Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          JYrkZTgn0QDKREGBlJBPOdUOsCh61t31+ph4k6wFLmE=
Subject key identifier:   E1:4B:9A:A2:CA:9C:33:BE:FA:10:68:AB:6E:C8:B8:5B:0A:35:14:92
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       019D9A3E0B2678FEFE89BE4641CCEAAEA881
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          138D
Signing time:             Fri 17 Apr 2026 07:00:50 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:50 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:50 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: KSeiHaBplOuwkl88YGh4f3IaF6+6Rq6Suf3JhzPm5JE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:0b:26:78:fe:fe:89:be:46:41:cc:ea:ae:a8:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Apr 17 07:00:50 2026 GMT
            Not After : Apr 18 07:00:50 2026 GMT
        Subject: CN=e14b9aa2ca9c33befa1068ab6ec8b85b0a351492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6a:5c:a6:4f:e6:c4:19:f0:c4:16:49:9b:3b:
                    b2:83:99:1b:2b:8f:90:ee:99:18:72:38:04:33:f8:
                    7c:a9:81:21:8a:5d:5e:04:90:af:56:1c:cd:6c:f9:
                    d5:30:a5:17:74:5f:cd:db:05:06:d4:0a:d4:bb:94:
                    85:7e:7d:4d:a2:81:dd:ae:44:9c:8f:e0:4e:f8:f8:
                    a8:f2:24:d4:0e:ef:e6:e0:6c:6c:2b:bd:c5:6f:f7:
                    59:d2:40:9e:48:b6:d5:18:1e:54:5a:67:74:65:38:
                    f3:e1:7d:74:ff:a6:0f:e1:d8:f6:92:f0:66:d2:f2:
                    53:8c:33:8d:d4:cd:99:19:26:db:2e:6f:98:81:c0:
                    e1:a2:7d:47:fd:89:d4:df:04:dd:68:3f:0c:f9:55:
                    aa:dd:8c:19:d6:cc:d9:93:18:39:f2:0d:f4:16:f1:
                    dd:a3:44:86:62:3e:a0:f0:d9:c1:f0:4c:eb:11:b9:
                    e1:10:cf:5f:0b:95:d4:3d:fc:7d:c0:81:c9:5e:08:
                    ba:56:21:66:09:7f:0b:39:86:6f:5d:6e:e5:9f:83:
                    1e:51:10:44:2c:87:07:26:c9:55:38:0b:4e:df:71:
                    b3:61:bc:9b:cd:d6:2f:68:d4:ca:e9:d1:59:de:db:
                    89:fb:6f:37:4b:ea:44:75:35:b7:22:b1:93:43:bc:
                    cf:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:4B:9A:A2:CA:9C:33:BE:FA:10:68:AB:6E:C8:B8:5B:0A:35:14:92
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:d1:0e:e9:98:3f:57:3e:59:db:2e:70:c9:70:3c:7e:e4:91:
         8d:63:aa:74:ee:da:84:dd:aa:a5:8c:c8:60:c3:11:1b:37:bf:
         95:92:9b:49:a9:8c:52:7b:fd:fd:b5:10:5a:36:6f:dd:cf:56:
         43:9a:ff:df:5a:84:1d:64:d0:f4:cb:46:25:26:72:4b:04:f9:
         37:de:a3:97:39:ec:0d:ea:4c:13:52:5d:98:fd:07:4d:75:92:
         a5:cb:32:62:5f:36:8d:93:81:a4:83:ad:c5:66:14:00:e3:45:
         82:00:aa:52:b9:69:56:1f:e8:dd:a0:fd:3d:88:92:a3:88:c1:
         09:c5:93:00:9f:f4:ba:d5:86:a9:b2:38:62:f7:f3:0f:2b:c1:
         0e:d3:a6:bc:11:8b:40:49:f0:e8:48:9f:3b:86:b3:5f:4d:97:
         17:c0:87:bb:f7:50:5f:e3:c5:56:a6:e0:46:06:b5:66:77:bd:
         b3:66:a1:95:97:c1:e4:2c:5a:99:19:f3:c4:6b:87:ba:25:a1:
         12:f7:a7:82:ef:09:10:1a:36:c0:6f:8c:6d:e9:42:1a:bd:71:
         6c:fe:9d:f6:77:28:67:68:14:57:0e:33:86:7d:65:fd:18:a7:
         2d:17:c2:97:6f:ef:d1:cc:18:72:49:3c:04:a8:d4:e0:d7:c9:
         40:63:ab:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPgsmeP7+ib5GQczqrqiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjYwNDE3MDcwMDUwWhcNMjYwNDE4MDcwMDUwWjAzMTEwLwYDVQQD
EyhlMTRiOWFhMmNhOWMzM2JlZmExMDY4YWI2ZWM4Yjg1YjBhMzUxNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2pcpk/mxBnwxBZJmzuyg5kbK4+Q
7pkYcjgEM/h8qYEhil1eBJCvVhzNbPnVMKUXdF/N2wUG1ArUu5SFfn1NooHdrkSc
j+BO+Pio8iTUDu/m4GxsK73Fb/dZ0kCeSLbVGB5UWmd0ZTjz4X10/6YP4dj2kvBm
0vJTjDON1M2ZGSbbLm+YgcDhon1H/YnU3wTdaD8M+VWq3YwZ1szZkxg58g30FvHd
o0SGYj6g8NnB8EzrEbnhEM9fC5XUPfx9wIHJXgi6ViFmCX8LOYZvXW7ln4MeURBE
LIcHJslVOAtO33GzYbybzdYvaNTK6dFZ3tuJ+283S+pEdTW3IrGTQ7zPuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFLmqLKnDO++hBoq27IuFsKNRSSMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNEO6Zg/
Vz5Z2y5wyXA8fuSRjWOqdO7ahN2qpYzIYMMRGze/lZKbSamMUnv9/bUQWjZv3c9W
Q5r/31qEHWTQ9MtGJSZySwT5N96jlznsDepME1JdmP0HTXWSpcsyYl82jZOBpIOt
xWYUAONFggCqUrlpVh/o3aD9PYiSo4jBCcWTAJ/0utWGqbI4YvfzDyvBDtOmvBGL
QEnw6EifO4azX02XF8CHu/dQX+PFVqbgRga1Zne9s2ahlZfB5CxamRnzxGuHuiWh
Evengu8JEBo2wG+MbelCGr1xbP6d9ncoZ2gUVw4zhn1l/RinLRfCl2/v0cwYckk8
BKjU4NfJQGOrZg==
-----END CERTIFICATE-----