Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          0EYy6zN8fCEshQT8277D8bj6HpGJBtTHUd9wJovMKNU=
Subject key identifier:   C2:19:C6:21:3F:E7:A3:FD:7C:8F:70:E0:80:76:C0:6C:12:E3:06:82
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019D9A3EDFBF9D9E503D1D67BD3540CB9AA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          11F3
Signing time:             Fri 17 Apr 2026 07:01:44 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:44 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:44 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: uzNpswNVQ4+H0QYcgrWt6kYcfozW7AkMWWeAuO5B0vw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:df:bf:9d:9e:50:3d:1d:67:bd:35:40:cb:9a:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Apr 17 07:01:44 2026 GMT
            Not After : Apr 18 07:01:44 2026 GMT
        Subject: CN=c219c6213fe7a3fd7c8f70e08076c06c12e30682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:9b:96:0b:f4:a3:00:21:93:c9:ec:66:ff:88:
                    dc:d4:3b:fb:a9:fb:1f:21:47:b1:34:c7:7b:0c:af:
                    a4:28:f0:4a:97:24:63:d6:23:31:76:91:5a:6e:94:
                    db:6c:6f:d5:dd:e6:50:7f:73:db:bb:00:6a:c7:ec:
                    48:b3:e6:f2:a9:25:ff:c5:24:3d:aa:e0:0c:1a:51:
                    c1:eb:c9:0c:37:d8:44:b3:e2:14:68:21:6b:70:c3:
                    b2:43:6f:db:b5:7f:3f:8a:bb:86:81:cf:ab:86:9f:
                    ee:3a:3d:90:5b:73:c9:4b:76:31:75:03:64:02:58:
                    78:13:2c:4d:ab:7d:5e:96:1e:1a:2b:b0:f9:89:16:
                    ba:29:4d:0f:bb:3e:e2:4c:29:5d:b1:af:9d:be:3a:
                    23:96:4c:71:87:b7:ae:ef:84:a6:06:03:a3:59:7d:
                    7e:63:64:cc:dd:86:62:42:48:e2:73:3f:bf:69:84:
                    ea:6b:05:92:df:93:5e:65:05:a9:3a:9d:60:3f:66:
                    5a:b2:ef:9b:99:ed:f6:95:c9:34:d6:79:9d:76:29:
                    e5:4c:89:57:30:90:64:0f:bb:eb:8b:4f:58:92:dc:
                    18:43:b1:b4:28:96:58:2e:e9:15:a3:e4:bb:61:aa:
                    98:a0:46:eb:cf:43:56:8e:86:ae:7b:b1:66:41:b5:
                    73:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:19:C6:21:3F:E7:A3:FD:7C:8F:70:E0:80:76:C0:6C:12:E3:06:82
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:1c:10:29:13:05:97:37:ff:d8:de:61:c7:d1:45:b0:d1:e0:
         d0:a3:1d:0f:0a:d9:ba:d6:94:53:62:df:43:e4:ea:20:bd:e4:
         a4:46:9e:60:cc:73:08:c9:65:ee:e6:6e:cf:8b:9a:85:75:6d:
         79:54:3d:a9:db:ac:28:65:ba:2f:fd:7f:1e:22:dd:13:a2:a4:
         61:76:1e:5b:7a:54:1c:82:95:06:63:66:ed:3b:14:79:df:dd:
         4b:ee:47:93:72:a9:90:66:24:d2:86:3a:31:b4:ab:e6:0a:c9:
         90:10:8c:0e:de:67:af:90:f1:50:4c:02:48:2b:6b:d5:4e:e6:
         c7:f3:07:53:76:5a:80:5c:ba:63:7a:13:53:b1:34:ae:7c:5f:
         4d:b9:12:45:76:fc:78:ac:25:1e:70:5b:75:0c:75:88:44:42:
         f5:57:32:80:82:a5:0c:33:29:a9:72:68:43:34:28:8e:7b:3e:
         01:7a:39:71:9b:4b:c1:65:a2:2d:e1:ac:92:b8:ac:f9:03:51:
         cd:73:21:2e:41:75:e7:a1:56:ce:fd:83:84:35:ca:40:93:1a:
         1d:55:3e:f5:a6:e1:97:f2:89:04:7c:e4:68:d7:c2:55:63:2e:
         24:e4:aa:a0:7b:51:54:b9:08:1a:fd:13:a4:50:7a:fa:b6:58:
         c4:2a:97:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPt+/nZ5QPR1nvTVAy5qnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwNDE3MDcwMTQ0WhcNMjYwNDE4MDcwMTQ0WjAzMTEwLwYDVQQD
EyhjMjE5YzYyMTNmZTdhM2ZkN2M4ZjcwZTA4MDc2YzA2YzEyZTMwNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JuWC/SjACGTyexm/4jc1Dv7qfsf
IUexNMd7DK+kKPBKlyRj1iMxdpFabpTbbG/V3eZQf3PbuwBqx+xIs+byqSX/xSQ9
quAMGlHB68kMN9hEs+IUaCFrcMOyQ2/btX8/iruGgc+rhp/uOj2QW3PJS3YxdQNk
Alh4EyxNq31elh4aK7D5iRa6KU0Puz7iTCldsa+dvjojlkxxh7eu74SmBgOjWX1+
Y2TM3YZiQkjicz+/aYTqawWS35NeZQWpOp1gP2Zasu+bme32lck01nmddinlTIlX
MJBkD7vri09YktwYQ7G0KJZYLukVo+S7YaqYoEbrz0NWjoaue7FmQbVzPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIZxiE/56P9fI9w4IB2wGwS4waCMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUxwQKRMF
lzf/2N5hx9FFsNHg0KMdDwrZutaUU2LfQ+TqIL3kpEaeYMxzCMll7uZuz4uahXVt
eVQ9qdusKGW6L/1/HiLdE6KkYXYeW3pUHIKVBmNm7TsUed/dS+5Hk3KpkGYk0oY6
MbSr5grJkBCMDt5nr5DxUEwCSCtr1U7mx/MHU3ZagFy6Y3oTU7E0rnxfTbkSRXb8
eKwlHnBbdQx1iERC9VcygIKlDDMpqXJoQzQojns+AXo5cZtLwWWiLeGskris+QNR
zXMhLkF156FWzv2DhDXKQJMaHVU+9abhl/KJBHzkaNfCVWMuJOSqoHtRVLkIGv0T
pFB6+rZYxCqXNQ==
-----END CERTIFICATE-----