Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
File:                     lZCfz5xup2MAznHQlNMl9X1knL8.mft (raw, json)
Hash identifier:          eCV3vC/bC1BUQGiuBrKvjajq3zvofgg9zQ0vfjCzk1w=
Subject key identifier:   A9:F8:40:75:4E:DC:56:59:83:04:0E:46:75:D1:9C:9C:92:DD:0C:97
Authority key identifier: 95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF
Certificate issuer:       /CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
Certificate serial:       019DA48A82908EA160EA7DB8A0BB56037839
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
Manifest number:          15FE
Signing time:             Sun 19 Apr 2026 07:00:33 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:33 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:33 +0000
Files and hashes:         1: lZCfz5xup2MAznHQlNMl9X1knL8.crl (hash: ia0S9O7eqVJcvOH+WZ69KtITgn4/o8ncrkicYofCco4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:82:90:8e:a1:60:ea:7d:b8:a0:bb:56:03:78:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
        Validity
            Not Before: Apr 19 07:00:33 2026 GMT
            Not After : Apr 20 07:00:33 2026 GMT
        Subject: CN=a9f840754edc565983040e4675d19c9c92dd0c97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:57:7e:3e:99:56:f1:70:d0:9d:7c:4f:e6:21:
                    8a:60:01:5f:46:2f:40:27:9c:7e:5b:71:b7:f0:92:
                    df:f3:00:fc:3a:95:96:38:9d:fc:98:1b:af:e6:15:
                    09:7d:46:b8:6a:77:f5:d9:20:d3:6e:a3:73:a9:7d:
                    11:69:b1:16:cd:3a:9b:87:a9:e3:17:44:05:04:37:
                    d0:db:f6:d0:ea:70:93:aa:d3:eb:e4:62:1d:ef:a2:
                    1e:ae:f5:28:f8:91:dd:8a:b4:f3:9f:3e:24:c1:f3:
                    88:c2:5b:eb:43:56:52:6d:dc:bb:7a:2b:ab:79:2b:
                    e8:2d:88:03:35:27:fd:7a:3d:65:c2:93:ed:a1:14:
                    ea:54:9e:2b:a7:c8:a4:e4:78:ed:18:7b:e4:22:cd:
                    f9:b4:19:7c:3c:d1:1b:f7:36:7b:eb:89:8e:b9:22:
                    05:a0:92:6b:4e:81:7b:31:7b:d5:10:62:2c:17:6e:
                    85:1d:cf:97:51:38:6d:d6:1b:af:ae:be:e5:45:84:
                    43:03:91:35:86:3d:3f:c1:80:e0:2b:36:0c:7a:ba:
                    9d:80:3b:04:92:96:0f:38:2a:63:e9:8e:9e:dc:b6:
                    ac:7f:4b:e8:62:0a:00:0c:1d:b8:e8:7e:6e:52:58:
                    1d:ff:b7:26:6e:72:d9:57:d7:47:ba:69:fe:0a:90:
                    f7:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F8:40:75:4E:DC:56:59:83:04:0E:46:75:D1:9C:9C:92:DD:0C:97
            X509v3 Authority Key Identifier:
                keyid:95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:ad:7b:cd:0c:49:18:ac:ac:46:59:00:59:21:0e:6b:33:0c:
         90:58:c9:1b:f8:b5:94:ba:fc:c8:f7:b2:ab:82:b0:88:97:2b:
         98:1d:8f:22:c6:47:c6:0c:48:8e:68:d9:37:d1:58:e8:2d:7a:
         49:f6:7d:d9:47:60:bf:7a:cf:03:d4:51:5c:38:9a:a7:43:45:
         c2:47:91:52:e8:83:bb:5c:f1:63:4c:09:f2:58:d0:9c:a3:ea:
         c7:76:95:7d:f7:d1:4e:a6:5e:37:1a:3e:0b:5d:98:c9:78:e0:
         43:7c:ad:b5:41:78:b3:26:a5:78:f4:d1:52:60:19:c7:ef:2e:
         25:3a:43:20:61:13:5a:9f:24:d7:89:62:c8:61:25:b4:20:89:
         25:03:29:2e:9f:14:a3:5e:a5:4b:a9:bb:ab:8f:d8:71:a9:25:
         c3:e2:8e:74:b6:62:a3:78:b0:72:0b:61:14:10:f4:54:2c:a7:
         c6:a7:b8:21:41:07:ac:fb:e7:12:a7:c9:27:5e:b0:45:2d:98:
         d5:c4:f0:92:03:de:7a:78:9a:1d:ef:9d:78:85:8a:e1:04:ad:
         38:c8:fe:cb:da:c7:71:eb:f3:c7:46:93:44:8a:b1:8f:af:8e:
         af:d4:4a:90:e4:24:06:87:7e:b9:c1:1c:58:8e:de:b3:0e:d4:
         8c:9a:c1:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kioKQjqFg6n24oLtWA3g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTA5ZmNmOWM2ZWE3NjMwMGNlNzFkMDk0ZDMyNWY1N2Q2
NDljYmYwHhcNMjYwNDE5MDcwMDMzWhcNMjYwNDIwMDcwMDMzWjAzMTEwLwYDVQQD
EyhhOWY4NDA3NTRlZGM1NjU5ODMwNDBlNDY3NWQxOWM5YzkyZGQwYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21d+PplW8XDQnXxP5iGKYAFfRi9A
J5x+W3G38JLf8wD8OpWWOJ38mBuv5hUJfUa4anf12SDTbqNzqX0RabEWzTqbh6nj
F0QFBDfQ2/bQ6nCTqtPr5GId76IervUo+JHdirTznz4kwfOIwlvrQ1ZSbdy7eiur
eSvoLYgDNSf9ej1lwpPtoRTqVJ4rp8ik5HjtGHvkIs35tBl8PNEb9zZ764mOuSIF
oJJrToF7MXvVEGIsF26FHc+XUTht1huvrr7lRYRDA5E1hj0/wYDgKzYMerqdgDsE
kpYPOCpj6Y6e3Lasf0voYgoADB246H5uUlgd/7cmbnLZV9dHumn+CpD3PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKn4QHVO3FZZgwQORnXRnJyS3QyXMB8GA1UdIwQY
MBaAFJWQn8+cbqdjAM5x0JTTJfV9ZJy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGIt
YTZlZWRmYTlhNGZjLzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGItYTZlZWRmYTlhNGZj
LzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAva17zQxJ
GKysRlkAWSEOazMMkFjJG/i1lLr8yPeyq4KwiJcrmB2PIsZHxgxIjmjZN9FY6C16
SfZ92Udgv3rPA9RRXDiap0NFwkeRUuiDu1zxY0wJ8ljQnKPqx3aVfffRTqZeNxo+
C12YyXjgQ3yttUF4syalePTRUmAZx+8uJTpDIGETWp8k14liyGEltCCJJQMpLp8U
o16lS6m7q4/Ycaklw+KOdLZio3iwcgthFBD0VCynxqe4IUEHrPvnEqfJJ16wRS2Y
1cTwkgPeeniaHe+deIWK4QStOMj+y9rHcevzx0aTRIqxj6+Or9RKkOQkBod+ucEc
WI7esw7UjJrBgw==
-----END CERTIFICATE-----