Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
File:                     2nVBcltyi1qJ87-vIPh2VWPC8_s.mft (raw, json)
Hash identifier:          f9GjfUXukEqWzL8knDyVNsVFsLYVvHvns15mG2Vhinc=
Subject key identifier:   52:15:60:BA:36:7F:98:1F:0B:E2:FC:DA:16:54:CA:29:C4:DB:34:2E
Authority key identifier: DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB
Certificate issuer:       /CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
Certificate serial:       019D98F46037411F2E5F27A77C0371AA68E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 01:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:45 +0000
Files and hashes:         1: 2nVBcltyi1qJ87-vIPh2VWPC8_s.crl (hash: SF/NSd07oTuRHdJvHcshbrltlusI+L36Z6lh1MNJYaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:60:37:41:1f:2e:5f:27:a7:7c:03:71:aa:68:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
        Validity
            Not Before: Apr 17 01:00:45 2026 GMT
            Not After : Apr 18 01:00:45 2026 GMT
        Subject: CN=521560ba367f981f0be2fcda1654ca29c4db342e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:06:55:5b:81:9e:c6:f9:d8:1c:cb:b7:22:cf:
                    1a:93:b8:18:c7:31:df:b3:4f:99:87:46:12:fe:08:
                    60:18:40:e1:d0:d1:95:a5:99:3c:97:cd:bf:b2:87:
                    93:a2:2d:2c:5e:a4:f7:72:3c:6e:a1:52:7c:c8:91:
                    46:9e:7d:06:57:2b:d2:0a:49:b2:ad:eb:65:83:00:
                    d1:13:e1:0a:55:ae:a3:a0:d3:6b:c5:d1:5c:20:0a:
                    d4:99:22:a6:a9:94:c8:b1:28:bf:a5:62:98:e1:1c:
                    a3:16:0a:f9:c6:4b:df:65:05:78:f1:3d:72:1c:37:
                    c1:f4:bb:da:89:89:ed:a9:7f:a9:0f:0e:03:11:4e:
                    c3:9b:a4:d0:26:45:67:e2:9b:e3:26:b3:e4:73:e0:
                    6e:e0:8a:0f:87:33:cb:5a:78:e8:85:79:7c:a5:9a:
                    aa:88:64:49:f5:9b:3b:c0:a9:dd:7f:cb:68:23:14:
                    f9:b4:16:fa:74:88:09:9e:74:ba:11:9b:8d:74:2a:
                    c4:13:f3:06:c2:9d:9b:d9:75:ee:fb:4c:74:e6:6a:
                    80:75:70:63:d6:08:5d:6a:7e:89:cf:6b:63:c2:c8:
                    45:a6:ea:cc:ec:ed:91:81:8f:6a:98:20:fb:19:d1:
                    e0:04:5a:1f:1e:17:a0:16:93:88:2f:36:59:a4:a0:
                    c6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:15:60:BA:36:7F:98:1F:0B:E2:FC:DA:16:54:CA:29:C4:DB:34:2E
            X509v3 Authority Key Identifier:
                keyid:DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:92:0d:04:45:d8:98:d2:be:15:34:37:27:8e:f9:b8:3c:87:
         bd:25:f1:9d:b1:8c:7b:3b:4d:5f:5f:71:37:b9:5f:e3:20:35:
         4c:27:37:94:02:ce:db:2e:5d:dd:b8:11:e1:c7:1d:47:6a:d5:
         0a:2b:23:31:08:c1:be:40:4b:91:bb:6e:f8:88:a7:6c:36:a9:
         4f:8a:9e:ed:ad:a7:a4:d0:73:47:66:4c:35:56:11:6e:e3:c7:
         16:c0:2d:ff:5f:ae:2c:b8:cc:df:5b:22:50:bf:38:3a:ef:37:
         03:b9:48:49:bd:f1:e6:49:e0:00:e1:64:46:e4:e4:a7:0e:6b:
         0f:29:1a:8f:bd:2c:47:2d:22:5f:85:c3:75:40:8f:26:73:57:
         b5:f4:70:3d:c2:17:e9:95:aa:66:cc:4f:71:c3:c1:95:b4:8a:
         10:62:91:0e:54:11:c3:6b:80:85:70:08:90:2f:0b:dc:7f:fc:
         df:39:cf:1f:00:1c:f9:5a:11:39:e8:de:85:a5:b0:c0:42:1d:
         82:91:44:49:30:38:37:41:0e:af:f6:1e:fb:54:62:28:cf:92:
         8d:29:92:c3:97:e8:ea:fb:ec:3d:cc:21:5d:68:6e:73:d4:9f:
         c1:a5:3f:3f:e1:87:73:6b:ea:d8:fe:af:ac:d4:1f:a6:44:ba:
         cd:52:d9:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9GA3QR8uXyenfANxqmjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzU0MTcyNWI3MjhiNWE4OWYzYmZhZjIwZjg3NjU1NjNj
MmYzZmIwHhcNMjYwNDE3MDEwMDQ1WhcNMjYwNDE4MDEwMDQ1WjAzMTEwLwYDVQQD
Eyg1MjE1NjBiYTM2N2Y5ODFmMGJlMmZjZGExNjU0Y2EyOWM0ZGIzNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQZVW4GexvnYHMu3Is8ak7gYxzHf
s0+Zh0YS/ghgGEDh0NGVpZk8l82/soeToi0sXqT3cjxuoVJ8yJFGnn0GVyvSCkmy
retlgwDRE+EKVa6joNNrxdFcIArUmSKmqZTIsSi/pWKY4RyjFgr5xkvfZQV48T1y
HDfB9LvaiYntqX+pDw4DEU7Dm6TQJkVn4pvjJrPkc+Bu4IoPhzPLWnjohXl8pZqq
iGRJ9Zs7wKndf8toIxT5tBb6dIgJnnS6EZuNdCrEE/MGwp2b2XXu+0x05mqAdXBj
1ghdan6Jz2tjwshFpurM7O2RgY9qmCD7GdHgBFofHhegFpOILzZZpKDGUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIVYLo2f5gfC+L82hZUyinE2zQuMB8GA1UdIwQY
MBaAFNp1QXJbcotaifO/ryD4dlVjwvP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMt
ZGI4ZmQ1MDdkMWI2LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMtZGI4ZmQ1MDdkMWI2
LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5INBEXY
mNK+FTQ3J475uDyHvSXxnbGMeztNX19xN7lf4yA1TCc3lALO2y5d3bgR4ccdR2rV
CisjMQjBvkBLkbtu+IinbDapT4qe7a2npNBzR2ZMNVYRbuPHFsAt/1+uLLjM31si
UL84Ou83A7lISb3x5kngAOFkRuTkpw5rDykaj70sRy0iX4XDdUCPJnNXtfRwPcIX
6ZWqZsxPccPBlbSKEGKRDlQRw2uAhXAIkC8L3H/83znPHwAc+VoROejehaWwwEId
gpFESTA4N0EOr/Ye+1RiKM+SjSmSw5fo6vvsPcwhXWhuc9SfwaU/P+GHc2vq2P6v
rNQfpkS6zVLZWA==
-----END CERTIFICATE-----