Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          gr6KpfB2nh1enNcyAHbXmTcjpfig0J6CNkmp8EveOig=
Subject key identifier:   69:34:99:39:82:13:60:C1:77:51:C0:CB:BC:3A:22:79:89:AE:C2:1B
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       019D9AE3C654D77A2310179E6FC89A9FF4AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          18C0
Signing time:             Fri 17 Apr 2026 10:01:51 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:51 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:51 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: Ucsm0N4IaPsCLOiDJzSfDdpLEKddM3OR2LtBsImsaKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:c6:54:d7:7a:23:10:17:9e:6f:c8:9a:9f:f4:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Apr 17 10:01:51 2026 GMT
            Not After : Apr 18 10:01:51 2026 GMT
        Subject: CN=69349939821360c17751c0cbbc3a227989aec21b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:59:c1:26:10:cf:84:f8:7c:f0:1d:f1:f2:5c:
                    dd:82:ba:5b:34:57:69:ba:7e:99:18:54:db:99:7b:
                    a7:24:8d:b8:e2:88:62:25:5d:59:69:a6:4f:0c:47:
                    d4:29:1c:5f:9a:15:f7:ad:9b:84:be:c9:64:48:20:
                    19:a6:d7:2c:9d:e0:31:e9:9a:d9:7f:bd:25:c3:ae:
                    5c:72:f7:f9:64:66:1a:f8:0f:eb:4e:41:5b:58:cc:
                    57:fe:a9:9a:fd:0a:8a:e6:63:fb:40:12:b9:d7:d5:
                    19:a9:cd:36:b1:96:9c:c8:26:fd:71:3d:b8:ad:6a:
                    ee:e4:ea:39:49:66:79:0f:40:4e:8d:a1:37:c0:81:
                    45:36:98:f0:05:80:ce:44:4b:65:4f:31:27:8a:54:
                    09:b5:63:41:ab:22:2b:81:44:a7:4f:00:5d:ec:c7:
                    21:23:01:43:9d:d0:00:4e:db:a5:27:b0:a1:e3:c0:
                    1c:f9:50:27:59:91:fc:4e:29:12:ca:31:bc:10:ea:
                    17:2d:83:46:e8:20:a1:57:ed:46:fa:c6:d1:ce:92:
                    e3:4e:fc:1c:8f:47:53:03:78:f9:31:91:22:da:9b:
                    7c:99:22:84:4b:b4:11:4c:e0:65:8e:3b:1c:66:59:
                    25:9d:51:03:13:0c:df:37:21:c0:6f:5b:15:d7:80:
                    ba:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:34:99:39:82:13:60:C1:77:51:C0:CB:BC:3A:22:79:89:AE:C2:1B
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:1e:42:0d:bb:36:1f:51:8e:6f:2c:4b:08:a4:6e:df:77:32:
         40:80:9f:93:6e:35:66:4c:9b:0a:ff:0d:3f:74:9d:8c:eb:86:
         8a:33:a6:23:2f:11:e9:2b:f5:9d:53:17:c4:30:4f:71:2a:b4:
         3c:b3:18:85:41:64:e5:62:30:94:ac:21:69:69:68:a1:5c:d0:
         8b:25:8f:38:44:49:f8:d5:6d:ff:09:1c:62:f0:9e:4b:89:f3:
         93:5b:29:4e:95:22:35:0d:05:10:ce:67:19:02:ce:32:ed:24:
         28:25:8a:aa:37:21:45:c7:59:d4:4c:fb:7c:17:7c:d3:36:b9:
         1b:97:55:59:8b:10:90:6f:a9:23:21:b2:37:06:da:2b:72:05:
         d9:92:82:56:56:c8:02:a2:ec:b5:d2:00:83:49:ac:f9:62:c4:
         7f:b6:26:80:31:0f:df:c3:8c:28:f8:20:18:ea:f9:e8:e1:ab:
         65:38:06:8a:60:e5:8d:bb:ff:23:d7:a6:0f:85:b8:43:30:a8:
         a9:70:88:1b:da:03:3e:b5:db:a6:09:57:c2:0d:54:87:c6:0e:
         bc:66:8e:bb:97:3b:ca:98:fc:03:78:f3:20:cd:22:1f:b0:34:
         eb:31:51:6d:98:7d:4c:92:e7:82:7e:17:f7:d6:86:9e:b3:ce:
         84:72:0d:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a48ZU13ojEBeeb8ian/SvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjYwNDE3MTAwMTUxWhcNMjYwNDE4MTAwMTUxWjAzMTEwLwYDVQQD
Eyg2OTM0OTkzOTgyMTM2MGMxNzc1MWMwY2JiYzNhMjI3OTg5YWVjMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21nBJhDPhPh88B3x8lzdgrpbNFdp
un6ZGFTbmXunJI244ohiJV1ZaaZPDEfUKRxfmhX3rZuEvslkSCAZptcsneAx6ZrZ
f70lw65ccvf5ZGYa+A/rTkFbWMxX/qma/QqK5mP7QBK519UZqc02sZacyCb9cT24
rWru5Oo5SWZ5D0BOjaE3wIFFNpjwBYDOREtlTzEnilQJtWNBqyIrgUSnTwBd7Mch
IwFDndAATtulJ7Ch48Ac+VAnWZH8TikSyjG8EOoXLYNG6CChV+1G+sbRzpLjTvwc
j0dTA3j5MZEi2pt8mSKES7QRTOBljjscZlklnVEDEwzfNyHAb1sV14C6eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGk0mTmCE2DBd1HAy7w6InmJrsIbMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARB5CDbs2
H1GObyxLCKRu33cyQICfk241ZkybCv8NP3SdjOuGijOmIy8R6Sv1nVMXxDBPcSq0
PLMYhUFk5WIwlKwhaWlooVzQiyWPOERJ+NVt/wkcYvCeS4nzk1spTpUiNQ0FEM5n
GQLOMu0kKCWKqjchRcdZ1Ez7fBd80za5G5dVWYsQkG+pIyGyNwbaK3IF2ZKCVlbI
AqLstdIAg0ms+WLEf7YmgDEP38OMKPggGOr56OGrZTgGimDljbv/I9emD4W4QzCo
qXCIG9oDPrXbpglXwg1Uh8YOvGaOu5c7ypj8A3jzIM0iH7A06zFRbZh9TJLngn4X
99aGnrPOhHINuQ==
-----END CERTIFICATE-----