Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          zQB8+OL7tmFiwv2eeKqurePd3+GZSrUiDNFJ6eJ1xVM=
Subject key identifier:   B6:90:70:E0:99:E1:2B:A6:3A:17:DA:DE:03:6C:78:76:CA:0D:B9:37
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019D992B87997D1EE7D96449263A07D6AFDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          18C1
Signing time:             Fri 17 Apr 2026 02:00:59 +0000
Manifest this update:     Fri 17 Apr 2026 02:00:59 +0000
Manifest next update:     Sat 18 Apr 2026 02:00:59 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: XCtzi0XpqZXWbld1inz0QkfaWb0Ax7C+sze2f7hjbys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:87:99:7d:1e:e7:d9:64:49:26:3a:07:d6:af:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Apr 17 02:00:59 2026 GMT
            Not After : Apr 18 02:00:59 2026 GMT
        Subject: CN=b69070e099e12ba63a17dade036c7876ca0db937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1d:f5:e2:25:5b:a3:1d:ca:ee:06:e5:30:68:
                    3d:54:e7:9c:24:8f:75:a4:54:0c:4e:61:f9:eb:b6:
                    9b:de:fa:63:d0:4d:fb:8f:ff:86:a9:f0:10:d2:2c:
                    1b:87:26:87:3f:05:bc:fc:25:58:ed:7b:10:56:5a:
                    c0:eb:57:bc:ed:67:a5:f0:a4:4a:01:e3:94:fc:b0:
                    3f:e1:48:51:b6:7e:b2:ff:f0:ea:52:d4:d2:3a:5d:
                    c0:55:b0:62:56:f1:28:96:01:e3:84:be:60:a1:21:
                    64:50:f2:14:6e:c8:49:d9:f3:69:69:d9:16:e3:08:
                    56:6e:c5:05:89:bd:ca:ca:6b:42:77:65:0e:4c:ab:
                    4c:b0:45:b7:ad:40:e5:dc:03:bb:b4:07:62:5e:76:
                    fd:ea:71:1c:24:fc:4d:0d:72:3c:12:3d:ec:4f:cb:
                    6a:1b:68:5d:3d:e3:24:cf:cc:67:ab:c3:d2:55:48:
                    72:c6:e0:d2:35:a1:a1:30:f9:bc:e3:f1:a5:e3:9a:
                    2a:76:dc:b8:af:09:fb:bc:d6:c8:bb:5c:73:9f:b9:
                    8e:9c:22:db:15:b8:de:f6:9c:fe:fe:40:49:83:ea:
                    79:07:bf:08:8d:70:53:fe:1f:66:d1:82:84:44:20:
                    4a:a6:ee:59:e8:06:21:e5:07:44:ef:44:99:d5:9e:
                    74:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:90:70:E0:99:E1:2B:A6:3A:17:DA:DE:03:6C:78:76:CA:0D:B9:37
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:d3:0e:d9:26:85:f3:f1:cc:63:7b:06:73:9a:25:d8:03:6b:
         7a:cc:ef:f7:11:cd:e5:9d:18:e8:29:70:12:4f:df:cb:92:cb:
         33:4b:9c:9d:d4:e3:9b:c7:57:fd:29:c3:cf:ea:4e:47:ed:cf:
         7b:e6:04:a0:57:5f:55:2d:33:30:c7:10:d1:80:16:bd:53:4e:
         2a:92:b5:d2:81:66:02:7d:ad:53:f9:e9:cd:e1:29:fb:68:0f:
         bc:92:18:77:6c:b5:49:fa:eb:57:1f:3a:a9:50:2e:bd:35:79:
         ce:34:32:a4:f9:ad:83:6f:8b:24:9a:60:e4:94:2f:a8:71:d5:
         a0:bc:e5:40:ce:c1:83:7d:c9:9b:f6:89:b0:e9:46:a0:52:04:
         7a:eb:ef:58:58:2e:96:69:35:11:27:f3:28:dc:a6:3a:c0:b7:
         8f:c6:87:87:3a:80:98:9c:d9:8a:1a:67:cb:b6:ea:4f:b8:11:
         7d:51:9c:27:b0:7d:73:66:38:f3:63:6b:c3:90:ca:05:af:31:
         c5:91:c5:d8:b0:f0:ca:2d:81:4b:c6:2d:63:af:47:96:6c:b4:
         36:f9:24:dd:f8:76:75:e2:7e:76:8a:79:4f:83:08:c1:ca:40:
         67:0c:75:d0:1c:c4:25:45:5d:e0:26:d8:48:93:af:98:fb:f0:
         d8:7c:6d:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK4eZfR7n2WRJJjoH1q/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjYwNDE3MDIwMDU5WhcNMjYwNDE4MDIwMDU5WjAzMTEwLwYDVQQD
EyhiNjkwNzBlMDk5ZTEyYmE2M2ExN2RhZGUwMzZjNzg3NmNhMGRiOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh314iVbox3K7gblMGg9VOecJI91
pFQMTmH567ab3vpj0E37j/+GqfAQ0iwbhyaHPwW8/CVY7XsQVlrA61e87Wel8KRK
AeOU/LA/4UhRtn6y//DqUtTSOl3AVbBiVvEolgHjhL5goSFkUPIUbshJ2fNpadkW
4whWbsUFib3KymtCd2UOTKtMsEW3rUDl3AO7tAdiXnb96nEcJPxNDXI8Ej3sT8tq
G2hdPeMkz8xnq8PSVUhyxuDSNaGhMPm84/Gl45oqdty4rwn7vNbIu1xzn7mOnCLb
Fbje9pz+/kBJg+p5B78IjXBT/h9m0YKERCBKpu5Z6AYh5QdE70SZ1Z50fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaQcOCZ4SumOhfa3gNseHbKDbk3MB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKdMO2SaF
8/HMY3sGc5ol2ANreszv9xHN5Z0Y6ClwEk/fy5LLM0ucndTjm8dX/SnDz+pOR+3P
e+YEoFdfVS0zMMcQ0YAWvVNOKpK10oFmAn2tU/npzeEp+2gPvJIYd2y1SfrrVx86
qVAuvTV5zjQypPmtg2+LJJpg5JQvqHHVoLzlQM7Bg33Jm/aJsOlGoFIEeuvvWFgu
lmk1ESfzKNymOsC3j8aHhzqAmJzZihpny7bqT7gRfVGcJ7B9c2Y482Nrw5DKBa8x
xZHF2LDwyi2BS8YtY69Hlmy0Nvkk3fh2deJ+dop5T4MIwcpAZwx10BzEJUVd4CbY
SJOvmPvw2HxtYA==
-----END CERTIFICATE-----