Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          67QwXgE3430jBbn1IwvNc2IpcZRWDS5ky/5a0Px8cUo=
Subject key identifier:   0C:9A:C0:18:1E:AF:35:76:0F:62:41:4D:7F:A7:4E:49:79:8C:40:80
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019D9BBE540252F67DB57835FE95AA2F404D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          09A7
Signing time:             Fri 17 Apr 2026 14:00:34 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:34 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:34 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: XlspQEquvwRBvtv8J7FygnTrGh3uY1P4FKMOLv+g5d8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:54:02:52:f6:7d:b5:78:35:fe:95:aa:2f:40:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Apr 17 14:00:34 2026 GMT
            Not After : Apr 18 14:00:34 2026 GMT
        Subject: CN=0c9ac0181eaf35760f62414d7fa74e49798c4080
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8c:dd:37:2b:da:d6:77:3e:58:58:a8:85:0c:
                    b9:c8:32:43:94:7b:89:d0:1c:b5:f8:7d:9a:7a:5d:
                    a5:04:77:b5:64:5b:38:ec:7f:8a:93:1b:58:1e:7d:
                    0e:53:ca:59:1e:01:e8:13:80:46:61:90:c4:d1:db:
                    26:7f:de:d1:d4:7b:5d:4b:e6:1a:4d:60:e1:6f:92:
                    1e:4f:e8:01:ff:a9:b1:2c:a5:69:51:55:2b:2b:41:
                    c1:5b:b3:8a:42:b0:c5:ea:c2:4c:e8:9d:f5:14:2b:
                    e9:86:de:6d:2a:95:b7:69:74:7d:8d:b5:f4:30:83:
                    5a:f2:94:c1:36:46:ab:94:0d:55:97:71:c8:ed:c1:
                    28:31:9f:aa:b0:d0:95:d1:ff:a2:af:08:3b:e3:9e:
                    32:d0:cf:69:9a:8f:14:96:ff:17:a6:01:d7:c6:81:
                    fe:76:f6:99:3d:1a:70:8d:be:79:dc:84:c3:78:eb:
                    79:7d:e9:4a:5c:a0:5a:4d:21:a1:42:66:ff:61:21:
                    39:dd:e3:55:6c:fb:93:ed:03:b4:1d:96:00:5f:27:
                    20:99:86:49:49:6e:53:96:93:10:b4:99:9f:bf:07:
                    7c:ea:26:19:ae:a7:cb:9c:b5:6a:3a:c1:eb:d8:1e:
                    7c:c1:3b:4e:45:6f:5c:65:db:c2:2b:90:b8:1c:69:
                    8f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9A:C0:18:1E:AF:35:76:0F:62:41:4D:7F:A7:4E:49:79:8C:40:80
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:06:e0:0b:d7:e2:e9:77:83:b3:b4:92:4e:ed:b8:88:3d:66:
         76:8a:7e:1a:7d:27:e9:9b:24:03:66:a1:97:6c:64:ae:22:de:
         59:e0:63:62:29:f3:41:01:21:1e:eb:77:75:4e:52:b7:b3:94:
         f5:d8:2a:4d:10:a3:82:ed:f7:f1:95:ad:87:58:db:04:f6:84:
         7e:25:f9:db:6c:c6:01:ec:9c:14:e1:e7:36:7a:89:17:4c:04:
         e2:22:22:a7:f8:9a:7b:1e:81:18:50:11:a2:fb:8d:da:f0:29:
         0a:2f:5d:67:1e:ac:44:66:02:e5:2e:69:03:cb:06:dd:c7:a2:
         9a:a6:69:6b:d5:91:e2:ae:8d:8f:09:2a:7f:83:12:0b:bf:d9:
         ee:fb:ee:06:97:41:97:fd:3e:9e:3d:a9:64:e8:fb:d4:4f:46:
         1c:b6:b9:db:e5:48:42:85:52:34:03:04:6c:55:3a:06:51:c4:
         58:3e:8c:18:33:02:e5:d2:73:4a:3a:c6:61:2c:19:e1:ed:1c:
         f8:cd:af:76:e4:0f:3d:ca:a3:1d:6f:2e:bb:c8:90:4d:40:08:
         69:31:21:72:04:b0:04:ee:b6:6d:23:48:ea:a7:f7:a9:4d:1d:
         fc:80:fd:ae:7d:1c:12:7c:8b:14:99:88:6a:c8:77:a7:ed:e4:
         6c:58:9e:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvlQCUvZ9tXg1/pWqL0BNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjYwNDE3MTQwMDM0WhcNMjYwNDE4MTQwMDM0WjAzMTEwLwYDVQQD
EygwYzlhYzAxODFlYWYzNTc2MGY2MjQxNGQ3ZmE3NGU0OTc5OGM0MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuozdNyva1nc+WFiohQy5yDJDlHuJ
0By1+H2ael2lBHe1ZFs47H+KkxtYHn0OU8pZHgHoE4BGYZDE0dsmf97R1HtdS+Ya
TWDhb5IeT+gB/6mxLKVpUVUrK0HBW7OKQrDF6sJM6J31FCvpht5tKpW3aXR9jbX0
MINa8pTBNkarlA1Vl3HI7cEoMZ+qsNCV0f+irwg7454y0M9pmo8Ulv8XpgHXxoH+
dvaZPRpwjb553ITDeOt5felKXKBaTSGhQmb/YSE53eNVbPuT7QO0HZYAXycgmYZJ
SW5TlpMQtJmfvwd86iYZrqfLnLVqOsHr2B58wTtORW9cZdvCK5C4HGmPkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyawBgerzV2D2JBTX+nTkl5jECAMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANAbgC9fi
6XeDs7SSTu24iD1mdop+Gn0n6ZskA2ahl2xkriLeWeBjYinzQQEhHut3dU5St7OU
9dgqTRCjgu338ZWth1jbBPaEfiX522zGAeycFOHnNnqJF0wE4iIip/iaex6BGFAR
ovuN2vApCi9dZx6sRGYC5S5pA8sG3ceimqZpa9WR4q6Njwkqf4MSC7/Z7vvuBpdB
l/0+nj2pZOj71E9GHLa52+VIQoVSNAMEbFU6BlHEWD6MGDMC5dJzSjrGYSwZ4e0c
+M2vduQPPcqjHW8uu8iQTUAIaTEhcgSwBO62bSNI6qf3qU0d/ID9rn0cEnyLFJmI
ash3p+3kbFiemQ==
-----END CERTIFICATE-----