Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File:                     CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier:          DI2Dm4sO+GwfwF6omY3YaiDemDeUobVFlbtT9qFCqKo=
Subject key identifier:   6E:D7:F0:76:87:04:D5:8D:15:11:D5:55:91:DE:72:C2:6E:18:C6:C6
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer:       /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial:       019D9962BBBB1DE97A87CEFB44398AAA89E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number:          0C19
Signing time:             Fri 17 Apr 2026 03:01:17 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:17 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:17 +0000
Files and hashes:         1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: YwZ2G8dI9TSqgq7QFY7lTRYDImUorKyaXSUOLuXm8eY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:bb:bb:1d:e9:7a:87:ce:fb:44:39:8a:aa:89:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
        Validity
            Not Before: Apr 17 03:01:17 2026 GMT
            Not After : Apr 18 03:01:17 2026 GMT
        Subject: CN=6ed7f0768704d58d1511d55591de72c26e18c6c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2e:c6:d9:28:a6:78:94:4a:49:af:9a:d5:70:
                    0f:d3:e7:7f:e8:c4:29:54:8d:1c:99:67:ff:23:a2:
                    27:53:76:2f:a5:ae:f1:79:dc:7b:20:e7:39:94:9e:
                    a4:d7:76:ab:4f:45:6e:d6:1f:c5:89:cf:51:c8:01:
                    1c:94:9b:04:8c:0c:10:fc:65:6c:ef:f8:66:d8:79:
                    76:48:20:29:ca:ea:e0:0b:a8:fb:74:83:8d:80:e7:
                    ce:76:9c:bb:5e:ee:45:52:9d:ce:c3:67:60:e6:b6:
                    9c:8d:fc:16:b7:87:09:63:35:b8:f8:f4:e6:09:8c:
                    d8:da:04:71:79:b7:ea:0a:cc:21:f7:f0:ce:c4:b0:
                    e1:9d:8f:a0:99:6e:2a:86:53:bc:b4:fb:fc:e5:2e:
                    24:99:9a:73:81:44:65:92:8e:82:c7:92:3d:23:c5:
                    d8:53:ac:1b:19:ff:5e:8a:c4:77:cf:6c:ea:56:a3:
                    7c:ea:d2:76:e3:02:5e:17:5f:d1:3d:f2:0a:b2:96:
                    69:cb:ae:e8:2b:9f:27:30:6f:51:e9:f8:3f:d1:7e:
                    3f:48:bc:4f:e6:bb:cd:a1:0f:d7:39:2e:aa:d7:ea:
                    a3:b8:88:e8:ee:a8:85:b5:50:df:a1:c2:2b:55:bc:
                    46:1f:e1:30:b9:a5:31:7a:21:7f:7f:fa:26:ae:bb:
                    90:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:D7:F0:76:87:04:D5:8D:15:11:D5:55:91:DE:72:C2:6E:18:C6:C6
            X509v3 Authority Key Identifier:
                keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:e8:08:24:7f:d8:c8:5a:0e:aa:31:6f:d8:70:1e:ac:a0:f0:
         f9:a2:c0:64:70:f3:37:21:6a:f2:16:ca:3e:90:04:6a:51:e3:
         ae:db:6d:ff:ff:43:68:f4:4c:31:c9:af:0a:9e:2c:d1:ea:50:
         2d:3b:d7:a5:19:02:00:c9:c0:c3:63:4a:89:1f:c0:70:53:f8:
         d0:aa:26:f8:fe:4d:e2:a2:0f:6b:d9:82:9b:d2:65:0c:c5:e6:
         21:4c:a1:07:30:25:b6:3e:c0:47:37:4f:fa:30:47:04:40:a3:
         dc:fb:be:f5:81:ea:ea:73:6c:86:0d:6a:20:0f:6c:92:a0:61:
         5e:48:37:fb:89:fe:58:ef:2c:00:51:f6:49:61:65:b9:47:9a:
         61:fd:e4:1a:32:eb:bb:e8:af:44:78:ac:0f:f8:13:ee:66:7c:
         db:b6:e4:5b:32:50:44:fe:ee:6a:c7:c4:d4:bc:83:63:f6:0b:
         61:6c:b0:0d:3b:ea:ba:12:b2:d7:d8:12:8b:3e:da:36:a2:7d:
         48:cf:19:d2:c8:fc:a9:88:59:08:c0:8c:45:5d:28:cb:e4:9a:
         00:b0:ca:f0:c2:8b:a4:de:fc:5f:3e:59:89:cc:93:cd:5b:c5:
         cb:ab:60:f1:c8:de:d9:5a:a8:11:31:ab:bb:28:0b:fe:43:4b:
         a6:d5:ed:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYru7Hel6h877RDmKqonmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjYwNDE3MDMwMTE3WhcNMjYwNDE4MDMwMTE3WjAzMTEwLwYDVQQD
Eyg2ZWQ3ZjA3Njg3MDRkNThkMTUxMWQ1NTU5MWRlNzJjMjZlMThjNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS7G2SimeJRKSa+a1XAP0+d/6MQp
VI0cmWf/I6InU3Yvpa7xedx7IOc5lJ6k13arT0Vu1h/Fic9RyAEclJsEjAwQ/GVs
7/hm2Hl2SCApyurgC6j7dIONgOfOdpy7Xu5FUp3Ow2dg5racjfwWt4cJYzW4+PTm
CYzY2gRxebfqCswh9/DOxLDhnY+gmW4qhlO8tPv85S4kmZpzgURlko6Cx5I9I8XY
U6wbGf9eisR3z2zqVqN86tJ24wJeF1/RPfIKspZpy67oK58nMG9R6fg/0X4/SLxP
5rvNoQ/XOS6q1+qjuIjo7qiFtVDfocIrVbxGH+EwuaUxeiF/f/omrruQVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7X8HaHBNWNFRHVVZHecsJuGMbGMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZugIJH/Y
yFoOqjFv2HAerKDw+aLAZHDzNyFq8hbKPpAEalHjrttt//9DaPRMMcmvCp4s0epQ
LTvXpRkCAMnAw2NKiR/AcFP40Kom+P5N4qIPa9mCm9JlDMXmIUyhBzAltj7ARzdP
+jBHBECj3Pu+9YHq6nNshg1qIA9skqBhXkg3+4n+WO8sAFH2SWFluUeaYf3kGjLr
u+ivRHisD/gT7mZ827bkWzJQRP7uasfE1LyDY/YLYWywDTvquhKy19gSiz7aNqJ9
SM8Z0sj8qYhZCMCMRV0oy+SaALDK8MKLpN78Xz5ZicyTzVvFy6tg8cje2VqoETGr
uygL/kNLptXtJA==
-----END CERTIFICATE-----