Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
File:                     EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft (raw, json)
Hash identifier:          YqNIKVAuxUc6PGKAYRwiBgsQCq8zKur2gvhO+eH4MmQ=
Subject key identifier:   37:3B:CD:95:F3:A8:0E:59:7E:0F:16:D3:58:18:09:92:30:A5:5F:DB
Authority key identifier: 10:93:0D:00:49:BA:87:00:4C:CC:9E:5B:E5:26:C3:50:CC:83:FA:8D
Certificate issuer:       /CN=10930d0049ba87004ccc9e5be526c350cc83fa8d
Certificate serial:       019D99990AFC24A528F228A157B8EC74146F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 04:00:36 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:36 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:36 +0000
Files and hashes:         1: EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl (hash: hivCcZv5vfYari5BfvUUyp1UZp/YXw7bZqkXi446Nj0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:0a:fc:24:a5:28:f2:28:a1:57:b8:ec:74:14:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10930d0049ba87004ccc9e5be526c350cc83fa8d
        Validity
            Not Before: Apr 17 04:00:36 2026 GMT
            Not After : Apr 18 04:00:36 2026 GMT
        Subject: CN=373bcd95f3a80e597e0f16d35818099230a55fdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7f:ad:a2:1a:07:ea:41:7d:3c:56:1b:63:71:
                    95:fb:2f:16:d4:be:3f:56:36:0a:91:3b:28:4d:1d:
                    15:99:cb:8e:b6:7f:7c:b9:ed:51:a2:4f:f1:b6:e6:
                    e7:fe:ce:a5:a2:80:54:6b:61:ba:d8:19:ac:f5:8b:
                    fe:07:0c:b0:8b:f9:c8:8a:3e:55:a0:36:57:97:28:
                    68:d3:0f:ad:2a:f8:8d:46:74:2c:7e:6a:51:c7:bc:
                    ff:dd:7a:4a:fa:20:17:6a:84:b6:3c:b1:c1:bc:f9:
                    3f:53:59:78:f6:01:8a:ed:14:dd:6d:26:f9:5c:24:
                    5d:f7:85:45:ec:48:52:85:9a:31:6b:f0:af:ff:3e:
                    a3:47:be:a6:84:86:43:45:d2:42:e1:18:89:b0:98:
                    68:f3:5e:83:2e:4b:bb:7b:9d:33:3b:38:93:4e:71:
                    fc:05:bc:f7:dc:55:b2:8b:63:3f:25:5a:76:9b:35:
                    44:80:8b:03:9b:06:2d:61:f1:9d:20:a1:8c:fe:fa:
                    6b:fd:57:85:c6:05:d3:da:67:60:bd:68:5d:89:a4:
                    37:58:50:92:e4:2c:8a:91:40:f7:19:73:ff:25:3e:
                    02:4c:38:f2:fe:de:65:5e:3f:63:57:c9:f2:ec:fa:
                    eb:b1:cb:c9:12:61:34:96:ed:52:6e:bf:96:0d:d4:
                    fc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:3B:CD:95:F3:A8:0E:59:7E:0F:16:D3:58:18:09:92:30:A5:5F:DB
            X509v3 Authority Key Identifier:
                keyid:10:93:0D:00:49:BA:87:00:4C:CC:9E:5B:E5:26:C3:50:CC:83:FA:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:28:22:b3:13:47:b2:12:e3:72:88:7d:3c:08:c8:9c:6f:37:
         6e:b0:bd:90:44:63:aa:35:60:37:7f:c6:a7:4b:09:25:e4:e1:
         92:ba:29:ac:d9:77:a9:b1:13:b6:4c:be:40:e9:92:d2:1e:b1:
         a2:7e:49:e9:4a:90:8e:69:48:2c:0f:d3:df:a7:50:cf:6a:87:
         e3:a0:2a:74:24:59:e2:e7:5f:85:1e:62:0b:d6:64:fa:16:b5:
         70:af:1d:16:e7:05:55:5c:40:11:ec:4e:00:3a:23:de:f2:72:
         5c:d0:ec:ac:69:61:9e:06:c8:bc:d5:64:1c:67:8d:45:f9:9c:
         e7:b2:f6:f5:29:83:fe:42:aa:1e:c7:d7:da:5b:db:51:06:1f:
         1c:92:e8:1c:72:0a:3f:86:5b:00:80:02:2e:e5:6c:80:ed:91:
         d3:e8:3a:4b:7d:f5:ba:4a:a0:9f:92:db:9c:d7:d1:8f:ee:b0:
         91:59:74:d2:a8:7c:75:1e:46:a1:27:28:4a:a5:62:96:07:ad:
         9d:f3:40:58:12:c4:a0:4f:e2:cd:bd:e2:5a:3c:a0:3d:78:60:
         20:8b:54:4a:ea:42:50:0a:6a:be:98:59:59:c5:a2:31:0e:15:
         3e:e0:07:51:02:15:47:28:c0:fe:3c:9c:78:3d:40:2f:8e:15:
         c1:b8:dc:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmQr8JKUo8iihV7jsdBRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTMwZDAwNDliYTg3MDA0Y2NjOWU1YmU1MjZjMzUwY2M4
M2ZhOGQwHhcNMjYwNDE3MDQwMDM2WhcNMjYwNDE4MDQwMDM2WjAzMTEwLwYDVQQD
EygzNzNiY2Q5NWYzYTgwZTU5N2UwZjE2ZDM1ODE4MDk5MjMwYTU1ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH+tohoH6kF9PFYbY3GV+y8W1L4/
VjYKkTsoTR0VmcuOtn98ue1Rok/xtubn/s6looBUa2G62Bms9Yv+Bwywi/nIij5V
oDZXlyho0w+tKviNRnQsfmpRx7z/3XpK+iAXaoS2PLHBvPk/U1l49gGK7RTdbSb5
XCRd94VF7EhShZoxa/Cv/z6jR76mhIZDRdJC4RiJsJho816DLku7e50zOziTTnH8
Bbz33FWyi2M/JVp2mzVEgIsDmwYtYfGdIKGM/vpr/VeFxgXT2mdgvWhdiaQ3WFCS
5CyKkUD3GXP/JT4CTDjy/t5lXj9jV8ny7PrrscvJEmE0lu1Sbr+WDdT8mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDc7zZXzqA5Zfg8W01gYCZIwpV/bMB8GA1UdIwQY
MBaAFBCTDQBJuocATMyeW+Umw1DMg/qNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yZGEyOTAtNGViZS00MmFkLWJjNDYt
NTcyZWRiNTcwZjdlLzEvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yZGEyOTAtNGViZS00MmFkLWJjNDYtNTcyZWRiNTcwZjdl
LzEvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATygisxNH
shLjcoh9PAjInG83brC9kERjqjVgN3/Gp0sJJeThkroprNl3qbETtky+QOmS0h6x
on5J6UqQjmlILA/T36dQz2qH46AqdCRZ4udfhR5iC9Zk+ha1cK8dFucFVVxAEexO
ADoj3vJyXNDsrGlhngbIvNVkHGeNRfmc57L29SmD/kKqHsfX2lvbUQYfHJLoHHIK
P4ZbAIACLuVsgO2R0+g6S331ukqgn5LbnNfRj+6wkVl00qh8dR5GoScoSqVilget
nfNAWBLEoE/izb3iWjygPXhgIItUSupCUApqvphZWcWiMQ4VPuAHUQIVRyjA/jyc
eD1AL44VwbjchQ==
-----END CERTIFICATE-----