Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
File:                     0NxXC8HJZLq37VbGc6pAUY-FRXg.mft (raw, json)
Hash identifier:          sE7uNPhegrS6jSJeHhWXB5vv4ob6WXC/D9ik0gkB0Jc=
Subject key identifier:   37:C1:D1:41:62:D2:C8:84:24:3D:89:82:EB:2D:99:83:59:58:A6:A3
Authority key identifier: D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78
Certificate issuer:       /CN=d0dc570bc1c964bab7ed56c673aa40518f854578
Certificate serial:       019EC25BEECF26DE9768A3C6D9FCAB6213FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
Manifest number:          1959
Signing time:             Sat 13 Jun 2026 19:01:05 +0000
Manifest this update:     Sat 13 Jun 2026 19:01:05 +0000
Manifest next update:     Sun 14 Jun 2026 19:01:05 +0000
Files and hashes:         1: 0NxXC8HJZLq37VbGc6pAUY-FRXg.crl (hash: K5MogaSUtPuhRcqbxRl0g+O5bCpoK1jlu8ZOCc8OGGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:5b:ee:cf:26:de:97:68:a3:c6:d9:fc:ab:62:13:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0dc570bc1c964bab7ed56c673aa40518f854578
        Validity
            Not Before: Jun 13 19:01:05 2026 GMT
            Not After : Jun 14 19:01:05 2026 GMT
        Subject: CN=37c1d14162d2c884243d8982eb2d99835958a6a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8a:ee:63:87:d8:49:52:85:9f:ce:40:08:85:
                    6f:7a:1f:2c:f5:e2:cc:2f:d5:e1:a3:a6:0f:10:81:
                    b1:b8:4d:a3:66:a6:d1:10:15:56:11:1a:99:54:8f:
                    98:c6:da:70:2b:33:31:57:e9:be:26:19:81:bb:ec:
                    cc:4f:92:b6:47:01:34:20:95:b0:f5:7c:49:74:7a:
                    62:9f:e6:0c:a0:58:aa:d4:9b:17:90:ae:52:1b:bc:
                    a1:6b:39:e1:e4:96:22:db:39:59:4e:e0:d5:3c:53:
                    ca:ea:5d:f2:0a:b5:6f:10:ad:7a:42:b4:27:ec:3e:
                    a2:0b:27:ba:f5:bd:21:21:6e:c5:d0:79:4b:ca:24:
                    49:c8:2b:00:f0:4b:98:ee:dc:56:e9:a9:c5:16:03:
                    3c:03:ef:8b:7e:7f:0a:26:3b:d2:dc:ce:1f:78:fd:
                    fe:08:a7:34:9a:5f:9e:b6:77:e5:09:69:28:c3:42:
                    6b:1e:91:17:db:67:0a:f1:25:20:0d:8b:86:0e:23:
                    44:cb:96:e3:c9:03:dc:12:79:3a:7c:67:23:e7:25:
                    08:91:47:84:60:ab:c5:dc:c5:b2:d8:9e:22:8d:2a:
                    ba:9d:63:26:1d:3a:62:bb:89:53:47:76:3a:b0:d6:
                    d6:75:db:5f:ed:ce:f7:90:76:d1:6b:30:d3:38:38:
                    12:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:C1:D1:41:62:D2:C8:84:24:3D:89:82:EB:2D:99:83:59:58:A6:A3
            X509v3 Authority Key Identifier:
                keyid:D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:ab:9f:a8:e2:d2:d5:84:45:7b:d4:a5:f9:b6:ac:c3:09:b4:
         ec:63:89:70:e3:84:7b:19:12:bb:2f:20:a9:2a:f1:2d:09:e3:
         86:83:1b:94:4b:65:ab:20:68:5c:6c:b3:6f:77:80:c9:24:30:
         48:1f:6d:13:91:00:c4:bd:4d:48:68:16:10:77:91:ca:be:d5:
         da:20:40:db:6e:b8:fe:59:60:b3:20:67:e6:77:5c:1e:3c:c7:
         74:93:1a:4c:3f:d5:58:f1:0d:95:fa:5e:b2:ae:85:bd:f7:d7:
         93:22:26:36:e9:1e:e1:be:62:a5:7d:b5:78:89:d9:56:57:be:
         2c:71:09:b4:c8:60:8f:78:a5:d9:c3:ff:3c:2e:be:fb:be:1f:
         0f:e7:52:5b:d9:bb:44:20:ef:92:02:bc:bc:46:8c:5d:7a:e8:
         6b:c5:f3:54:0a:da:d8:d3:92:d6:af:f7:45:bc:83:3e:1c:4c:
         83:fc:45:15:54:1d:18:91:71:41:b9:ed:dc:b4:19:83:42:41:
         24:55:d5:88:2d:8d:9a:c0:e6:56:7c:b6:36:11:cc:e1:83:b9:
         fa:ee:69:14:df:f9:50:bb:23:ae:41:8f:a2:d0:84:9b:7e:1c:
         c2:7b:55:15:01:3e:c9:70:6e:3e:f9:1b:b4:a8:fc:3c:3a:be:
         78:b5:0a:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CW+7PJt6XaKPG2fyrYhP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGM1NzBiYzFjOTY0YmFiN2VkNTZjNjczYWE0MDUxOGY4
NTQ1NzgwHhcNMjYwNjEzMTkwMTA1WhcNMjYwNjE0MTkwMTA1WjAzMTEwLwYDVQQD
EygzN2MxZDE0MTYyZDJjODg0MjQzZDg5ODJlYjJkOTk4MzU5NThhNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYruY4fYSVKFn85ACIVveh8s9eLM
L9Xho6YPEIGxuE2jZqbREBVWERqZVI+YxtpwKzMxV+m+JhmBu+zMT5K2RwE0IJWw
9XxJdHpin+YMoFiq1JsXkK5SG7yhaznh5JYi2zlZTuDVPFPK6l3yCrVvEK16QrQn
7D6iCye69b0hIW7F0HlLyiRJyCsA8EuY7txW6anFFgM8A++Lfn8KJjvS3M4feP3+
CKc0ml+etnflCWkow0JrHpEX22cK8SUgDYuGDiNEy5bjyQPcEnk6fGcj5yUIkUeE
YKvF3MWy2J4ijSq6nWMmHTpiu4lTR3Y6sNbWddtf7c73kHbRazDTODgSdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfB0UFi0siEJD2JgustmYNZWKajMB8GA1UdIwQY
MBaAFNDcVwvByWS6t+1WxnOqQFGPhUV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2Yt
ZDM4ZGQwYjc4OTA5LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2YtZDM4ZGQwYjc4OTA5
LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADaufqOLS
1YRFe9Sl+baswwm07GOJcOOEexkSuy8gqSrxLQnjhoMblEtlqyBoXGyzb3eAySQw
SB9tE5EAxL1NSGgWEHeRyr7V2iBA2264/llgsyBn5ndcHjzHdJMaTD/VWPENlfpe
sq6FvffXkyImNuke4b5ipX21eInZVle+LHEJtMhgj3il2cP/PC6++74fD+dSW9m7
RCDvkgK8vEaMXXroa8XzVAra2NOS1q/3RbyDPhxMg/xFFVQdGJFxQbnt3LQZg0JB
JFXViC2NmsDmVny2NhHM4YO5+u5pFN/5ULsjrkGPotCEm34cwntVFQE+yXBuPvkb
tKj8PDq+eLUKSQ==
-----END CERTIFICATE-----