Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          FYHhDP+bIwA+lXK6tnavdw7W7GS14QlbaSZQxDC2dfI=
Subject key identifier:   D2:2A:78:C7:03:88:2A:B0:02:B2:04:60:86:2D:96:5C:B0:C9:8D:0A
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       019DA48A8A5B121C9ED7E1A074D60258F105
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          094B
Signing time:             Sun 19 Apr 2026 07:00:35 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:35 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:35 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: 8o9zaMA5xwvvhMnLmkGhCfmjFEiFy9VZUEdTzuQsE/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:8a:5b:12:1c:9e:d7:e1:a0:74:d6:02:58:f1:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Apr 19 07:00:35 2026 GMT
            Not After : Apr 20 07:00:35 2026 GMT
        Subject: CN=d22a78c703882ab002b20460862d965cb0c98d0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:66:b5:04:2b:69:09:a1:e0:0f:d6:e1:c0:a2:
                    fd:33:37:fd:54:ef:8f:e2:30:ac:e0:b1:a8:b1:64:
                    27:8b:2d:bf:22:88:cf:d8:e3:8f:a4:6b:7e:1a:cf:
                    58:84:90:cf:36:a1:17:f9:be:40:4d:b9:c7:5c:6b:
                    d2:f6:9d:4a:46:92:6a:e9:47:b1:12:87:ac:dd:30:
                    f8:ae:4a:ca:7b:ce:57:93:e4:55:27:2a:37:29:35:
                    57:57:6e:06:36:14:0d:1a:6a:c6:36:41:5d:e3:d4:
                    bd:aa:a4:2c:f3:95:8e:a4:69:0e:c7:d3:1e:c7:2a:
                    43:d6:0f:a2:fb:5d:d1:5d:fe:e4:e4:b3:ea:67:53:
                    86:b4:07:da:00:18:f8:fa:66:5d:85:a5:b9:c5:96:
                    ab:0c:26:53:83:16:cb:e9:b5:33:0f:b4:8a:7e:5e:
                    ab:ea:2e:39:54:d7:08:89:df:13:29:f0:51:a4:81:
                    10:16:12:ad:cc:37:d6:97:81:4e:4d:4d:b2:d6:80:
                    cc:aa:90:b3:65:7b:6c:60:20:c4:ad:15:72:9f:a5:
                    ce:c4:f5:59:72:7c:74:cb:72:56:2c:69:7f:df:43:
                    0a:ae:d0:77:f6:24:a9:5b:b2:23:e0:bc:0c:df:69:
                    37:2f:31:3b:c9:60:9a:84:ab:13:3c:6f:32:42:fe:
                    99:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:2A:78:C7:03:88:2A:B0:02:B2:04:60:86:2D:96:5C:B0:C9:8D:0A
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:3a:5e:12:94:9e:40:ef:e7:d1:56:28:b0:1f:95:ff:55:0f:
         ca:15:8a:0b:fa:f5:14:c4:34:2e:cc:59:00:bd:57:69:8f:72:
         49:86:1c:3b:23:16:be:5e:13:a0:91:02:97:48:75:7c:1e:60:
         f6:ed:bb:16:7b:f9:21:e4:3f:04:34:93:b0:78:ca:36:f7:ff:
         7f:e4:33:83:51:ca:f4:43:bb:a2:1a:2c:a0:15:2d:dc:01:2b:
         f0:e7:f9:2c:a4:83:ef:f9:b0:3a:1b:33:c7:0a:cf:5b:d3:93:
         e1:3e:5a:95:d5:d0:1a:89:90:f8:cf:4d:a7:26:d5:1a:d4:52:
         e9:ba:0e:d8:29:10:aa:cf:86:4a:39:00:87:96:a8:a0:4e:de:
         23:69:7d:cf:b6:f4:0a:90:f7:47:48:be:b2:65:15:a7:55:d0:
         d0:ff:35:2c:74:ea:3b:61:1a:8e:64:85:79:68:27:af:f8:b1:
         aa:93:18:54:07:59:fc:b6:97:95:7d:d7:dc:a3:6f:09:95:98:
         b9:2c:d9:52:0b:6d:10:6f:73:a8:ec:a6:97:12:98:e6:90:37:
         cd:45:d4:51:fd:1f:28:03:28:6f:96:a0:36:b7:2c:6d:a0:34:
         56:62:e3:d7:3e:ce:4a:80:eb:09:7d:3f:b6:be:ad:63:7d:07:
         ec:ee:3a:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kiopbEhye1+GgdNYCWPEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjYwNDE5MDcwMDM1WhcNMjYwNDIwMDcwMDM1WjAzMTEwLwYDVQQD
EyhkMjJhNzhjNzAzODgyYWIwMDJiMjA0NjA4NjJkOTY1Y2IwYzk4ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxma1BCtpCaHgD9bhwKL9Mzf9VO+P
4jCs4LGosWQniy2/IojP2OOPpGt+Gs9YhJDPNqEX+b5ATbnHXGvS9p1KRpJq6Uex
Eoes3TD4rkrKe85Xk+RVJyo3KTVXV24GNhQNGmrGNkFd49S9qqQs85WOpGkOx9Me
xypD1g+i+13RXf7k5LPqZ1OGtAfaABj4+mZdhaW5xZarDCZTgxbL6bUzD7SKfl6r
6i45VNcIid8TKfBRpIEQFhKtzDfWl4FOTU2y1oDMqpCzZXtsYCDErRVyn6XOxPVZ
cnx0y3JWLGl/30MKrtB39iSpW7Ij4LwM32k3LzE7yWCahKsTPG8yQv6ZHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIqeMcDiCqwArIEYIYtllywyY0KMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALjpeEpSe
QO/n0VYosB+V/1UPyhWKC/r1FMQ0LsxZAL1XaY9ySYYcOyMWvl4ToJECl0h1fB5g
9u27Fnv5IeQ/BDSTsHjKNvf/f+Qzg1HK9EO7ohosoBUt3AEr8Of5LKSD7/mwOhsz
xwrPW9OT4T5aldXQGomQ+M9NpybVGtRS6boO2CkQqs+GSjkAh5aooE7eI2l9z7b0
CpD3R0i+smUVp1XQ0P81LHTqO2EajmSFeWgnr/ixqpMYVAdZ/LaXlX3X3KNvCZWY
uSzZUgttEG9zqOymlxKY5pA3zUXUUf0fKAMob5agNrcsbaA0VmLj1z7OSoDrCX0/
tr6tY30H7O46GQ==
-----END CERTIFICATE-----