Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          bB4v/0wGtOdclSq/1ia7sEldyGycLKhTm+O8yn567TA=
Subject key identifier:   F4:F8:AB:44:43:B9:1D:BA:87:20:09:40:1E:19:DA:C4:C1:6D:52:79
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       019D98F4AD7637AEAD6C0DEAFD99434EC826
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0FCE
Signing time:             Fri 17 Apr 2026 01:01:05 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:05 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:05 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: rgSaxzSqEVCfJ2XYh9j8xwtFJyziJ1wiUP9gOfNvInE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:ad:76:37:ae:ad:6c:0d:ea:fd:99:43:4e:c8:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Apr 17 01:01:05 2026 GMT
            Not After : Apr 18 01:01:05 2026 GMT
        Subject: CN=f4f8ab4443b91dba872009401e19dac4c16d5279
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bc:62:35:fc:1e:78:8b:5e:1e:8b:e9:10:65:
                    41:f4:c1:61:29:5e:ae:86:cb:3f:cd:a0:ea:bf:ce:
                    87:6c:30:1c:fd:9f:2c:92:81:73:1c:f9:13:14:d5:
                    6a:56:a9:2c:52:0f:12:eb:16:5d:31:0d:44:4e:f0:
                    41:39:f8:7a:0d:d0:cf:6f:6f:9b:74:79:c3:2f:da:
                    39:e4:29:1e:c0:44:c8:62:30:ee:1c:47:c1:b0:0b:
                    35:01:42:2a:db:78:ec:1a:67:b2:a9:77:ac:fb:45:
                    ad:40:8c:5a:a9:97:82:d2:e0:5b:48:7f:8b:f1:a3:
                    ac:43:c6:79:9d:9f:44:5a:bc:54:5c:df:33:2d:78:
                    28:71:49:b5:e2:d8:66:21:ab:df:bc:52:82:05:1d:
                    d6:77:f2:0a:8a:fd:a8:f4:e8:2a:81:ef:7b:6b:b0:
                    34:1b:37:11:95:27:5e:6f:a9:54:75:2f:7e:e1:4c:
                    2d:4e:ce:2d:2f:c1:d3:a6:db:9e:b3:d8:0d:01:1a:
                    e5:1c:fc:29:d2:70:8e:09:66:56:a4:d4:e9:80:91:
                    32:86:22:05:ef:43:a9:84:2c:46:27:a1:44:fa:0d:
                    a3:62:3f:1f:93:82:67:df:bd:fc:9f:cf:0d:6f:06:
                    5b:a1:fd:64:5c:8f:55:0c:20:b8:92:fa:7a:0a:3b:
                    24:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:F8:AB:44:43:B9:1D:BA:87:20:09:40:1E:19:DA:C4:C1:6D:52:79
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:6e:34:78:31:eb:8c:45:cc:6b:86:5b:74:8a:02:7a:86:e0:
         72:86:68:d0:38:25:a4:b5:c7:57:39:e3:63:e9:9f:7d:f1:f6:
         b2:f2:38:02:a7:ee:b6:2e:ab:81:e7:59:13:c1:04:a6:8a:d0:
         cb:ec:52:f1:b7:81:de:6e:e5:94:fc:4e:b9:63:53:ea:77:95:
         5a:c5:17:d3:db:03:a1:5a:a1:58:c0:3d:21:23:bd:0e:1f:29:
         a9:4a:4c:58:cc:c4:81:de:86:f4:cd:8f:2a:92:ec:e1:d8:4d:
         23:55:fe:9a:55:9f:25:3a:25:2f:9d:d8:0b:a2:89:1f:e5:eb:
         cf:68:c4:cd:68:55:19:b1:dd:68:82:66:ad:03:29:22:f4:17:
         54:18:b5:b0:7b:67:d4:b1:58:d1:57:50:f6:c5:86:50:73:94:
         67:3e:a1:b0:95:26:1d:31:4c:ed:6b:9c:c0:5c:df:d7:2c:04:
         c7:cd:93:bf:14:89:e2:17:01:c2:fd:fa:9f:20:c9:76:e7:1c:
         6d:70:8a:54:5b:7d:53:dd:b2:11:cd:9b:fc:5f:c7:96:6c:ee:
         55:1d:30:4a:c8:1c:7a:13:60:76:15:e0:1e:a4:94:b2:83:25:
         8e:96:ef:7e:59:e3:5f:4c:ea:dd:cf:5e:73:64:c9:86:cb:22:
         be:80:b6:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9K12N66tbA3q/ZlDTsgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjYwNDE3MDEwMTA1WhcNMjYwNDE4MDEwMTA1WjAzMTEwLwYDVQQD
EyhmNGY4YWI0NDQzYjkxZGJhODcyMDA5NDAxZTE5ZGFjNGMxNmQ1Mjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7xiNfweeIteHovpEGVB9MFhKV6u
hss/zaDqv86HbDAc/Z8skoFzHPkTFNVqVqksUg8S6xZdMQ1ETvBBOfh6DdDPb2+b
dHnDL9o55CkewETIYjDuHEfBsAs1AUIq23jsGmeyqXes+0WtQIxaqZeC0uBbSH+L
8aOsQ8Z5nZ9EWrxUXN8zLXgocUm14thmIavfvFKCBR3Wd/IKiv2o9Ogqge97a7A0
GzcRlSdeb6lUdS9+4UwtTs4tL8HTptues9gNARrlHPwp0nCOCWZWpNTpgJEyhiIF
70OphCxGJ6FE+g2jYj8fk4Jn3738n88NbwZbof1kXI9VDCC4kvp6CjskNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPT4q0RDuR26hyAJQB4Z2sTBbVJ5MB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApW40eDHr
jEXMa4ZbdIoCeobgcoZo0DglpLXHVznjY+mfffH2svI4Aqfuti6rgedZE8EEporQ
y+xS8beB3m7llPxOuWNT6neVWsUX09sDoVqhWMA9ISO9Dh8pqUpMWMzEgd6G9M2P
KpLs4dhNI1X+mlWfJTolL53YC6KJH+Xrz2jEzWhVGbHdaIJmrQMpIvQXVBi1sHtn
1LFY0VdQ9sWGUHOUZz6hsJUmHTFM7WucwFzf1ywEx82TvxSJ4hcBwv36nyDJducc
bXCKVFt9U92yEc2b/F/HlmzuVR0wSsgcehNgdhXgHqSUsoMljpbvflnjX0zq3c9e
c2TJhssivoC2hA==
-----END CERTIFICATE-----