Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          SzvL222Ql2+v+mcCc0IQzSEX3AqC6ighx1WZxG/SxkA=
Subject key identifier:   70:EE:17:0F:31:C4:2B:0B:EB:EE:82:B2:81:2C:0B:D9:99:4B:ED:A3
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       019D98F44D5BE5B720D673DC2B44DDFC4667
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          08E0
Signing time:             Fri 17 Apr 2026 01:00:40 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:40 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:40 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: KVqpPdA/WSX1WRMl8o9VWZfrFvmb3UE+BPmzlzp0qqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:4d:5b:e5:b7:20:d6:73:dc:2b:44:dd:fc:46:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Apr 17 01:00:40 2026 GMT
            Not After : Apr 18 01:00:40 2026 GMT
        Subject: CN=70ee170f31c42b0bebee82b2812c0bd9994beda3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8e:09:54:9a:e2:1a:e7:32:20:0b:23:a9:ec:
                    43:70:e8:93:86:26:e0:cc:bb:3b:ae:cc:38:29:ef:
                    f1:13:30:06:76:9b:13:d3:1c:bb:30:5f:c3:35:4f:
                    52:be:d0:e2:cf:8c:48:55:77:82:04:03:c8:cc:64:
                    35:5e:9a:8a:a5:85:81:d3:97:22:25:34:68:20:6a:
                    37:46:4e:a3:eb:a0:f8:60:6f:0a:8e:1c:d3:46:2a:
                    5a:e6:50:85:34:fd:a1:14:41:a7:b1:99:28:9c:0c:
                    71:05:68:a9:87:35:23:b3:c9:58:e1:89:27:ab:ef:
                    7d:14:2a:43:0b:5f:b4:13:90:83:3a:d7:86:e1:21:
                    09:11:50:90:0c:4e:b9:08:fb:a2:7f:68:e1:23:30:
                    39:46:cf:69:35:de:45:bf:3e:4f:6e:ba:11:a1:46:
                    5d:e0:fd:ae:d7:ea:f6:b4:5a:20:d9:5f:16:e4:0f:
                    5e:ed:f2:15:1f:c3:da:9d:6a:1a:76:eb:4b:75:b2:
                    10:a4:a3:b4:6e:d3:aa:ee:3d:93:e8:65:8c:96:9b:
                    9c:00:de:53:ed:33:06:bf:18:9b:2c:bc:55:cd:2d:
                    48:64:04:15:cd:95:79:e5:2c:35:e3:90:43:88:bb:
                    65:f5:77:a3:fc:64:c7:98:1f:34:24:90:78:ac:5c:
                    21:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:EE:17:0F:31:C4:2B:0B:EB:EE:82:B2:81:2C:0B:D9:99:4B:ED:A3
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:a5:ef:2e:47:24:ff:d0:98:e5:fb:31:aa:75:7d:bc:ed:4e:
         05:e0:cf:b1:dd:aa:03:0b:55:ee:70:dd:59:e6:4a:2f:05:86:
         9b:9c:65:55:e1:83:6b:a3:35:47:a7:30:3f:78:02:c4:d1:d2:
         ce:ec:25:0e:c4:ff:6c:35:6d:42:4e:fe:d2:44:b8:7c:1e:f6:
         ff:17:6a:78:d7:a6:07:3e:78:c4:b1:7e:11:30:6f:ca:3a:7b:
         c0:bc:7b:50:7a:85:3b:ea:4a:be:e5:e7:9b:2b:63:a3:07:b7:
         1a:5e:89:c2:01:04:ae:cb:bf:ac:93:02:1a:ec:4e:d1:5a:c7:
         24:2d:96:08:2a:3c:14:af:d9:1f:2d:6b:bc:38:8c:07:12:cd:
         b2:f8:ab:7c:65:f2:4e:8f:3f:e7:39:f2:7f:24:73:f8:31:de:
         ad:29:de:1e:f2:3b:b4:e5:5a:4f:18:9a:97:5f:5c:06:0d:cb:
         86:ad:94:13:55:da:76:0b:a8:7e:10:9f:3c:f3:50:28:2f:6e:
         0a:60:38:69:31:87:43:cd:90:fc:3d:74:6c:cf:65:e1:3e:c3:
         c8:2d:33:b9:64:a7:01:22:e6:ae:d4:e4:3f:2e:ce:6c:3a:9e:
         65:3f:4c:45:f5:d7:7d:7d:cf:1d:91:bd:84:47:a5:68:f7:26:
         9d:ef:c4:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9E1b5bcg1nPcK0Td/EZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjYwNDE3MDEwMDQwWhcNMjYwNDE4MDEwMDQwWjAzMTEwLwYDVQQD
Eyg3MGVlMTcwZjMxYzQyYjBiZWJlZTgyYjI4MTJjMGJkOTk5NGJlZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY4JVJriGucyIAsjqexDcOiThibg
zLs7rsw4Ke/xEzAGdpsT0xy7MF/DNU9SvtDiz4xIVXeCBAPIzGQ1XpqKpYWB05ci
JTRoIGo3Rk6j66D4YG8KjhzTRipa5lCFNP2hFEGnsZkonAxxBWiphzUjs8lY4Ykn
q+99FCpDC1+0E5CDOteG4SEJEVCQDE65CPuif2jhIzA5Rs9pNd5Fvz5PbroRoUZd
4P2u1+r2tFog2V8W5A9e7fIVH8PanWoadutLdbIQpKO0btOq7j2T6GWMlpucAN5T
7TMGvxibLLxVzS1IZAQVzZV55Sw145BDiLtl9Xej/GTHmB80JJB4rFwhLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDuFw8xxCsL6+6CsoEsC9mZS+2jMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqXvLkck
/9CY5fsxqnV9vO1OBeDPsd2qAwtV7nDdWeZKLwWGm5xlVeGDa6M1R6cwP3gCxNHS
zuwlDsT/bDVtQk7+0kS4fB72/xdqeNemBz54xLF+ETBvyjp7wLx7UHqFO+pKvuXn
mytjowe3Gl6JwgEErsu/rJMCGuxO0VrHJC2WCCo8FK/ZHy1rvDiMBxLNsvirfGXy
To8/5znyfyRz+DHerSneHvI7tOVaTxial19cBg3Lhq2UE1XadguofhCfPPNQKC9u
CmA4aTGHQ82Q/D10bM9l4T7DyC0zuWSnASLmrtTkPy7ObDqeZT9MRfXXfX3PHZG9
hEelaPcmne/EHQ==
-----END CERTIFICATE-----