Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
File:                     giKx_lqaAWNQKFrAeI08yrPrORk.mft (raw, json)
Hash identifier:          4+1hk2lm7+ZOdQbw1V/64vEbw/UgetBd0FaiggorZ5M=
Subject key identifier:   94:E5:9B:97:90:55:4B:07:76:9F:B4:9D:DC:E3:53:C0:5C:85:81:BD
Authority key identifier: 82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19
Certificate issuer:       /CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
Certificate serial:       019D992B4EE9BA24D84DD28D0E4B93866468
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
Manifest number:          0A09
Signing time:             Fri 17 Apr 2026 02:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 02:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 02:00:45 +0000
Files and hashes:         1: giKx_lqaAWNQKFrAeI08yrPrORk.crl (hash: gBHLBUil9YaQlZXnDRAvUmhNRQyPi+gpQg0TG8LwzkE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:4e:e9:ba:24:d8:4d:d2:8d:0e:4b:93:86:64:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
        Validity
            Not Before: Apr 17 02:00:45 2026 GMT
            Not After : Apr 18 02:00:45 2026 GMT
        Subject: CN=94e59b9790554b07769fb49ddce353c05c8581bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:3f:1c:ad:6c:6b:7f:ef:4c:21:08:a4:f6:0b:
                    81:a8:e3:04:16:8a:2c:db:3b:54:c7:41:c6:37:36:
                    85:c7:f7:70:7b:99:f8:19:c6:f9:c4:40:d4:4e:31:
                    7e:3c:4b:e9:f7:74:2e:07:8a:6b:62:e8:ce:69:cf:
                    7c:63:b4:87:41:be:a2:30:63:71:ee:78:d5:a1:22:
                    58:ae:d7:80:b7:b2:f1:cb:64:ba:4a:9e:1f:0d:6b:
                    2e:4f:1b:67:50:95:78:f0:78:75:4f:23:a6:d0:be:
                    ca:fd:20:78:36:a0:4c:e6:85:74:76:d2:0f:15:a2:
                    d3:be:37:c6:16:4b:97:e8:d5:03:71:ee:6a:82:e8:
                    ea:c2:a5:68:03:e3:22:50:75:e4:26:d5:83:70:7c:
                    90:ac:ba:1f:fd:35:57:a7:8a:b1:80:f5:4c:ac:bd:
                    c3:8b:94:4d:85:50:6b:53:e2:5f:e9:b6:91:90:5c:
                    12:e3:a6:81:4a:9f:83:ae:33:16:eb:f8:13:8a:1c:
                    87:4d:14:d3:bb:27:4b:58:1f:7c:f5:dc:76:4a:6b:
                    42:04:0a:84:c8:ef:0c:62:fd:8a:2e:d6:cc:6b:ce:
                    3e:cd:07:c1:8b:78:b2:b0:57:d1:6a:b1:17:42:0b:
                    0e:53:05:80:91:fe:8a:f2:cc:ac:b4:1b:a8:de:ab:
                    d8:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E5:9B:97:90:55:4B:07:76:9F:B4:9D:DC:E3:53:C0:5C:85:81:BD
            X509v3 Authority Key Identifier:
                keyid:82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:cc:27:ca:ff:80:82:f2:b7:15:af:a4:39:dd:44:e0:e2:e1:
         6e:28:38:11:be:76:11:ed:7f:85:46:f4:ed:57:4b:3d:ad:b3:
         5d:0b:f3:35:e2:f0:59:d2:33:f9:34:0b:79:91:01:25:31:0f:
         a9:31:97:c3:f9:44:fd:2c:50:55:25:87:c2:51:de:ee:97:cd:
         13:68:ff:af:fd:57:51:77:54:21:ba:8f:50:3d:72:71:ec:4a:
         f2:38:18:c0:6c:a7:2b:68:68:c9:0d:21:65:15:3f:15:16:76:
         4b:84:78:ec:35:f4:84:de:7e:03:1d:6f:d8:63:b2:0a:4b:d9:
         b9:3d:ca:26:6d:97:bc:34:67:95:f3:65:db:bd:12:0e:c8:b2:
         f4:22:1c:6a:e6:f7:70:9b:7d:c2:c6:c7:b9:9e:73:ba:82:1d:
         bf:4c:ab:ad:78:5c:56:70:d8:84:1b:6e:b7:aa:6c:d6:95:8f:
         09:88:04:f0:83:33:24:77:ba:f4:36:5a:57:b0:90:38:1d:1e:
         78:4b:31:6f:3d:1b:44:81:a5:b0:12:4d:24:98:54:c1:27:a4:
         bc:96:81:69:27:5c:05:8b:95:66:fb:21:7e:db:f5:09:51:c9:
         04:67:42:65:49:17:dc:5d:db:97:24:ad:41:de:38:61:5e:e9:
         24:38:ee:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK07puiTYTdKNDkuThmRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMjJiMWZlNWE5YTAxNjM1MDI4NWFjMDc4OGQzY2NhYjNl
YjM5MTkwHhcNMjYwNDE3MDIwMDQ1WhcNMjYwNDE4MDIwMDQ1WjAzMTEwLwYDVQQD
Eyg5NGU1OWI5NzkwNTU0YjA3NzY5ZmI0OWRkY2UzNTNjMDVjODU4MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j8crWxrf+9MIQik9guBqOMEFoos
2ztUx0HGNzaFx/dwe5n4Gcb5xEDUTjF+PEvp93QuB4prYujOac98Y7SHQb6iMGNx
7njVoSJYrteAt7Lxy2S6Sp4fDWsuTxtnUJV48Hh1TyOm0L7K/SB4NqBM5oV0dtIP
FaLTvjfGFkuX6NUDce5qgujqwqVoA+MiUHXkJtWDcHyQrLof/TVXp4qxgPVMrL3D
i5RNhVBrU+Jf6baRkFwS46aBSp+DrjMW6/gTihyHTRTTuydLWB989dx2SmtCBAqE
yO8MYv2KLtbMa84+zQfBi3iysFfRarEXQgsOUwWAkf6K8systBuo3qvYqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTlm5eQVUsHdp+0ndzjU8BchYG9MB8GA1UdIwQY
MBaAFIIisf5amgFjUChawHiNPMqz6zkZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTIt
MzBhMTY0ODVmNWM0LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTItMzBhMTY0ODVmNWM0
LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqcwnyv+A
gvK3Fa+kOd1E4OLhbig4Eb52Ee1/hUb07VdLPa2zXQvzNeLwWdIz+TQLeZEBJTEP
qTGXw/lE/SxQVSWHwlHe7pfNE2j/r/1XUXdUIbqPUD1ycexK8jgYwGynK2hoyQ0h
ZRU/FRZ2S4R47DX0hN5+Ax1v2GOyCkvZuT3KJm2XvDRnlfNl270SDsiy9CIcaub3
cJt9wsbHuZ5zuoIdv0yrrXhcVnDYhBtut6ps1pWPCYgE8IMzJHe69DZaV7CQOB0e
eEsxbz0bRIGlsBJNJJhUwSekvJaBaSdcBYuVZvshftv1CVHJBGdCZUkX3F3blySt
Qd44YV7pJDjusA==
-----END CERTIFICATE-----