Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
File:                     S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft (raw, json)
Hash identifier:          eLPEpJHSq8BCIlhfqyT2ajBKttWLEdgdA68Q6dr5s2U=
Subject key identifier:   A2:27:D0:99:FD:4D:D0:93:D0:0C:08:9E:76:BE:5C:3F:83:5D:90:4B
Authority key identifier: 4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C
Certificate issuer:       /CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
Certificate serial:       019D9C2CD5F074E0B9CFE1CACA7925B0E4B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
Manifest number:          0AD5
Signing time:             Fri 17 Apr 2026 16:01:17 +0000
Manifest this update:     Fri 17 Apr 2026 16:01:17 +0000
Manifest next update:     Sat 18 Apr 2026 16:01:17 +0000
Files and hashes:         1: S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl (hash: PxYoUei6352T9OTb0UlY9mCr9J5GYOo9Pvu/eKrYRUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:2c:d5:f0:74:e0:b9:cf:e1:ca:ca:79:25:b0:e4:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
        Validity
            Not Before: Apr 17 16:01:17 2026 GMT
            Not After : Apr 18 16:01:17 2026 GMT
        Subject: CN=a227d099fd4dd093d00c089e76be5c3f835d904b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a7:5b:22:41:e8:9a:e0:a3:be:9c:6d:6b:78:
                    8f:73:45:a7:ab:fd:e3:16:5a:76:db:9b:01:3d:cc:
                    94:f3:8c:0a:d5:8b:79:30:11:b0:cc:f1:ec:e9:90:
                    4d:2b:fd:b6:33:2b:fe:f2:e3:f8:ad:a6:b2:6f:34:
                    3c:a2:ac:a1:c4:16:b3:3e:b2:11:9e:91:af:c3:86:
                    37:dc:16:9d:6d:6b:8c:57:93:c1:eb:95:a4:cf:3c:
                    68:68:cb:57:b7:23:73:cb:c9:36:db:3c:86:c5:ff:
                    ea:c1:28:fe:d8:28:b6:34:94:35:40:34:3c:39:ea:
                    92:4d:7c:f5:f9:c1:78:1a:41:63:5b:33:ef:9f:22:
                    47:61:d2:0d:34:a8:89:19:12:3a:01:b5:06:34:bd:
                    0c:e1:76:13:e3:47:ad:16:b8:64:11:4c:87:e1:05:
                    da:ef:79:08:f4:31:cb:82:c6:9b:a7:2c:cc:4a:2f:
                    9c:a8:a8:91:23:a1:14:61:d1:58:fd:81:89:45:da:
                    f5:c1:3b:5d:bd:f7:c7:90:f7:0d:6e:62:a4:b7:97:
                    a6:8c:d4:08:fa:59:47:6a:76:70:29:b0:74:f1:e1:
                    a1:cb:7b:ec:b6:f2:dd:c2:2b:70:91:fc:c5:77:a6:
                    31:e6:ba:e9:25:c1:b1:e8:dd:35:8e:f3:52:a0:03:
                    49:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:27:D0:99:FD:4D:D0:93:D0:0C:08:9E:76:BE:5C:3F:83:5D:90:4B
            X509v3 Authority Key Identifier:
                keyid:4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:98:fc:7e:67:32:f9:2a:37:25:d4:3c:28:2f:e3:f4:ef:29:
         af:1f:51:63:e3:47:d2:50:90:b7:8e:ba:44:e7:e7:5d:bf:a8:
         75:27:e0:74:2c:1d:86:72:de:60:5e:a7:69:a0:73:b6:9e:68:
         a5:8b:53:8f:33:97:d7:14:a2:12:32:74:be:36:18:40:6e:1b:
         a3:3d:6c:cf:e6:66:76:7b:ad:b6:e8:eb:92:69:d4:23:4c:a7:
         4e:5d:9b:e9:b5:0f:d9:9f:44:c8:e1:39:36:55:92:3b:8b:2d:
         1c:5e:7f:4a:ce:f3:b9:4a:5e:e3:43:4a:16:29:16:4b:f0:ae:
         55:50:6e:56:90:97:97:6c:76:ef:64:38:99:13:3e:a2:e1:7b:
         b8:be:31:0b:75:f7:ab:bb:32:ad:b1:ea:bc:c5:7d:6a:ef:e9:
         1e:3f:2e:5c:b6:b8:eb:fe:bc:44:fb:7c:0c:6c:ca:31:96:16:
         47:70:e1:bf:2f:2e:25:3a:52:f9:c3:18:da:f0:af:c7:75:15:
         d3:93:96:bc:3b:c7:00:4a:b6:ad:ed:6b:bc:99:20:42:23:98:
         ca:c5:74:94:8f:e5:a1:34:10:33:84:d8:0c:f3:fc:f4:c9:93:
         39:0f:84:cd:73:7b:a5:3a:b7:64:61:3e:2a:ff:08:ec:6b:fc:
         c0:f6:be:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLNXwdOC5z+HKynklsOS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiY2NkMGRiNTJmMGVkNGY3M2E2ODFlM2QzNmFiNmMyMzAy
NzdkM2MwHhcNMjYwNDE3MTYwMTE3WhcNMjYwNDE4MTYwMTE3WjAzMTEwLwYDVQQD
EyhhMjI3ZDA5OWZkNGRkMDkzZDAwYzA4OWU3NmJlNWMzZjgzNWQ5MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6dbIkHomuCjvpxta3iPc0Wnq/3j
Flp225sBPcyU84wK1Yt5MBGwzPHs6ZBNK/22Myv+8uP4raaybzQ8oqyhxBazPrIR
npGvw4Y33BadbWuMV5PB65WkzzxoaMtXtyNzy8k22zyGxf/qwSj+2Ci2NJQ1QDQ8
OeqSTXz1+cF4GkFjWzPvnyJHYdINNKiJGRI6AbUGNL0M4XYT40etFrhkEUyH4QXa
73kI9DHLgsabpyzMSi+cqKiRI6EUYdFY/YGJRdr1wTtdvffHkPcNbmKkt5emjNQI
+llHanZwKbB08eGhy3vstvLdwitwkfzFd6Yx5rrpJcGx6N01jvNSoANJewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIn0Jn9TdCT0AwInna+XD+DXZBLMB8GA1UdIwQY
MBaAFEvM0NtS8O1Pc6aB49NqtsIwJ308MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMt
ZjNmMTViMTI2NWJiLzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMtZjNmMTViMTI2NWJi
LzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZJj8fmcy
+So3JdQ8KC/j9O8prx9RY+NH0lCQt466ROfnXb+odSfgdCwdhnLeYF6naaBztp5o
pYtTjzOX1xSiEjJ0vjYYQG4boz1sz+ZmdnuttujrkmnUI0ynTl2b6bUP2Z9EyOE5
NlWSO4stHF5/Ss7zuUpe40NKFikWS/CuVVBuVpCXl2x272Q4mRM+ouF7uL4xC3X3
q7syrbHqvMV9au/pHj8uXLa46/68RPt8DGzKMZYWR3Dhvy8uJTpS+cMY2vCvx3UV
05OWvDvHAEq2re1rvJkgQiOYysV0lI/loTQQM4TYDPP89MmTOQ+EzXN7pTq3ZGE+
Kv8I7Gv8wPa+cQ==
-----END CERTIFICATE-----