Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          5P70E5eKP9/2SyISmJ2BdRO5+ADCQ3tyBgFyqrU0RfY=
Subject key identifier:   04:89:A0:61:81:1F:67:4B:09:46:6C:98:59:2F:6B:60:09:34:3F:5A
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019D9B19531F686CB6BEB55D6444645DCAF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          1142
Signing time:             Fri 17 Apr 2026 11:00:21 +0000
Manifest this update:     Fri 17 Apr 2026 11:00:21 +0000
Manifest next update:     Sat 18 Apr 2026 11:00:21 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: rxQvK28/E2cWlBzwXSJUeubJyqcB2ktsZ7eMGjxGwwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 11:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:19:53:1f:68:6c:b6:be:b5:5d:64:44:64:5d:ca:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Apr 17 11:00:21 2026 GMT
            Not After : Apr 18 11:00:21 2026 GMT
        Subject: CN=0489a061811f674b09466c98592f6b6009343f5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:66:5c:b8:9d:e0:6a:59:79:88:8d:37:39:47:
                    97:25:af:bf:08:fc:1f:65:92:dd:72:f8:98:f5:8b:
                    e9:bf:7a:d8:f3:87:de:43:c5:da:8f:8d:39:6b:69:
                    81:94:60:e6:bd:eb:17:7b:19:66:e7:88:97:b3:82:
                    cb:94:1f:a2:8f:88:35:51:ea:de:d8:5a:9b:cb:63:
                    d8:28:54:6d:bf:45:58:11:a1:ce:a2:c5:de:38:e7:
                    6a:1b:5b:e6:43:97:70:c9:a0:95:30:02:7c:97:c1:
                    e0:b1:15:ba:06:c6:23:18:0c:f8:a5:8c:44:b2:72:
                    c6:b2:c9:4c:d5:85:25:e3:c8:99:b3:d6:eb:91:89:
                    bc:63:fa:2c:c6:3b:98:90:f5:c5:b9:55:9f:05:fa:
                    94:70:42:14:04:cc:f5:5b:7b:e3:48:55:50:2e:31:
                    b8:b3:1c:4f:c0:60:ba:e6:ff:4f:90:74:fe:3c:f2:
                    e0:84:43:6a:8c:cf:ed:79:9d:47:22:5e:15:0d:68:
                    c6:77:86:8d:0a:fd:26:77:63:0e:bc:6e:a6:6d:2f:
                    0b:50:a6:23:9f:13:c9:20:3b:1a:d2:c5:ba:bd:5d:
                    50:8c:86:75:97:8b:04:c6:f6:9f:b3:b5:f1:ed:12:
                    83:36:a2:cd:8b:90:4e:71:36:be:08:f4:00:b3:b0:
                    80:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:89:A0:61:81:1F:67:4B:09:46:6C:98:59:2F:6B:60:09:34:3F:5A
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:ea:8b:42:d7:74:51:8f:13:5b:30:76:c2:2b:43:14:b1:ab:
         2c:0c:c4:55:24:9c:ec:7c:e7:1e:a9:48:e1:80:c4:8f:46:4a:
         02:ab:34:b5:65:94:8c:80:c7:22:8b:9c:d6:26:a6:fe:a7:3a:
         b6:a8:b5:79:a6:71:65:0e:17:58:54:c1:54:a6:2c:4b:fb:c2:
         23:9b:a8:69:5c:dd:8f:fd:9a:0d:97:fb:3c:cc:05:4e:48:32:
         33:89:7d:6d:03:3e:94:19:a8:76:ca:d7:09:9e:71:07:2b:7d:
         cc:8e:42:b8:87:07:e6:3c:e3:02:f6:3e:cf:c5:db:d6:5a:02:
         4c:85:d9:e1:d4:61:e6:34:02:3b:7f:1e:ac:40:a9:d3:5e:4e:
         7c:25:40:ce:0c:7a:d6:10:07:96:f5:5b:86:34:1a:3c:3c:6d:
         7c:3c:70:48:2f:be:6c:47:3b:1a:a6:df:03:59:a9:0f:09:3a:
         d5:97:0f:f0:c6:18:31:94:e9:47:99:72:3a:60:13:bc:98:fa:
         f7:dc:8a:ec:75:89:18:b2:3b:9c:76:67:8e:27:7f:90:db:d7:
         6d:4b:9a:0d:66:71:41:e0:07:93:40:23:6d:52:22:df:cd:b7:
         45:66:3f:28:6d:1b:cc:3e:95:3e:54:81:e3:89:4b:7a:0b:35:
         bc:f6:63:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGVMfaGy2vrVdZERkXcr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjYwNDE3MTEwMDIxWhcNMjYwNDE4MTEwMDIxWjAzMTEwLwYDVQQD
EygwNDg5YTA2MTgxMWY2NzRiMDk0NjZjOTg1OTJmNmI2MDA5MzQzZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGZcuJ3gall5iI03OUeXJa+/CPwf
ZZLdcviY9Yvpv3rY84feQ8Xaj405a2mBlGDmvesXexlm54iXs4LLlB+ij4g1Uere
2Fqby2PYKFRtv0VYEaHOosXeOOdqG1vmQ5dwyaCVMAJ8l8HgsRW6BsYjGAz4pYxE
snLGsslM1YUl48iZs9brkYm8Y/osxjuYkPXFuVWfBfqUcEIUBMz1W3vjSFVQLjG4
sxxPwGC65v9PkHT+PPLghENqjM/teZ1HIl4VDWjGd4aNCv0md2MOvG6mbS8LUKYj
nxPJIDsa0sW6vV1QjIZ1l4sExvafs7Xx7RKDNqLNi5BOcTa+CPQAs7CAuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFASJoGGBH2dLCUZsmFkva2AJND9aMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABOqLQtd0
UY8TWzB2witDFLGrLAzEVSSc7HznHqlI4YDEj0ZKAqs0tWWUjIDHIouc1iam/qc6
tqi1eaZxZQ4XWFTBVKYsS/vCI5uoaVzdj/2aDZf7PMwFTkgyM4l9bQM+lBmodsrX
CZ5xByt9zI5CuIcH5jzjAvY+z8Xb1loCTIXZ4dRh5jQCO38erECp015OfCVAzgx6
1hAHlvVbhjQaPDxtfDxwSC++bEc7GqbfA1mpDwk61ZcP8MYYMZTpR5lyOmATvJj6
99yK7HWJGLI7nHZnjid/kNvXbUuaDWZxQeAHk0AjbVIi3823RWY/KG0bzD6VPlSB
44lLegs1vPZjpA==
-----END CERTIFICATE-----