Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
File:                     yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json)
Hash identifier:          /KADB1AV7/roYHm2Nx2DdQdmwWhedMadqVVk50dx9V0=
Subject key identifier:   F3:77:38:D6:42:E7:40:C0:E3:F9:B3:76:85:98:2F:AC:74:C3:4C:AE
Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE
Certificate issuer:       /CN=c8483816b43be4a76f6060832bec4992fa5a98ce
Certificate serial:       019D992B6047A48B460EA2B6975DDA27099B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
Manifest number:          08E5
Signing time:             Fri 17 Apr 2026 02:00:49 +0000
Manifest this update:     Fri 17 Apr 2026 02:00:49 +0000
Manifest next update:     Sat 18 Apr 2026 02:00:49 +0000
Files and hashes:         1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: OAlyxZxFWA7IzsKUFgl2zuynXoTPLHJaaA3UOUhNObI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:60:47:a4:8b:46:0e:a2:b6:97:5d:da:27:09:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce
        Validity
            Not Before: Apr 17 02:00:49 2026 GMT
            Not After : Apr 18 02:00:49 2026 GMT
        Subject: CN=f37738d642e740c0e3f9b37685982fac74c34cae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:60:74:94:a2:60:4d:f6:67:8a:3d:6c:56:bc:
                    05:7d:60:c2:f2:d5:30:b4:c4:14:e9:66:b0:c6:ce:
                    cb:32:1f:03:f9:a7:ad:fb:e5:ea:ea:5a:9a:d6:f3:
                    09:73:f2:a7:49:95:c0:53:6d:9d:48:0f:e1:61:2f:
                    e2:c0:43:a6:c7:67:f6:49:a1:d8:40:bc:80:95:74:
                    41:cb:dd:b4:33:34:fb:e3:d1:ef:77:b7:a4:90:be:
                    12:d9:81:d4:31:d6:76:47:23:85:29:19:30:c6:7f:
                    02:e1:99:7d:2e:64:a0:a1:da:e6:9a:9a:bd:fc:7e:
                    2b:d0:94:58:b9:93:49:30:ce:93:cb:c3:1f:a8:3d:
                    61:05:3c:ed:84:c2:f8:bc:3f:03:b2:e2:d0:55:7e:
                    b7:80:ee:12:09:dd:93:c7:6c:e3:52:66:14:60:57:
                    db:b7:0b:2b:83:2d:7c:63:6c:3d:49:5a:1e:cf:0f:
                    ac:b0:c9:d4:b3:e0:92:df:1c:12:28:3c:5d:18:95:
                    4f:19:78:b3:3e:61:49:cb:26:b9:14:f7:68:06:cd:
                    e7:cd:15:d2:30:81:9b:bf:d0:9e:ec:8d:63:2e:01:
                    43:83:d8:77:e9:8f:3b:87:9d:06:11:ed:6c:3d:d6:
                    de:29:4b:75:c5:d3:cb:99:48:7b:6d:82:2f:31:09:
                    ae:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:77:38:D6:42:E7:40:C0:E3:F9:B3:76:85:98:2F:AC:74:C3:4C:AE
            X509v3 Authority Key Identifier:
                keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:7b:f8:13:e8:06:0c:92:b7:43:e6:b3:6e:7d:d7:9c:d4:05:
         aa:43:bb:47:69:eb:cc:b7:39:cb:7d:ea:10:19:f9:44:f5:e6:
         22:6f:b7:a0:d3:f6:1e:ed:e7:ed:9f:45:30:b0:1a:7c:f4:c2:
         17:72:0e:ad:ff:6f:01:b8:60:81:72:db:ca:d8:ad:a0:01:03:
         80:0f:4e:9c:9b:57:bc:88:5e:5d:5e:26:ce:e6:d9:ce:f3:30:
         3c:3f:eb:62:17:12:92:b4:89:af:cc:19:09:eb:00:32:2d:fa:
         35:d1:a8:c1:da:66:26:a9:df:1f:40:76:06:32:72:12:ee:ca:
         9e:52:bb:d1:9d:6e:a2:c8:c7:34:c1:61:eb:d5:81:73:7d:4a:
         38:4f:75:06:9e:3a:b9:ed:d3:cc:d3:12:1e:45:79:f5:3f:dc:
         82:ed:50:07:0c:a9:c5:e3:1a:f2:9c:f4:f6:56:17:53:47:9f:
         54:4a:af:5f:d9:e5:15:66:24:04:80:c2:2c:c7:b3:c7:59:54:
         d7:94:a2:f9:26:79:bf:0d:d4:d8:d1:3a:1d:93:74:c7:d6:f6:
         76:a0:17:a5:50:d4:8c:3e:eb:5a:5f:55:70:ff:86:b3:cb:77:
         5a:54:57:cb:43:50:f4:5e:c7:64:b3:c7:02:ce:47:f6:44:e4:
         22:d1:fe:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK2BHpItGDqK2l13aJwmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1
YTk4Y2UwHhcNMjYwNDE3MDIwMDQ5WhcNMjYwNDE4MDIwMDQ5WjAzMTEwLwYDVQQD
EyhmMzc3MzhkNjQyZTc0MGMwZTNmOWIzNzY4NTk4MmZhYzc0YzM0Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmB0lKJgTfZnij1sVrwFfWDC8tUw
tMQU6Wawxs7LMh8D+aet++Xq6lqa1vMJc/KnSZXAU22dSA/hYS/iwEOmx2f2SaHY
QLyAlXRBy920MzT749Hvd7ekkL4S2YHUMdZ2RyOFKRkwxn8C4Zl9LmSgodrmmpq9
/H4r0JRYuZNJMM6Ty8MfqD1hBTzthML4vD8DsuLQVX63gO4SCd2Tx2zjUmYUYFfb
twsrgy18Y2w9SVoezw+ssMnUs+CS3xwSKDxdGJVPGXizPmFJyya5FPdoBs3nzRXS
MIGbv9Ce7I1jLgFDg9h36Y87h50GEe1sPdbeKUt1xdPLmUh7bYIvMQmuJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPN3ONZC50DA4/mzdoWYL6x0w0yuMB8GA1UdIwQY
MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt
MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx
LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhHv4E+gG
DJK3Q+azbn3XnNQFqkO7R2nrzLc5y33qEBn5RPXmIm+3oNP2Hu3n7Z9FMLAafPTC
F3IOrf9vAbhggXLbytitoAEDgA9OnJtXvIheXV4mzubZzvMwPD/rYhcSkrSJr8wZ
CesAMi36NdGowdpmJqnfH0B2BjJyEu7KnlK70Z1uosjHNMFh69WBc31KOE91Bp46
ue3TzNMSHkV59T/cgu1QBwypxeMa8pz09lYXU0efVEqvX9nlFWYkBIDCLMezx1lU
15Si+SZ5vw3U2NE6HZN0x9b2dqAXpVDUjD7rWl9VcP+Gs8t3WlRXy0NQ9F7HZLPH
As5H9kTkItH+yA==
-----END CERTIFICATE-----