Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          yvAUiHmDur965jt2XMMOJubFDWXRSebc5q8QONOJYgc=
Subject key identifier:   BD:0C:27:75:65:74:79:C4:DE:17:13:C0:05:A5:28:D7:7F:1D:D9:9A
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       019D9AE28FBE68106C4CACD2EB283EEE7701
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          14CE
Signing time:             Fri 17 Apr 2026 10:00:32 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:32 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:32 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: FkoP++v1K7jD0l8eX+wKwwXyljXanbZ5tsKJsyvI2lk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:8f:be:68:10:6c:4c:ac:d2:eb:28:3e:ee:77:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Apr 17 10:00:32 2026 GMT
            Not After : Apr 18 10:00:32 2026 GMT
        Subject: CN=bd0c2775657479c4de1713c005a528d77f1dd99a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a2:76:69:6a:7f:0c:5e:b6:4d:42:b4:08:14:
                    c3:48:b9:09:46:04:23:a8:61:7a:f3:17:9c:ac:39:
                    37:83:ef:73:37:b8:41:09:cd:b4:5a:14:4e:04:71:
                    5a:66:d3:c9:b9:f5:b8:c8:b3:77:f0:61:60:13:9a:
                    e1:6c:a5:76:33:17:f6:32:48:f8:b6:e0:5b:9b:a0:
                    fa:63:18:9c:77:5c:ab:7b:37:b7:6f:b7:32:14:b4:
                    d3:6a:40:b7:08:90:f1:b7:36:78:f0:ea:51:00:05:
                    81:20:61:b4:4c:0d:09:06:ec:b1:4a:97:7a:a1:a5:
                    e3:a9:ab:c7:b1:ac:4a:25:86:35:d3:91:03:e6:d1:
                    d1:8b:c7:9c:c9:60:08:60:61:68:b6:43:ab:f9:a5:
                    42:1d:b7:79:b2:f0:87:14:0d:53:62:12:02:89:78:
                    24:44:7f:57:db:5e:eb:26:ca:91:3f:1f:c4:8b:6b:
                    e3:9f:f8:31:68:3d:c3:45:3b:55:c0:11:53:61:29:
                    a6:94:37:db:ca:48:d0:19:be:21:eb:a1:c3:b5:83:
                    51:80:1f:25:87:80:82:06:76:50:94:b9:25:ce:06:
                    83:1f:fa:32:6a:78:41:ce:32:49:ac:55:a0:56:72:
                    ea:ae:7a:48:3e:64:96:a7:b0:f9:67:d7:7f:40:15:
                    cd:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:0C:27:75:65:74:79:C4:DE:17:13:C0:05:A5:28:D7:7F:1D:D9:9A
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:59:31:06:57:a4:97:43:b0:94:88:6d:8e:b4:c6:41:16:7b:
         89:8e:1b:8c:64:60:0e:de:ee:48:b0:8f:e7:48:11:71:60:38:
         77:36:66:a3:61:a6:29:25:8b:2a:89:cc:3b:57:aa:cf:e6:e1:
         c6:3b:74:b4:c7:12:4b:23:1b:d7:f9:95:55:47:6a:05:21:92:
         eb:eb:11:e4:02:d4:73:28:47:6b:6b:31:38:62:58:51:f6:f2:
         c7:38:fa:c3:2d:7c:ae:33:66:fe:c6:68:bb:64:dd:fc:1c:0d:
         5d:f6:3b:c1:30:02:71:e3:03:25:ea:01:14:00:43:dc:76:96:
         fc:e9:35:81:ff:26:60:c4:93:5b:2d:15:80:0c:bf:f4:f9:86:
         32:e2:82:ce:1f:1f:6e:56:72:39:f7:cc:45:a1:02:b6:1e:1e:
         c0:1a:f4:d7:3e:68:93:26:c7:ba:4d:b9:e4:a0:20:9f:65:8c:
         68:cb:9c:e6:9c:80:2c:4c:8a:8d:b0:71:b8:7b:35:01:e1:9d:
         f2:d2:43:07:8b:9e:6f:5a:14:74:7a:71:5f:b5:2c:86:da:be:
         4d:ac:89:29:bd:1d:4f:d2:d2:bb:4f:2a:19:a4:48:ef:e9:61:
         23:59:5e:c8:f0:1f:e9:4c:25:7f:cb:3a:f1:65:51:78:1f:c9:
         55:7c:29:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4o++aBBsTKzS6yg+7ncBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjYwNDE3MTAwMDMyWhcNMjYwNDE4MTAwMDMyWjAzMTEwLwYDVQQD
EyhiZDBjMjc3NTY1NzQ3OWM0ZGUxNzEzYzAwNWE1MjhkNzdmMWRkOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKJ2aWp/DF62TUK0CBTDSLkJRgQj
qGF68xecrDk3g+9zN7hBCc20WhROBHFaZtPJufW4yLN38GFgE5rhbKV2Mxf2Mkj4
tuBbm6D6Yxicd1yreze3b7cyFLTTakC3CJDxtzZ48OpRAAWBIGG0TA0JBuyxSpd6
oaXjqavHsaxKJYY105ED5tHRi8ecyWAIYGFotkOr+aVCHbd5svCHFA1TYhICiXgk
RH9X217rJsqRPx/Ei2vjn/gxaD3DRTtVwBFTYSmmlDfbykjQGb4h66HDtYNRgB8l
h4CCBnZQlLklzgaDH/oyanhBzjJJrFWgVnLqrnpIPmSWp7D5Z9d/QBXNIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0MJ3VldHnE3hcTwAWlKNd/HdmaMB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHVkxBlek
l0OwlIhtjrTGQRZ7iY4bjGRgDt7uSLCP50gRcWA4dzZmo2GmKSWLKonMO1eqz+bh
xjt0tMcSSyMb1/mVVUdqBSGS6+sR5ALUcyhHa2sxOGJYUfbyxzj6wy18rjNm/sZo
u2Td/BwNXfY7wTACceMDJeoBFABD3HaW/Ok1gf8mYMSTWy0VgAy/9PmGMuKCzh8f
blZyOffMRaECth4ewBr01z5okybHuk255KAgn2WMaMuc5pyALEyKjbBxuHs1AeGd
8tJDB4ueb1oUdHpxX7Ushtq+TayJKb0dT9LSu08qGaRI7+lhI1leyPAf6Uwlf8s6
8WVReB/JVXwpHw==
-----END CERTIFICATE-----