Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
File:                     2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft (raw, json)
Hash identifier:          AAQhS22A8aaUF81tyx4nvlegweaNwdGPgBi/Fl8OyiA=
Subject key identifier:   8F:74:8E:F6:96:8E:8B:9D:78:5C:84:86:53:B7:BD:2B:CA:1D:9B:FF
Authority key identifier: DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F
Certificate issuer:       /CN=dae57631f60adb13f0ae368671ce0f8742f5977f
Certificate serial:       019DA2D2E1B8F0C8EF0D58F3201B94EF4187
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
Manifest number:          18C1
Signing time:             Sat 18 Apr 2026 23:00:22 +0000
Manifest this update:     Sat 18 Apr 2026 23:00:22 +0000
Manifest next update:     Sun 19 Apr 2026 23:00:22 +0000
Files and hashes:         1: 2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl (hash: dEvtwTqfRsQsq4iPxuN1WlDwOA+G6xdtMjFL+p4onCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 23:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:d2:e1:b8:f0:c8:ef:0d:58:f3:20:1b:94:ef:41:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dae57631f60adb13f0ae368671ce0f8742f5977f
        Validity
            Not Before: Apr 18 23:00:22 2026 GMT
            Not After : Apr 19 23:00:22 2026 GMT
        Subject: CN=8f748ef6968e8b9d785c848653b7bd2bca1d9bff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:0f:fc:4e:73:d8:9a:34:f3:2a:46:b3:38:94:
                    1c:41:63:92:cb:4d:65:0f:18:7b:10:3c:92:ba:35:
                    82:98:d6:54:92:3f:d6:94:f2:8e:49:bb:98:1e:b6:
                    d8:d4:13:6b:c6:49:e0:6d:fa:9a:b5:fb:c2:fc:c3:
                    7c:e8:aa:90:81:0b:4b:c8:4f:63:93:a2:e8:40:de:
                    f3:9c:f6:f2:c9:7f:fd:99:59:83:b5:20:94:76:56:
                    e1:a2:19:06:78:87:83:d9:ea:a9:9e:0c:fd:80:69:
                    29:06:ec:2c:d2:e2:c8:12:17:73:8d:34:d5:26:b8:
                    0e:af:27:b6:de:92:03:e8:a3:ac:12:43:08:fe:bb:
                    ac:90:6f:4e:24:ca:1d:38:9f:ae:11:1d:b9:76:ad:
                    a9:91:73:7b:90:85:8e:ab:7c:2f:24:3a:8c:1a:0f:
                    a9:34:07:0f:d2:9e:88:e0:e2:12:3c:1c:69:d8:43:
                    d0:80:46:14:5c:ac:05:38:e9:28:f8:09:4c:6e:01:
                    a0:50:3c:74:ff:23:91:ba:ce:0f:1f:fe:dd:f8:c4:
                    c4:13:d6:9e:3f:4a:af:49:6c:71:06:61:e6:cf:49:
                    f4:cd:08:44:22:b3:2f:43:68:7d:74:88:5a:b8:f5:
                    ee:af:1d:32:d8:a8:b2:e5:8e:92:66:20:a5:b8:7f:
                    72:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:74:8E:F6:96:8E:8B:9D:78:5C:84:86:53:B7:BD:2B:CA:1D:9B:FF
            X509v3 Authority Key Identifier:
                keyid:DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:a7:c0:c3:5c:f6:45:71:ce:b1:27:d8:0b:d6:1b:32:7c:f8:
         dd:57:f7:f7:e3:31:f5:cc:99:ca:46:32:1f:00:a1:cd:84:b5:
         a5:73:6e:69:64:63:c0:6b:a3:ee:8f:92:77:7c:0f:c2:13:d6:
         a3:2f:d2:08:01:aa:9a:8b:f1:ca:c9:d6:ab:fe:26:3e:95:5d:
         ba:90:01:a1:b8:2e:d0:56:06:93:e9:6b:d6:fb:53:09:c1:63:
         f7:4c:4c:cb:6b:35:d7:b1:d2:33:0a:b2:25:b7:b3:33:ef:1b:
         71:e8:40:64:03:e9:c1:14:2f:22:4f:3c:fa:da:51:44:76:12:
         ef:a6:83:f1:5d:04:ae:7b:f6:18:44:27:92:bf:95:60:7f:56:
         d2:1c:92:5b:cf:84:cf:ad:db:9f:bd:68:f2:77:c7:c2:fa:9d:
         1b:97:71:f4:20:37:36:16:09:71:43:95:bb:fc:da:d2:b6:79:
         50:69:93:4a:5f:58:04:77:eb:9c:2f:d4:59:be:81:8a:e7:44:
         6f:64:bd:8e:8f:ad:0a:99:24:ca:78:c3:50:38:1f:3e:f9:b3:
         ce:0a:46:08:f2:ec:c6:e1:33:67:06:ea:32:a7:28:0a:2c:b6:
         dd:03:6e:5b:14:d6:cb:45:b3:ba:a6:5e:7d:7b:48:ed:79:86:
         cf:ff:36:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2i0uG48MjvDVjzIBuU70GHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTU3NjMxZjYwYWRiMTNmMGFlMzY4NjcxY2UwZjg3NDJm
NTk3N2YwHhcNMjYwNDE4MjMwMDIyWhcNMjYwNDE5MjMwMDIyWjAzMTEwLwYDVQQD
Eyg4Zjc0OGVmNjk2OGU4YjlkNzg1Yzg0ODY1M2I3YmQyYmNhMWQ5YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6A/8TnPYmjTzKkazOJQcQWOSy01l
Dxh7EDySujWCmNZUkj/WlPKOSbuYHrbY1BNrxkngbfqatfvC/MN86KqQgQtLyE9j
k6LoQN7znPbyyX/9mVmDtSCUdlbhohkGeIeD2eqpngz9gGkpBuws0uLIEhdzjTTV
JrgOrye23pID6KOsEkMI/ruskG9OJModOJ+uER25dq2pkXN7kIWOq3wvJDqMGg+p
NAcP0p6I4OISPBxp2EPQgEYUXKwFOOko+AlMbgGgUDx0/yORus4PH/7d+MTEE9ae
P0qvSWxxBmHmz0n0zQhEIrMvQ2h9dIhauPXurx0y2Kiy5Y6SZiCluH9ypwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI90jvaWjoudeFyEhlO3vSvKHZv/MB8GA1UdIwQY
MBaAFNrldjH2CtsT8K42hnHOD4dC9Zd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEt
NDM5ZjM2ZTE2NTNhLzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEtNDM5ZjM2ZTE2NTNh
LzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfafAw1z2
RXHOsSfYC9YbMnz43Vf39+Mx9cyZykYyHwChzYS1pXNuaWRjwGuj7o+Sd3wPwhPW
oy/SCAGqmovxysnWq/4mPpVdupABobgu0FYGk+lr1vtTCcFj90xMy2s117HSMwqy
JbezM+8bcehAZAPpwRQvIk88+tpRRHYS76aD8V0Ernv2GEQnkr+VYH9W0hySW8+E
z63bn71o8nfHwvqdG5dx9CA3NhYJcUOVu/za0rZ5UGmTSl9YBHfrnC/UWb6BiudE
b2S9jo+tCpkkynjDUDgfPvmzzgpGCPLsxuEzZwbqMqcoCiy23QNuWxTWy0WzuqZe
fXtI7XmGz/82mg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:45:02 2026 by rpki-client