Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          QZ2IZ42fP2CNKca1KcDriIigQUyOereukOS0WrnkyPE=
Subject key identifier:   74:01:B7:D8:A2:FD:98:02:2B:F5:FA:55:53:F0:91:E1:DE:59:4B:C6
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       019EC06D92386FBE9B76395722000509856D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          09DE
Signing time:             Sat 13 Jun 2026 10:01:06 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:06 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:06 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: Cn40R52jC9rIrKxbBKKBxKF9OlKPlvApQRxP5+TSJ8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 10:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:92:38:6f:be:9b:76:39:57:22:00:05:09:85:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Jun 13 10:01:06 2026 GMT
            Not After : Jun 14 10:01:06 2026 GMT
        Subject: CN=7401b7d8a2fd98022bf5fa5553f091e1de594bc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:bb:a4:23:99:49:c6:95:c9:9d:bc:4e:3b:d6:
                    ff:51:b3:19:f1:90:e8:63:fd:38:81:54:19:6c:ee:
                    bc:a4:fe:3e:ef:b7:7d:7c:87:4f:97:d2:f9:66:10:
                    0b:5d:8c:99:20:04:c9:46:5e:38:d8:38:48:49:07:
                    5e:51:b5:44:db:d1:3a:3a:a9:93:e5:4a:f8:a5:15:
                    46:e8:03:1e:73:5f:be:37:bf:e1:ae:77:7c:7c:d2:
                    33:2c:55:68:49:d7:d8:ec:0a:3c:3e:e8:e0:7d:c7:
                    78:57:58:1a:4b:0a:f2:97:f6:8e:34:4c:67:c0:23:
                    f4:3a:1f:18:38:3b:90:f1:27:c3:7e:c0:49:13:3e:
                    77:d1:98:dd:be:a8:17:2d:21:c0:56:5d:7e:c4:94:
                    10:3c:72:04:4d:74:67:57:44:9d:34:f3:a3:d2:35:
                    21:b4:c7:ed:19:ce:88:88:b8:e1:72:87:4d:88:9f:
                    bd:50:69:b4:4c:fe:86:a8:2e:0f:a0:3e:e2:24:44:
                    62:02:2d:8c:5b:c0:f4:b5:a3:65:e1:3c:dd:f7:a9:
                    a0:8f:c7:e5:12:47:93:64:1f:15:7e:d3:41:90:e5:
                    dc:75:38:44:34:86:10:c5:22:38:33:19:4c:3a:ea:
                    75:a9:6e:82:0d:7a:be:e5:14:12:92:3b:ca:f0:d4:
                    df:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:01:B7:D8:A2:FD:98:02:2B:F5:FA:55:53:F0:91:E1:DE:59:4B:C6
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:24:06:cd:65:b6:14:ee:cf:91:d9:2b:76:f1:22:85:81:8b:
         ac:ec:01:d7:de:0d:f9:bb:f9:61:f9:b9:39:aa:a9:e1:a3:18:
         b8:de:83:3e:a5:f7:91:c6:97:f5:f3:33:5a:dd:1a:20:ed:a7:
         08:7e:ef:ca:43:33:55:f8:4f:c1:46:52:7e:da:b7:ad:f3:44:
         c7:5d:12:75:c8:dc:6b:e1:bf:77:d1:a2:22:df:41:54:56:3b:
         fd:6b:5a:1d:5a:e8:80:00:eb:a7:9f:23:38:2d:0b:d3:26:a5:
         24:92:b0:f3:06:85:ef:c5:71:82:de:86:27:ca:22:87:89:64:
         95:2b:c5:0d:41:d1:d0:1a:e1:17:cc:64:e2:3d:27:80:09:dd:
         f8:ae:f8:18:95:ea:3a:e7:b0:a7:3b:e4:3a:1e:a9:16:22:c0:
         52:e7:e7:4d:ee:de:a5:c3:81:c7:98:28:6e:42:a1:e9:fa:2b:
         58:0d:fe:e9:5a:63:a2:f6:46:19:8b:d2:b9:ac:b9:ca:ec:b1:
         93:e5:95:56:41:5c:60:41:6b:0d:ee:47:7d:dd:ab:68:1e:38:
         07:b4:34:ed:ae:cc:f9:92:de:93:1e:de:2e:65:0e:a6:cb:e9:
         aa:bc:0d:93:d8:4c:20:48:be:34:a2:d6:0c:d4:2c:60:2c:a3:
         88:4a:f4:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbZI4b76bdjlXIgAFCYVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjYwNjEzMTAwMTA2WhcNMjYwNjE0MTAwMTA2WjAzMTEwLwYDVQQD
Eyg3NDAxYjdkOGEyZmQ5ODAyMmJmNWZhNTU1M2YwOTFlMWRlNTk0YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bukI5lJxpXJnbxOO9b/UbMZ8ZDo
Y/04gVQZbO68pP4+77d9fIdPl9L5ZhALXYyZIATJRl442DhISQdeUbVE29E6OqmT
5Ur4pRVG6AMec1++N7/hrnd8fNIzLFVoSdfY7Ao8Pujgfcd4V1gaSwryl/aONExn
wCP0Oh8YODuQ8SfDfsBJEz530ZjdvqgXLSHAVl1+xJQQPHIETXRnV0SdNPOj0jUh
tMftGc6IiLjhcodNiJ+9UGm0TP6GqC4PoD7iJERiAi2MW8D0taNl4Tzd96mgj8fl
EkeTZB8VftNBkOXcdThENIYQxSI4MxlMOup1qW6CDXq+5RQSkjvK8NTfnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQBt9ii/ZgCK/X6VVPwkeHeWUvGMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmCQGzWW2
FO7PkdkrdvEihYGLrOwB194N+bv5Yfm5Oaqp4aMYuN6DPqX3kcaX9fMzWt0aIO2n
CH7vykMzVfhPwUZSftq3rfNEx10Sdcjca+G/d9GiIt9BVFY7/WtaHVrogADrp58j
OC0L0yalJJKw8waF78Vxgt6GJ8oih4lklSvFDUHR0BrhF8xk4j0ngAnd+K74GJXq
OuewpzvkOh6pFiLAUufnTe7epcOBx5gobkKh6forWA3+6VpjovZGGYvSuay5yuyx
k+WVVkFcYEFrDe5Hfd2raB44B7Q07a7M+ZLekx7eLmUOpsvpqrwNk9hMIEi+NKLW
DNQsYCyjiEr0jg==
-----END CERTIFICATE-----