7a:db:4e:ae:f0:29:28:fe:e0:c4:
         aa:73:2a:9f:7f:5b:c7:ee:8c:18:17:34:7f:2c:7e:34:d5:fb:
         5d:ac:67:aa:27:a2:2a:57:d2:7e:38:18:1e:e8:9d:62:de:ff:
         38:3c:f1:cb:db:19:84:fd:c1:f7:b3:94:55:6c:13:9a:b6:c0:
         d3:e7:c0:44:f1:b0:34:89:99:88:a4:23:a1:0b:ae:f1:c7:b3:
         9f:8b:ad:6d:fc:c8:2c:a4:f2:fc:16:74:a9:dd:a9:51:86:ae:
         07:7e:c9:4f:8c:ef:8d:e9:ef:d0:09:86:90:77:23:23:b1:fe:
         25:8a:25:62:0e:16:57:c1:3e:3a:90:00:1d:23:26:b0:03:9b:
         c5:52:8f:8a:1f:5e:8b:95:31:e4:fe:6a:66:20:ff:b2:52:4e:
         47:ae:ea:ab:bd:65:ad:33:5b:56:b9:92:b0:b5:e4:5b:3e:ed:
         c8:fd:2e:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kik/NRizXBovEQXWZPrLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDQ3MTYwNzUzMmE4YzdhZmQ2MGQ0ZjMxN2FhZGM0OTBl
YmEyMDYwHhcNMjYwNDE5MDcwMDIwWhcNMjYwNDIwMDcwMDIwWjAzMTEwLwYDVQQD
EyhhNTliYjM0NDA4ODRiOGNlZTY1YzI5MjJmMGZkYzUyNjMyOWU1NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI2OMVeg0WJJv+SVY/XEpi4Z44aj
hH2WcKrFdVfzSWXq9Pkki1aO+oYjgQvIcawyVE2cFPD2rhOPVIVPWLLiRX18A1kd
ShzGoMAxOjuCPE609g+vYyaJaN2S1uCI06vUDL5LTg8eS6DHWpysT8KHVjsSVeMA
q3XD+TEACbLlLYFzY5SV3B/rRAeV9iPOZsyEUE8yhM8r5Dejjip7Hcn17S6skwSF
B9oUsy24+x/M8lRHN8+/zIbUUtjO11AT75NKmZCcdjcxo7mVS2UtU5/SJXJTsk5n
fjd06N6nb6mWEUatPPJk+eGfpzTULbTwwA0LzdwrBSD18fXYC0Dmz9v9HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWbs0QIhLjO5lwpIvD9xSYynlQOMB8GA1UdIwQY
MBaAFHUEcWB1MqjHr9YNTzF6rcSQ66IGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFSeFlIVXlxTWV2MWcxUE1YcXR4SkRyb2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kZmE2YTEtMWU0Yy00OWZmLWE0ODAt
Mjc0MjMyZDY5NTA1LzEvZFFSeFlIVXlxTWV2MWcxUE1YcXR4SkRyb2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kZmE2YTEtMWU0Yy00OWZmLWE0ODAtMjc0MjMyZDY5NTA1
LzEvZFFSeFlIVXlxTWV2MWcxUE1YcXR4SkRyb2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIaFI9AnC
QeUcANbpzIno5ybhSrfmPsxhs+Bgu/2dDZhB3w63o5QJBvUU9kHI2oNMpbK8H/SR
px6gssOPMLYJSMteJrZEC8wCLrIgrnG1lBN6206u8Cko/uDEqnMqn39bx+6MGBc0
fyx+NNX7XaxnqieiKlfSfjgYHuidYt7/ODzxy9sZhP3B97OUVWwTmrbA0+fARPGw
NImZiKQjoQuu8cezn4utbfzILKTy/BZ0qd2pUYauB37JT4zvjenv0AmGkHcjI7H+
JYolYg4WV8E+OpAAHSMmsAObxVKPih9ei5Ux5P5qZiD/slJOR67qq71lrTNbVrmS
sLXkWz7tyP0ujA==
-----END CERTIFICATE-----