Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
File:                     oVJWhcluMm8grjcpwDD0T9FJmwU.mft (raw, json)
Hash identifier:          EXYhAuQfEG8Gd15vCKQfj4geSWrGLlUA7MRzM2jQ0eg=
Subject key identifier:   42:FB:6F:3C:8F:DF:A0:2F:47:B0:94:EA:C2:20:13:9F:D5:64:F0:57
Authority key identifier: A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05
Certificate issuer:       /CN=a1525685c96e326f20ae3729c030f44fd1499b05
Certificate serial:       019D9B1A1DD8426523AD5FACC60C108582C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
Manifest number:          0ACE
Signing time:             Fri 17 Apr 2026 11:01:13 +0000
Manifest this update:     Fri 17 Apr 2026 11:01:13 +0000
Manifest next update:     Sat 18 Apr 2026 11:01:13 +0000
Files and hashes:         1: oVJWhcluMm8grjcpwDD0T9FJmwU.crl (hash: CEB+nwgX1PcS5DW9U+8sWtAPcu5tzrfqWFePHrQSF8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 11:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:1a:1d:d8:42:65:23:ad:5f:ac:c6:0c:10:85:82:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1525685c96e326f20ae3729c030f44fd1499b05
        Validity
            Not Before: Apr 17 11:01:13 2026 GMT
            Not After : Apr 18 11:01:13 2026 GMT
        Subject: CN=42fb6f3c8fdfa02f47b094eac220139fd564f057
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c9:3b:c0:01:18:25:d4:aa:57:29:42:db:23:
                    63:ad:6d:56:9a:6f:ee:7b:b2:5d:86:5d:c7:89:de:
                    fe:a4:29:51:6c:74:91:f8:6e:0a:d8:fe:a6:7d:63:
                    57:7c:6e:56:1a:b1:d3:c1:fa:8b:9c:2a:b4:04:a8:
                    a4:17:49:c9:a4:4d:c0:6a:c4:f4:c3:ce:bc:3c:a0:
                    a9:46:b7:0f:27:23:52:48:8c:72:c6:47:e3:7d:84:
                    13:ea:d8:b9:c3:3f:7c:76:04:98:19:a8:55:55:d2:
                    58:10:4d:b6:34:26:1b:5d:22:2d:7c:9d:e5:3a:27:
                    b7:c7:08:da:2a:22:e1:c7:0b:9f:53:87:7e:37:a7:
                    30:f4:b7:a3:7b:4b:51:36:ee:83:16:d1:8b:90:e9:
                    19:1b:3e:31:c8:ad:f4:e7:71:5b:39:7c:c7:ef:3f:
                    4d:27:9b:8a:e1:2d:ec:5a:a3:20:e7:dc:f4:e5:b0:
                    86:68:c0:12:9d:5e:d9:1e:7d:e4:b8:78:d2:4e:df:
                    22:f7:6d:03:05:95:9e:62:3e:1a:89:0e:1f:f2:9b:
                    6a:31:ef:57:3e:f6:17:a4:e3:39:58:02:63:e1:3a:
                    37:b9:93:0a:1a:71:b9:d7:2f:89:6c:b9:f4:a3:00:
                    76:a2:88:76:8f:fd:5b:55:ec:12:b4:1f:ee:15:84:
                    6f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:FB:6F:3C:8F:DF:A0:2F:47:B0:94:EA:C2:20:13:9F:D5:64:F0:57
            X509v3 Authority Key Identifier:
                keyid:A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:86:2a:25:f9:25:c2:e2:a4:82:d2:da:37:09:b2:53:d8:52:
         ff:c5:1d:26:85:5b:5e:fe:66:20:44:3f:78:f7:1d:56:fe:01:
         92:53:0e:e0:a1:a4:97:fb:8e:94:73:e0:29:c2:2f:a9:06:16:
         10:a6:8a:57:a2:32:0f:2b:31:02:cb:4e:f6:91:cf:a7:93:77:
         81:00:b6:38:eb:77:00:6f:d7:28:38:7f:cb:2f:08:e8:44:e5:
         e9:b8:4d:3a:c4:43:da:5a:76:6b:fd:13:0e:a5:3e:78:73:7f:
         d5:b2:2a:c2:69:e6:03:f4:eb:98:f9:81:8b:c1:f4:36:63:29:
         42:1f:c9:ac:53:e6:d7:75:cb:28:6f:35:27:7f:58:47:1d:91:
         b6:c1:fa:39:bc:7a:08:c4:ea:be:8d:3d:e3:b5:5f:be:73:1e:
         9f:e0:53:b7:10:7b:89:be:5b:a3:3e:fe:ae:bb:0b:98:01:2b:
         4e:cd:0c:4e:08:cd:24:94:97:27:93:26:0e:a4:d9:78:f6:2c:
         10:2b:59:70:48:cc:de:0b:c5:19:fb:f9:72:2c:45:4e:5e:79:
         c9:98:21:67:20:ea:c2:a6:02:41:06:9f:05:aa:1c:f6:69:f4:
         d4:ec:a9:dd:f3:bf:71:72:eb:cf:ca:08:93:b1:e1:37:16:1e:
         1f:c5:27:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGh3YQmUjrV+sxgwQhYLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTI1Njg1Yzk2ZTMyNmYyMGFlMzcyOWMwMzBmNDRmZDE0
OTliMDUwHhcNMjYwNDE3MTEwMTEzWhcNMjYwNDE4MTEwMTEzWjAzMTEwLwYDVQQD
Eyg0MmZiNmYzYzhmZGZhMDJmNDdiMDk0ZWFjMjIwMTM5ZmQ1NjRmMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqck7wAEYJdSqVylC2yNjrW1Wmm/u
e7Jdhl3Hid7+pClRbHSR+G4K2P6mfWNXfG5WGrHTwfqLnCq0BKikF0nJpE3AasT0
w868PKCpRrcPJyNSSIxyxkfjfYQT6ti5wz98dgSYGahVVdJYEE22NCYbXSItfJ3l
Oie3xwjaKiLhxwufU4d+N6cw9Leje0tRNu6DFtGLkOkZGz4xyK3053FbOXzH7z9N
J5uK4S3sWqMg59z05bCGaMASnV7ZHn3kuHjSTt8i920DBZWeYj4aiQ4f8ptqMe9X
PvYXpOM5WAJj4To3uZMKGnG51y+JbLn0owB2ooh2j/1bVewStB/uFYRvzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEL7bzyP36AvR7CU6sIgE5/VZPBXMB8GA1UdIwQY
MBaAFKFSVoXJbjJvIK43KcAw9E/RSZsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAt
NDQzNzFiMWNjNzJmLzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAtNDQzNzFiMWNjNzJm
LzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYYqJfkl
wuKkgtLaNwmyU9hS/8UdJoVbXv5mIEQ/ePcdVv4BklMO4KGkl/uOlHPgKcIvqQYW
EKaKV6IyDysxAstO9pHPp5N3gQC2OOt3AG/XKDh/yy8I6ETl6bhNOsRD2lp2a/0T
DqU+eHN/1bIqwmnmA/TrmPmBi8H0NmMpQh/JrFPm13XLKG81J39YRx2RtsH6Obx6
CMTqvo0947VfvnMen+BTtxB7ib5boz7+rrsLmAErTs0MTgjNJJSXJ5MmDqTZePYs
ECtZcEjM3gvFGfv5cixFTl55yZghZyDqwqYCQQafBaoc9mn01Oyp3fO/cXLrz8oI
k7HhNxYeH8UnJQ==
-----END CERTIFICATE-----