Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
File:                     fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft (raw, json)
Hash identifier:          4xjelBcGI7zsYO49Xepagh7azEV+N8Lt4E8idZWGPG8=
Subject key identifier:   3A:E9:D2:36:69:3C:DB:CE:57:FC:D6:2D:AD:E5:8C:4F:F7:4A:D6:F4
Authority key identifier: 7C:82:30:28:AE:FF:C5:99:AE:FF:A5:DE:5B:90:CC:AD:33:49:7D:B9
Certificate issuer:       /CN=7c823028aeffc599aeffa5de5b90ccad33497db9
Certificate serial:       019DA48B54B54C0E5344B803E2CC8678AE5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
Manifest number:          0856
Signing time:             Sun 19 Apr 2026 07:01:27 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:27 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:27 +0000
Files and hashes:         1: fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl (hash: +F0xYk+SfyF74y6EPbWEEw2D31tytDEhHGaY3XwL0MQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:54:b5:4c:0e:53:44:b8:03:e2:cc:86:78:ae:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c823028aeffc599aeffa5de5b90ccad33497db9
        Validity
            Not Before: Apr 19 07:01:27 2026 GMT
            Not After : Apr 20 07:01:27 2026 GMT
        Subject: CN=3ae9d236693cdbce57fcd62dade58c4ff74ad6f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6d:ba:57:02:47:74:5f:f2:ea:d3:92:4a:8f:
                    ea:29:b3:c4:f4:cb:2f:90:f5:ee:d0:52:86:6b:45:
                    81:90:7c:ea:e5:f1:65:f1:52:c2:35:1e:f1:8a:a2:
                    cf:3e:82:c5:34:d2:f6:4e:42:61:27:a6:ee:c6:4b:
                    ff:5b:08:f5:80:a9:dd:db:b0:b8:fa:37:d9:c2:75:
                    dc:dd:b3:db:37:16:67:42:6a:32:67:2e:2b:19:db:
                    b9:af:87:19:82:07:82:8d:6d:07:62:80:32:f1:b9:
                    6b:53:e4:e8:67:54:9b:8f:bb:3d:6d:06:c9:80:48:
                    61:c4:5f:29:65:af:9a:15:2a:48:a4:81:e9:cc:af:
                    cf:05:6c:8d:33:69:00:62:10:9c:e4:50:6f:f2:80:
                    4e:b5:d5:82:e8:46:95:9c:41:03:7a:23:e4:da:ac:
                    ad:1e:81:00:05:6c:ea:2a:4d:37:3e:9f:50:80:60:
                    ae:13:bd:6e:8e:c8:d9:f5:e4:06:c5:6f:ee:a3:6c:
                    99:95:73:6d:79:b7:6a:0c:ea:e0:e1:be:65:43:29:
                    c2:b6:d1:4d:25:00:15:38:1c:94:4f:78:d3:0e:72:
                    76:09:00:e3:7f:b8:35:c6:98:43:1f:32:e3:ac:a8:
                    fe:d4:f7:04:23:87:ef:e8:6d:12:7d:cb:eb:66:b9:
                    74:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:E9:D2:36:69:3C:DB:CE:57:FC:D6:2D:AD:E5:8C:4F:F7:4A:D6:F4
            X509v3 Authority Key Identifier:
                keyid:7C:82:30:28:AE:FF:C5:99:AE:FF:A5:DE:5B:90:CC:AD:33:49:7D:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:c8:fd:18:ef:31:a8:33:02:46:0d:72:cc:b3:c5:9f:34:fe:
         fd:20:d6:77:90:63:ed:f8:08:e0:47:bd:ab:fc:ea:8d:bb:5b:
         bf:ff:15:62:5b:b1:1b:07:0c:30:a0:fe:6c:23:69:2f:53:68:
         91:92:38:9f:fe:48:95:e1:a9:46:93:da:33:c9:f7:3a:19:f3:
         25:8f:47:87:e6:b6:7f:0b:6c:2a:04:52:77:8d:ef:9f:4c:ef:
         58:ac:a8:b3:01:f3:40:91:c7:59:d3:79:77:96:73:fb:bc:09:
         34:3c:d0:8f:23:14:19:6f:8a:73:28:13:13:ea:e4:40:b0:27:
         8f:25:c8:06:94:bf:48:2b:43:37:d0:70:e9:6a:c0:3b:54:9c:
         7b:65:aa:1d:7d:10:41:f4:5d:96:37:4e:c1:03:75:e7:c0:0c:
         d2:8e:8c:e0:de:48:96:69:ec:95:ac:f5:bc:20:3b:f9:ee:50:
         34:3a:33:8f:6f:72:eb:97:c2:db:e9:ad:ed:f8:36:3b:64:5e:
         30:19:93:ef:0b:f6:ad:66:1c:1d:a5:10:d5:28:7e:a0:2c:0a:
         73:03:52:d7:6e:74:27:ec:97:dd:82:df:46:9f:b4:6e:56:ba:
         ff:53:c3:df:1d:ae:2b:a9:8f:f5:6d:5c:2c:9f:46:30:b4:89:
         5a:e1:bb:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ki1S1TA5TRLgD4syGeK5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODIzMDI4YWVmZmM1OTlhZWZmYTVkZTViOTBjY2FkMzM0
OTdkYjkwHhcNMjYwNDE5MDcwMTI3WhcNMjYwNDIwMDcwMTI3WjAzMTEwLwYDVQQD
EygzYWU5ZDIzNjY5M2NkYmNlNTdmY2Q2MmRhZGU1OGM0ZmY3NGFkNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG26VwJHdF/y6tOSSo/qKbPE9Msv
kPXu0FKGa0WBkHzq5fFl8VLCNR7xiqLPPoLFNNL2TkJhJ6buxkv/Wwj1gKnd27C4
+jfZwnXc3bPbNxZnQmoyZy4rGdu5r4cZggeCjW0HYoAy8blrU+ToZ1Sbj7s9bQbJ
gEhhxF8pZa+aFSpIpIHpzK/PBWyNM2kAYhCc5FBv8oBOtdWC6EaVnEEDeiPk2qyt
HoEABWzqKk03Pp9QgGCuE71ujsjZ9eQGxW/uo2yZlXNtebdqDOrg4b5lQynCttFN
JQAVOByUT3jTDnJ2CQDjf7g1xphDHzLjrKj+1PcEI4fv6G0SfcvrZrl0FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrp0jZpPNvOV/zWLa3ljE/3Stb0MB8GA1UdIwQY
MBaAFHyCMCiu/8WZrv+l3luQzK0zSX25MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMmI5NWQtMGIyNi00MDJkLTk2ZWMt
Njg2OTFkYWJiZGYzLzEvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMmI5NWQtMGIyNi00MDJkLTk2ZWMtNjg2OTFkYWJiZGYz
LzEvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmsj9GO8x
qDMCRg1yzLPFnzT+/SDWd5Bj7fgI4Ee9q/zqjbtbv/8VYluxGwcMMKD+bCNpL1No
kZI4n/5IleGpRpPaM8n3OhnzJY9Hh+a2fwtsKgRSd43vn0zvWKyoswHzQJHHWdN5
d5Zz+7wJNDzQjyMUGW+KcygTE+rkQLAnjyXIBpS/SCtDN9Bw6WrAO1Sce2WqHX0Q
QfRdljdOwQN158AM0o6M4N5Ilmnslaz1vCA7+e5QNDozj29y65fC2+mt7fg2O2Re
MBmT7wv2rWYcHaUQ1Sh+oCwKcwNS1250J+yX3YLfRp+0bla6/1PD3x2uK6mP9W1c
LJ9GMLSJWuG7Ng==
-----END CERTIFICATE-----