Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
File:                     _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json)
Hash identifier:          Kr6UODjXE3HC8Rv+qEbiiK+6XbhUwVF5y3EukcEijRs=
Subject key identifier:   8B:24:B5:51:29:58:D4:11:32:E2:41:DF:64:F5:A6:D6:ED:AC:44:76
Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71
Certificate issuer:       /CN=fe83799967ecd04c5361489ee4cfa098ce436871
Certificate serial:       019DA29C1A5909AE0965A73AA117E69A7E0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
Manifest number:          18C2
Signing time:             Sat 18 Apr 2026 22:00:32 +0000
Manifest this update:     Sat 18 Apr 2026 22:00:32 +0000
Manifest next update:     Sun 19 Apr 2026 22:00:32 +0000
Files and hashes:         1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: nQFSdb6FS9Priig5xAIYbMFKbes3vEgVo4hFoAWVIJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:1a:59:09:ae:09:65:a7:3a:a1:17:e6:9a:7e:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871
        Validity
            Not Before: Apr 18 22:00:32 2026 GMT
            Not After : Apr 19 22:00:32 2026 GMT
        Subject: CN=8b24b5512958d41132e241df64f5a6d6edac4476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ca:04:c2:ae:1b:4f:ff:22:29:cb:d9:78:c1:
                    0e:99:1b:bd:45:96:1c:14:e9:d6:a0:5d:1c:7d:ef:
                    31:2c:de:a3:98:73:80:7a:0c:5c:82:41:fb:93:c5:
                    c5:dc:ea:b2:0a:6d:3e:f0:9e:99:a3:4a:02:f8:8f:
                    c8:cb:03:50:cf:65:0f:0e:f2:7d:5c:a6:40:c8:89:
                    92:9c:5c:ba:e4:17:47:10:48:3b:91:e7:fb:0a:c5:
                    93:14:01:bf:77:20:9e:13:b0:16:f3:7b:ed:08:db:
                    37:4e:02:61:86:95:61:12:17:9f:9d:04:39:b2:56:
                    ca:96:12:79:b2:4f:2e:d7:da:3d:92:ea:2c:36:38:
                    58:ed:a1:96:8f:6c:13:64:17:1b:88:7e:53:87:d7:
                    65:e4:58:ec:28:71:79:67:a5:b4:51:2c:7f:1b:58:
                    05:73:50:ae:e6:1a:de:05:05:b4:31:9d:5d:81:15:
                    d7:eb:38:8e:a3:07:a1:ab:88:cd:25:bf:35:ba:19:
                    37:c4:df:f6:9f:11:d4:10:81:65:d6:82:f7:1b:fc:
                    0c:73:bf:95:e2:48:35:ac:3a:44:80:ab:f2:a2:23:
                    e4:5c:2f:ab:52:83:a7:e5:fe:1d:a7:16:12:a8:e1:
                    81:ca:68:95:05:6d:f3:75:c4:10:a7:4a:9c:59:52:
                    ff:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:24:B5:51:29:58:D4:11:32:E2:41:DF:64:F5:A6:D6:ED:AC:44:76
            X509v3 Authority Key Identifier:
                keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:2f:31:c2:6d:f5:cb:40:d6:6f:5e:86:4d:5b:20:61:e5:39:
         19:1b:4b:54:99:b0:b3:87:11:b6:d2:59:47:17:3a:74:8c:34:
         f7:ac:b0:55:12:51:6e:ca:bd:c5:ac:48:de:a9:ab:c8:d4:26:
         e4:df:08:a4:34:f4:ea:a9:13:ba:6b:22:2a:92:e0:5d:c4:43:
         f1:fc:fe:1b:3d:24:29:4b:35:b8:07:eb:8d:77:d9:26:68:c5:
         44:a9:3c:8a:3f:7b:1f:a3:2c:77:2a:46:06:70:f4:a7:51:b9:
         be:54:58:55:01:be:c1:93:f1:bd:f2:39:68:d2:31:e7:cc:fd:
         3d:75:6f:c3:06:27:59:2b:3a:39:63:a7:4e:54:ff:20:20:cd:
         19:63:de:6b:2b:ab:84:4c:ec:f0:c8:09:21:0f:15:91:93:ff:
         bc:92:18:20:dc:93:8d:b4:fe:0a:cb:94:ce:28:79:50:c8:02:
         aa:16:f9:e3:1b:43:5c:1d:43:7f:32:00:37:47:9a:69:83:a5:
         d2:b6:b7:37:8d:5c:ed:f1:be:93:be:06:1d:32:c8:7d:4d:ac:
         1b:12:5e:76:66:da:cc:e4:f9:99:d1:54:5d:c0:1d:75:21:49:
         2e:08:34:dd:88:78:4a:c7:40:33:28:42:b1:37:6f:62:87:c7:
         b1:ba:02:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inBpZCa4JZac6oRfmmn4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0
MzY4NzEwHhcNMjYwNDE4MjIwMDMyWhcNMjYwNDE5MjIwMDMyWjAzMTEwLwYDVQQD
Eyg4YjI0YjU1MTI5NThkNDExMzJlMjQxZGY2NGY1YTZkNmVkYWM0NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMoEwq4bT/8iKcvZeMEOmRu9RZYc
FOnWoF0cfe8xLN6jmHOAegxcgkH7k8XF3OqyCm0+8J6Zo0oC+I/IywNQz2UPDvJ9
XKZAyImSnFy65BdHEEg7kef7CsWTFAG/dyCeE7AW83vtCNs3TgJhhpVhEhefnQQ5
slbKlhJ5sk8u19o9kuosNjhY7aGWj2wTZBcbiH5Th9dl5FjsKHF5Z6W0USx/G1gF
c1Cu5hreBQW0MZ1dgRXX6ziOowehq4jNJb81uhk3xN/2nxHUEIFl1oL3G/wMc7+V
4kg1rDpEgKvyoiPkXC+rUoOn5f4dpxYSqOGBymiVBW3zdcQQp0qcWVL/CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsktVEpWNQRMuJB32T1ptbtrER2MB8GA1UdIwQY
MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt
YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk
LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAry8xwm31
y0DWb16GTVsgYeU5GRtLVJmws4cRttJZRxc6dIw096ywVRJRbsq9xaxI3qmryNQm
5N8IpDT06qkTumsiKpLgXcRD8fz+Gz0kKUs1uAfrjXfZJmjFRKk8ij97H6MsdypG
BnD0p1G5vlRYVQG+wZPxvfI5aNIx58z9PXVvwwYnWSs6OWOnTlT/ICDNGWPeayur
hEzs8MgJIQ8VkZP/vJIYINyTjbT+CsuUzih5UMgCqhb54xtDXB1DfzIAN0eaaYOl
0ra3N41c7fG+k74GHTLIfU2sGxJedmbazOT5mdFUXcAddSFJLgg03Yh4SsdAMyhC
sTdvYofHsboCDA==
-----END CERTIFICATE-----