Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
File:                     8j79S9kntM6jMSCiG09zFNy-oXk.mft (raw, json)
Hash identifier:          lPY9oeLeZRjhGNhoAQIaNZBeCKghSPc5+XbSbla3yUQ=
Subject key identifier:   1C:F6:20:BD:80:5C:6B:BE:3F:8E:D2:C4:6A:63:0C:D9:C4:A0:F0:E9
Authority key identifier: F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79
Certificate issuer:       /CN=f23efd4bd927b4cea33120a21b4f7314dcbea179
Certificate serial:       019DA378F7D1F617DED149B60C4D5DCB7A9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
Manifest number:          106B
Signing time:             Sun 19 Apr 2026 02:01:47 +0000
Manifest this update:     Sun 19 Apr 2026 02:01:47 +0000
Manifest next update:     Mon 20 Apr 2026 02:01:47 +0000
Files and hashes:         1: 8j79S9kntM6jMSCiG09zFNy-oXk.crl (hash: Z5npPn1QSBqsy8vMiIXfPIL2z64xCQrGE313k73Io8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:78:f7:d1:f6:17:de:d1:49:b6:0c:4d:5d:cb:7a:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f23efd4bd927b4cea33120a21b4f7314dcbea179
        Validity
            Not Before: Apr 19 02:01:47 2026 GMT
            Not After : Apr 20 02:01:47 2026 GMT
        Subject: CN=1cf620bd805c6bbe3f8ed2c46a630cd9c4a0f0e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:45:1f:20:24:df:20:1a:b6:6f:55:b5:1a:03:
                    51:99:ea:df:95:1a:af:65:82:5f:e4:6c:4c:d1:10:
                    48:bb:bc:7e:ec:64:50:1e:f6:ac:59:8d:cb:c2:fe:
                    00:13:41:15:b2:2c:3f:b8:6a:c5:86:ac:c3:6b:ad:
                    89:91:1f:e8:eb:ed:13:7a:25:b4:0a:57:0f:a0:e3:
                    c3:ab:83:80:4a:4f:15:90:fe:fa:e4:87:fd:34:d7:
                    04:fb:9f:14:82:99:39:34:34:e2:77:fd:b0:80:5d:
                    15:e0:1b:7a:3a:3b:da:44:38:dd:74:09:43:ed:50:
                    a0:b7:7e:77:85:e3:18:2a:6f:53:27:8f:ce:db:38:
                    4a:9a:b3:cd:3f:80:f8:e6:5e:8c:b4:00:29:92:b0:
                    8f:3d:67:96:79:aa:3d:7b:25:3d:ff:31:b6:f0:69:
                    c3:c6:97:91:83:db:36:25:63:66:ef:fc:e3:3e:a0:
                    3e:ce:12:e5:7d:28:4c:c9:9e:dd:c5:63:96:b4:fe:
                    b9:c7:5c:82:bd:66:47:4c:af:c0:83:11:e6:0a:bb:
                    f3:29:29:13:5c:12:5d:a0:1a:66:9f:31:1c:eb:92:
                    cc:71:a4:08:28:73:3b:ed:5f:44:4c:6e:73:73:b3:
                    9a:e9:ab:98:c3:bd:92:1b:2d:d3:54:b8:05:47:5e:
                    eb:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F6:20:BD:80:5C:6B:BE:3F:8E:D2:C4:6A:63:0C:D9:C4:A0:F0:E9
            X509v3 Authority Key Identifier:
                keyid:F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:1b:8d:87:22:6d:b8:8e:37:81:de:0b:38:1d:3f:f2:c0:e8:
         38:55:5a:4e:8f:d1:33:5b:1d:32:c7:59:07:74:d4:40:1b:f2:
         b1:5f:5e:02:0d:af:bc:cb:a5:12:a7:ef:a6:60:b1:fd:90:cc:
         40:17:84:14:97:77:5f:f0:45:c9:4b:c3:22:8b:b3:71:38:14:
         87:5e:99:91:47:d9:d4:cd:cb:24:ef:94:26:98:d3:5d:a1:ae:
         5e:bd:9c:e4:8a:f1:c8:16:ad:3b:8e:e2:7c:77:e5:ad:2a:f2:
         ec:84:ef:41:e7:37:fd:72:2b:d0:92:e2:74:ea:3a:1b:cc:d1:
         62:30:79:ae:bd:85:fe:15:f1:3b:ca:14:34:63:c9:21:b1:bc:
         89:33:18:e0:19:ad:ee:05:66:e9:cf:15:94:cd:7c:99:c4:4c:
         23:5e:fc:f3:39:04:68:66:8f:b6:80:3e:f0:c1:cf:51:16:50:
         d9:38:2a:4e:bb:0a:c5:15:86:11:86:c4:e3:af:0b:50:cc:05:
         e2:6a:10:64:b5:39:ee:5e:bb:bf:70:5f:1f:68:b8:0d:0e:86:
         2d:f8:a2:da:08:de:ec:ee:13:94:b7:39:bf:48:59:fb:e4:e9:
         73:52:58:f3:da:9f:88:70:f8:88:67:3a:25:11:e7:3f:47:1b:
         9f:4c:08:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jePfR9hfe0Um2DE1dy3qaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyM2VmZDRiZDkyN2I0Y2VhMzMxMjBhMjFiNGY3MzE0ZGNi
ZWExNzkwHhcNMjYwNDE5MDIwMTQ3WhcNMjYwNDIwMDIwMTQ3WjAzMTEwLwYDVQQD
EygxY2Y2MjBiZDgwNWM2YmJlM2Y4ZWQyYzQ2YTYzMGNkOWM0YTBmMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskUfICTfIBq2b1W1GgNRmerflRqv
ZYJf5GxM0RBIu7x+7GRQHvasWY3Lwv4AE0EVsiw/uGrFhqzDa62JkR/o6+0TeiW0
ClcPoOPDq4OASk8VkP765If9NNcE+58Ugpk5NDTid/2wgF0V4Bt6OjvaRDjddAlD
7VCgt353heMYKm9TJ4/O2zhKmrPNP4D45l6MtAApkrCPPWeWeao9eyU9/zG28GnD
xpeRg9s2JWNm7/zjPqA+zhLlfShMyZ7dxWOWtP65x1yCvWZHTK/AgxHmCrvzKSkT
XBJdoBpmnzEc65LMcaQIKHM77V9ETG5zc7Oa6auYw72SGy3TVLgFR17r/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBz2IL2AXGu+P47SxGpjDNnEoPDpMB8GA1UdIwQY
MBaAFPI+/UvZJ7TOozEgohtPcxTcvqF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTIt
ZDJjOGE2NWFhY2ZlLzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTItZDJjOGE2NWFhY2Zl
LzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdxuNhyJt
uI43gd4LOB0/8sDoOFVaTo/RM1sdMsdZB3TUQBvysV9eAg2vvMulEqfvpmCx/ZDM
QBeEFJd3X/BFyUvDIouzcTgUh16ZkUfZ1M3LJO+UJpjTXaGuXr2c5IrxyBatO47i
fHflrSry7ITvQec3/XIr0JLidOo6G8zRYjB5rr2F/hXxO8oUNGPJIbG8iTMY4Bmt
7gVm6c8VlM18mcRMI1788zkEaGaPtoA+8MHPURZQ2TgqTrsKxRWGEYbE468LUMwF
4moQZLU57l67v3BfH2i4DQ6GLfii2gje7O4TlLc5v0hZ++Tpc1JY89qfiHD4iGc6
JRHnP0cbn0wI3A==
-----END CERTIFICATE-----