Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          KKiRNXqisN2Prbz4zRaQfcnjreJXfGNqQDHbbt1CAz4=
Subject key identifier:   26:08:0B:57:76:71:8D:19:C8:F5:04:24:11:E6:3C:13:77:30:C9:2E
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019D98F4BF7EDEBBAA00EAE0D22CCD331A57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 01:01:09 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:09 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:09 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: tXGY9DGr2TpgT/b58gKqyvOJpstvLeOMaw+Vj1EeDHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:bf:7e:de:bb:aa:00:ea:e0:d2:2c:cd:33:1a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Apr 17 01:01:09 2026 GMT
            Not After : Apr 18 01:01:09 2026 GMT
        Subject: CN=26080b5776718d19c8f5042411e63c137730c92e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:7e:82:56:24:80:47:e1:45:3d:a1:4c:b0:23:
                    c5:f5:f9:13:ec:c3:02:b7:93:0c:c2:0a:6e:37:78:
                    ac:ab:8e:d7:8e:4f:c6:67:da:dc:50:00:e7:82:1e:
                    5d:1a:51:af:a4:98:18:9d:9b:c0:4f:cc:85:26:fe:
                    de:db:51:66:96:73:6d:b3:37:1f:dd:03:c5:13:17:
                    64:27:3c:98:4b:26:87:3e:65:50:76:d3:2a:a2:a1:
                    dc:d9:14:2f:7f:64:72:af:79:5a:30:ba:04:eb:2d:
                    96:44:c8:d3:35:e0:68:b2:89:36:31:13:a3:7c:18:
                    e5:44:a1:85:29:fe:5a:3d:95:4b:50:9b:ca:fe:2f:
                    9c:dc:48:88:8b:65:0b:ed:1b:01:e6:a1:8a:ce:b4:
                    bd:63:66:24:ea:8d:72:85:a5:4e:6f:75:2a:c4:ec:
                    a9:9e:e8:fe:1b:c7:ed:05:76:19:dc:a2:67:38:bf:
                    a5:a3:b8:a0:84:78:0e:7d:ad:10:b6:32:90:27:96:
                    4b:0c:a6:37:17:dc:c9:f9:af:fd:f4:94:61:62:e6:
                    bd:1f:4b:c9:c5:0b:5e:62:e9:ce:d5:aa:1a:14:65:
                    d5:cb:e0:61:1f:e4:45:21:dc:d2:10:c3:b2:66:c7:
                    f1:58:51:d7:d9:cf:5e:fd:41:a4:19:80:8a:55:ed:
                    21:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:08:0B:57:76:71:8D:19:C8:F5:04:24:11:E6:3C:13:77:30:C9:2E
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:f4:df:36:a0:33:c2:83:4e:ce:1d:72:09:02:55:89:5f:e0:
         2a:c5:9b:49:e4:ca:e5:4b:83:39:a0:a9:5f:30:91:62:2e:35:
         3c:f7:b5:92:2c:64:c9:33:5e:0e:3a:15:f8:6e:56:a2:5d:0a:
         89:16:cd:ce:de:9d:64:4f:ba:f3:2c:cd:4c:49:f9:4a:c9:57:
         4d:7e:a8:d5:a4:d2:79:d2:b6:50:c7:f7:e7:ef:79:70:08:c0:
         df:92:c8:9f:91:ba:91:61:bb:64:52:74:2f:9b:e3:6e:b6:12:
         d0:a8:58:66:48:2b:ef:b3:ff:e3:a1:08:a2:90:6e:c0:6f:de:
         6c:fd:e6:87:a7:43:09:1c:f8:05:26:3d:d3:d3:28:79:78:3c:
         af:ab:b5:47:db:73:c4:10:a6:a4:0d:a4:ac:76:c0:06:1b:44:
         8b:18:ba:74:1a:a3:39:7d:66:76:32:11:eb:d2:28:34:de:60:
         55:98:45:12:7e:fe:cb:fb:da:e9:8e:48:2f:8c:2f:40:80:77:
         3b:fa:70:5f:6d:d6:19:73:26:b3:70:d5:3e:9b:10:76:43:7c:
         81:ce:3a:0e:df:92:b9:35:a3:7f:60:33:42:87:88:26:a8:ff:
         64:e3:18:6a:b5:8d:06:5c:30:8e:7c:04:b4:33:da:c6:27:10:
         5c:9c:17:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9L9+3ruqAOrg0izNMxpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjYwNDE3MDEwMTA5WhcNMjYwNDE4MDEwMTA5WjAzMTEwLwYDVQQD
EygyNjA4MGI1Nzc2NzE4ZDE5YzhmNTA0MjQxMWU2M2MxMzc3MzBjOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX6CViSAR+FFPaFMsCPF9fkT7MMC
t5MMwgpuN3isq47Xjk/GZ9rcUADngh5dGlGvpJgYnZvAT8yFJv7e21FmlnNtszcf
3QPFExdkJzyYSyaHPmVQdtMqoqHc2RQvf2Ryr3laMLoE6y2WRMjTNeBosok2MROj
fBjlRKGFKf5aPZVLUJvK/i+c3EiIi2UL7RsB5qGKzrS9Y2Yk6o1yhaVOb3UqxOyp
nuj+G8ftBXYZ3KJnOL+lo7ighHgOfa0QtjKQJ5ZLDKY3F9zJ+a/99JRhYua9H0vJ
xQteYunO1aoaFGXVy+BhH+RFIdzSEMOyZsfxWFHX2c9e/UGkGYCKVe0h2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYIC1d2cY0ZyPUEJBHmPBN3MMkuMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb/TfNqAz
woNOzh1yCQJViV/gKsWbSeTK5UuDOaCpXzCRYi41PPe1kixkyTNeDjoV+G5Wol0K
iRbNzt6dZE+68yzNTEn5SslXTX6o1aTSedK2UMf35+95cAjA35LIn5G6kWG7ZFJ0
L5vjbrYS0KhYZkgr77P/46EIopBuwG/ebP3mh6dDCRz4BSY909MoeXg8r6u1R9tz
xBCmpA2krHbABhtEixi6dBqjOX1mdjIR69IoNN5gVZhFEn7+y/va6Y5IL4wvQIB3
O/pwX23WGXMms3DVPpsQdkN8gc46Dt+SuTWjf2AzQoeIJqj/ZOMYarWNBlwwjnwE
tDPaxicQXJwXgA==
-----END CERTIFICATE-----