Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
File:                     0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft (raw, json)
Hash identifier:          JushTGCWgXv7OOrpkmpBTrkfGY6D9D0/nVN5kZ6XgEA=
Subject key identifier:   52:07:2F:91:1C:E5:DE:F2:EA:5C:6D:1B:AC:0B:F5:CD:EC:0D:98:C7
Authority key identifier: D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4
Certificate issuer:       /CN=d217978586bff3a6777d55a9a9635841516d43b4
Certificate serial:       019D9BF5A83C37C35B7D13328AAAD02D8CC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
Manifest number:          0E56
Signing time:             Fri 17 Apr 2026 15:01:00 +0000
Manifest this update:     Fri 17 Apr 2026 15:01:00 +0000
Manifest next update:     Sat 18 Apr 2026 15:01:00 +0000
Files and hashes:         1: 0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl (hash: 4xFsymiRvXwbi7QNHnwbFXa0r3Lb9CxylsSpwEka2wY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 15:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:f5:a8:3c:37:c3:5b:7d:13:32:8a:aa:d0:2d:8c:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217978586bff3a6777d55a9a9635841516d43b4
        Validity
            Not Before: Apr 17 15:01:00 2026 GMT
            Not After : Apr 18 15:01:00 2026 GMT
        Subject: CN=52072f911ce5def2ea5c6d1bac0bf5cdec0d98c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6f:a4:30:16:58:e0:58:c9:b1:fa:e4:f4:b3:
                    af:86:6f:02:42:cc:aa:2b:96:3f:ba:cc:fe:b8:90:
                    f1:23:25:36:f2:79:c1:2b:a4:0b:3f:86:5b:f3:e4:
                    36:dd:bb:e5:56:18:9d:26:78:ca:b4:7c:fa:c1:25:
                    3f:3b:44:40:8a:09:ac:3a:9b:50:28:1c:d8:53:43:
                    a5:3a:4e:a2:93:bb:dc:3c:e0:f2:e0:0b:fe:07:93:
                    04:e6:d3:9e:e6:c8:16:f5:58:14:4f:60:27:86:16:
                    f2:a1:21:e7:33:63:1a:dc:ab:04:a3:04:c0:d1:59:
                    ed:89:a5:bb:ee:4d:bb:0c:40:80:17:5d:c5:39:b6:
                    63:56:65:19:a9:44:94:9b:74:f2:de:2e:ef:c6:14:
                    02:0d:df:35:22:15:10:1a:6e:b8:c0:8d:a4:e2:39:
                    73:64:d3:80:29:52:c5:38:b9:a8:fe:d1:32:83:d3:
                    15:57:fe:a9:fb:21:67:3c:8e:db:be:7e:f6:3b:48:
                    94:dc:67:28:69:fb:da:ad:81:e8:09:91:92:94:38:
                    bf:b5:db:e2:6d:33:8a:c9:bb:f3:d6:23:23:7e:07:
                    34:e0:10:fa:e8:ed:3e:73:2a:5c:b8:b9:ab:ee:7b:
                    88:01:63:6a:76:c2:7f:26:8b:12:69:8f:f4:73:88:
                    64:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:07:2F:91:1C:E5:DE:F2:EA:5C:6D:1B:AC:0B:F5:CD:EC:0D:98:C7
            X509v3 Authority Key Identifier:
                keyid:D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:18:e1:02:9f:96:f9:ec:6c:12:5f:94:c9:20:9e:07:af:09:
         59:e0:6b:87:e2:c0:f9:dc:e1:e8:31:d7:ae:7f:a2:e4:de:0b:
         76:4b:2d:32:61:44:b4:55:09:f7:b0:47:86:71:db:f3:86:7e:
         4d:7e:4a:7d:01:46:40:cf:de:d2:8e:a4:0e:34:2e:2b:37:5e:
         c8:f9:7d:1f:44:3d:1c:86:d1:6e:d9:75:66:76:28:d7:8b:f6:
         b6:6f:05:af:4b:da:19:1f:a9:8d:76:d2:a1:1b:f0:12:1a:ab:
         49:ef:f1:0e:aa:9c:cd:14:15:20:88:3f:54:c8:dd:0b:a6:f5:
         9e:5b:1f:8f:ae:1c:77:c1:b2:d4:95:5d:6b:95:d5:74:f3:bc:
         e1:ef:3e:86:67:97:30:37:ae:7d:55:4b:89:b6:f3:34:1f:f1:
         8a:0e:fb:16:07:e6:1e:6d:49:f9:a5:28:f2:ea:12:2d:9a:09:
         e7:9a:4e:02:cc:51:b7:a1:30:7e:e5:d8:3d:32:89:94:73:7c:
         b2:b8:07:dc:0c:ac:1e:ea:13:ef:ca:1b:f2:47:aa:9e:9f:af:
         f0:85:83:9a:ed:fb:be:41:09:75:83:f8:ab:9f:17:23:ec:67:
         ee:d9:93:33:e9:ad:99:a6:1c:fa:5f:32:20:9f:41:17:54:c2:
         f6:f0:de:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2b9ag8N8NbfRMyiqrQLYzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTc5Nzg1ODZiZmYzYTY3NzdkNTVhOWE5NjM1ODQxNTE2
ZDQzYjQwHhcNMjYwNDE3MTUwMTAwWhcNMjYwNDE4MTUwMTAwWjAzMTEwLwYDVQQD
Eyg1MjA3MmY5MTFjZTVkZWYyZWE1YzZkMWJhYzBiZjVjZGVjMGQ5OGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG+kMBZY4FjJsfrk9LOvhm8CQsyq
K5Y/usz+uJDxIyU28nnBK6QLP4Zb8+Q23bvlVhidJnjKtHz6wSU/O0RAigmsOptQ
KBzYU0OlOk6ik7vcPODy4Av+B5ME5tOe5sgW9VgUT2AnhhbyoSHnM2Ma3KsEowTA
0VntiaW77k27DECAF13FObZjVmUZqUSUm3Ty3i7vxhQCDd81IhUQGm64wI2k4jlz
ZNOAKVLFOLmo/tEyg9MVV/6p+yFnPI7bvn72O0iU3GcoafvarYHoCZGSlDi/tdvi
bTOKybvz1iMjfgc04BD66O0+cypcuLmr7nuIAWNqdsJ/JosSaY/0c4hkowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIHL5Ec5d7y6lxtG6wL9c3sDZjHMB8GA1UdIwQY
MBaAFNIXl4WGv/Omd31VqaljWEFRbUO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEt
NGNlNGQzYjE5N2Q4LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEtNGNlNGQzYjE5N2Q4
LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzxjhAp+W
+exsEl+UySCeB68JWeBrh+LA+dzh6DHXrn+i5N4LdkstMmFEtFUJ97BHhnHb84Z+
TX5KfQFGQM/e0o6kDjQuKzdeyPl9H0Q9HIbRbtl1ZnYo14v2tm8Fr0vaGR+pjXbS
oRvwEhqrSe/xDqqczRQVIIg/VMjdC6b1nlsfj64cd8Gy1JVda5XVdPO84e8+hmeX
MDeufVVLibbzNB/xig77FgfmHm1J+aUo8uoSLZoJ55pOAsxRt6EwfuXYPTKJlHN8
srgH3AysHuoT78ob8keqnp+v8IWDmu37vkEJdYP4q58XI+xn7tmTM+mtmaYc+l8y
IJ9BF1TC9vDefQ==
-----END CERTIFICATE-----