Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          FRFdT0PNz7/GMHYknJJ4gqwgUxGYWUohhmTjmZOLrdM=
Subject key identifier:   61:80:78:30:7E:30:AD:26:AA:B4:D5:F5:BE:D6:A7:3F:B5:DA:FD:3C
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       019EBE7EB5CF5AD75AB7F960C89A97FF0559
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          09EA
Signing time:             Sat 13 Jun 2026 01:00:35 +0000
Manifest this update:     Sat 13 Jun 2026 01:00:35 +0000
Manifest next update:     Sun 14 Jun 2026 01:00:35 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: ksNngCmNtgkf/q7jun/Hb+a8usxuKdXQXLPBI13Gf6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7e:b5:cf:5a:d7:5a:b7:f9:60:c8:9a:97:ff:05:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Jun 13 01:00:35 2026 GMT
            Not After : Jun 14 01:00:35 2026 GMT
        Subject: CN=618078307e30ad26aab4d5f5bed6a73fb5dafd3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b0:10:bd:20:fc:63:c3:d8:e4:6e:6f:36:53:
                    99:08:ca:61:4c:cc:ad:c6:41:cc:34:da:ff:20:c8:
                    5d:82:3e:d4:3c:1d:4e:0b:74:e3:44:88:62:4f:f6:
                    2a:28:77:33:fb:e9:c4:4f:88:41:00:88:6e:d7:6d:
                    c6:98:99:84:17:c0:16:c2:79:e3:dc:7f:ef:ad:54:
                    9c:53:d4:5a:5a:04:4a:4f:4a:bf:81:6f:61:9a:7c:
                    20:f5:1e:9e:68:83:1b:a8:cf:57:a6:2d:b8:bd:25:
                    52:97:53:60:99:cb:b9:f1:a6:91:99:c7:2f:e5:61:
                    1d:06:8e:3a:6d:13:30:de:b0:99:f3:57:6b:7b:2c:
                    f6:8f:79:13:85:d6:00:ec:32:1c:c2:de:ef:9e:e8:
                    8d:d8:2a:d3:6b:c9:cb:ed:eb:5c:36:5d:52:39:35:
                    fb:78:a6:4c:6e:ad:33:ae:c5:9e:e3:fd:20:ff:46:
                    32:71:9a:39:a8:fa:25:49:95:3b:1d:95:4b:ca:d9:
                    8c:ce:b7:a1:bf:65:c1:b9:1f:aa:4e:53:b4:05:4c:
                    72:70:b8:81:64:ea:d9:a4:06:45:d8:e0:ab:b3:60:
                    d7:32:d6:b0:9b:a8:69:b6:2e:71:fe:d4:04:99:b2:
                    eb:cd:03:03:db:18:b7:87:5c:14:b9:aa:28:29:49:
                    2b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:80:78:30:7E:30:AD:26:AA:B4:D5:F5:BE:D6:A7:3F:B5:DA:FD:3C
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:50:5c:c0:75:4c:d7:82:85:ab:78:9a:2c:92:b0:e5:2a:a8:
         98:70:a8:da:1a:0c:fc:2e:40:ee:27:fa:0d:1b:29:f3:fe:24:
         7b:ea:5a:9a:31:49:9e:15:8d:42:c7:03:ca:2e:ae:5a:84:4e:
         e8:26:5d:b3:16:fb:6d:8b:12:d1:60:ac:01:dd:88:09:7f:80:
         ae:32:54:65:d6:52:21:11:f9:de:80:11:b2:4d:08:c0:45:ba:
         ad:3e:16:da:4e:1e:e0:1d:b6:e6:e0:09:91:64:0c:85:56:aa:
         80:5b:4c:06:18:7c:69:44:5b:33:b2:db:b7:9b:7e:c2:d8:11:
         e4:41:ed:10:3c:7f:f0:95:b9:9a:c3:15:55:d0:88:89:00:76:
         2f:6b:92:e8:2b:e9:5b:fb:a0:a6:18:c6:b2:ec:22:72:8e:c4:
         2a:57:8f:57:3b:68:88:f5:0f:75:aa:0a:b9:a8:99:30:79:70:
         e2:8d:15:e3:06:c1:d0:22:be:08:d0:e0:cb:52:1b:0c:a4:d2:
         a2:17:cf:1c:87:74:4b:1c:02:3f:7b:fc:16:3d:7b:04:91:03:
         bc:9e:f1:2e:8a:f3:8c:76:8c:09:9a:0c:8f:99:72:15:08:7c:
         c2:34:6a:86:89:30:81:d3:26:ab:cf:25:ae:e5:5a:6d:51:f4:
         34:3b:13:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+frXPWtdat/lgyJqX/wVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjYwNjEzMDEwMDM1WhcNMjYwNjE0MDEwMDM1WjAzMTEwLwYDVQQD
Eyg2MTgwNzgzMDdlMzBhZDI2YWFiNGQ1ZjViZWQ2YTczZmI1ZGFmZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubAQvSD8Y8PY5G5vNlOZCMphTMyt
xkHMNNr/IMhdgj7UPB1OC3TjRIhiT/YqKHcz++nET4hBAIhu123GmJmEF8AWwnnj
3H/vrVScU9RaWgRKT0q/gW9hmnwg9R6eaIMbqM9Xpi24vSVSl1Ngmcu58aaRmccv
5WEdBo46bRMw3rCZ81dreyz2j3kThdYA7DIcwt7vnuiN2CrTa8nL7etcNl1SOTX7
eKZMbq0zrsWe4/0g/0YycZo5qPolSZU7HZVLytmMzrehv2XBuR+qTlO0BUxycLiB
ZOrZpAZF2OCrs2DXMtawm6hpti5x/tQEmbLrzQMD2xi3h1wUuaooKUkrGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGAeDB+MK0mqrTV9b7Wpz+12v08MB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmFBcwHVM
14KFq3iaLJKw5SqomHCo2hoM/C5A7if6DRsp8/4ke+pamjFJnhWNQscDyi6uWoRO
6CZdsxb7bYsS0WCsAd2ICX+ArjJUZdZSIRH53oARsk0IwEW6rT4W2k4e4B225uAJ
kWQMhVaqgFtMBhh8aURbM7Lbt5t+wtgR5EHtEDx/8JW5msMVVdCIiQB2L2uS6Cvp
W/ugphjGsuwico7EKlePVztoiPUPdaoKuaiZMHlw4o0V4wbB0CK+CNDgy1IbDKTS
ohfPHId0SxwCP3v8Fj17BJEDvJ7xLorzjHaMCZoMj5lyFQh8wjRqhokwgdMmq88l
ruVabVH0NDsTag==
-----END CERTIFICATE-----