Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
File:                     NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json)
Hash identifier:          VKSERcofdrH8MVr9M9wfqxNbjxkGCsJife9U1kRhbWM=
Subject key identifier:   A7:D8:81:AD:AD:5C:28:B7:44:44:26:99:A8:04:52:93:6C:3F:35:35
Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85
Certificate issuer:       /CN=3466e497e8ba92830847b4d8b6710325d23bda85
Certificate serial:       019D97AAF04E134642CC5241B992A9B73FF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
Manifest number:          091F
Signing time:             Thu 16 Apr 2026 19:00:55 +0000
Manifest this update:     Thu 16 Apr 2026 19:00:55 +0000
Manifest next update:     Fri 17 Apr 2026 19:00:55 +0000
Files and hashes:         1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: 2BbWYKqS/bT9BT4KrZt3YZ4XDGShr8cQinBBtkXXyPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 19:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:aa:f0:4e:13:46:42:cc:52:41:b9:92:a9:b7:3f:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85
        Validity
            Not Before: Apr 16 19:00:55 2026 GMT
            Not After : Apr 17 19:00:55 2026 GMT
        Subject: CN=a7d881adad5c28b744442699a80452936c3f3535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:0f:5b:fa:8d:5c:91:10:f1:f5:62:70:8c:b6:
                    05:15:79:59:6d:78:26:19:61:a7:c1:a2:b5:0c:d9:
                    4d:c2:04:a8:37:b1:a4:1e:63:67:83:1d:8d:39:04:
                    79:55:2f:c6:bf:3a:93:82:15:55:56:e7:1f:1b:41:
                    38:92:bc:18:15:7d:ac:0f:16:96:f7:12:f5:c9:ff:
                    65:79:dd:1d:d4:0f:f9:32:de:c3:8c:56:d4:ef:04:
                    e1:54:5b:83:03:5d:12:7e:be:1d:b4:b9:e8:17:ad:
                    a4:11:04:0c:de:19:9d:08:06:97:0c:c7:fb:34:5a:
                    d9:18:25:59:07:4c:05:4b:11:68:75:bb:70:63:01:
                    38:70:89:6d:32:db:52:3b:b6:3c:a3:80:ba:cc:6c:
                    78:0a:18:d4:fe:76:59:7e:ef:50:e9:38:51:11:54:
                    c2:39:93:da:d4:26:89:e0:e7:57:3d:97:4f:c0:b0:
                    99:e5:21:8b:65:d2:a7:6a:69:6a:6b:ba:21:fb:e4:
                    16:a6:03:76:14:e0:8f:96:77:43:0e:7d:d7:87:a9:
                    94:0e:37:4c:a2:65:b8:f6:d9:b9:b2:65:f1:e7:be:
                    7a:a1:e4:c9:41:51:23:54:e9:e9:0b:78:76:51:c6:
                    db:fa:da:dd:35:c8:be:a0:23:9e:7b:11:dd:67:b9:
                    cb:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D8:81:AD:AD:5C:28:B7:44:44:26:99:A8:04:52:93:6C:3F:35:35
            X509v3 Authority Key Identifier:
                keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:10:82:49:ec:c8:a8:45:98:03:4b:4c:dd:7e:67:9d:8e:fb:
         56:45:b1:9c:72:72:54:ac:a1:f0:7b:c7:77:b8:19:88:9b:ea:
         97:07:9b:39:4d:78:42:76:c4:56:45:e4:8d:14:a1:ab:48:07:
         55:3e:30:3f:38:ac:60:47:dd:f5:44:1d:4d:d0:ba:28:34:27:
         ad:ef:87:8a:e1:54:e7:7d:9f:69:a4:be:10:9b:45:aa:09:b5:
         9f:b7:12:1a:71:d6:fd:07:69:3b:04:43:3f:49:64:bd:4b:e8:
         9c:c0:8b:58:44:7e:83:b6:a8:18:68:73:0e:40:24:44:b8:48:
         80:e7:ae:20:ee:c6:c9:ed:56:e0:25:72:60:8a:c9:7d:f0:0c:
         bb:6f:84:2e:d6:61:27:6f:8d:7a:b6:e7:ac:79:1e:34:09:5d:
         5b:38:ac:6d:82:b8:43:51:9e:7b:b0:82:71:03:98:e8:d5:90:
         32:4c:09:a0:c2:73:a6:9e:08:d3:f2:eb:d9:30:42:3c:7b:48:
         55:10:92:6c:55:31:8a:f5:79:c7:b7:b8:5f:a4:e7:c9:72:20:
         07:72:b4:8d:f6:49:94:b2:a9:10:ff:0e:01:7f:41:1c:ce:c6:
         7d:ab:d7:fb:35:20:a4:b6:70:e1:a8:9e:71:b0:c4:6d:29:d9:
         06:11:0a:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqvBOE0ZCzFJBuZKptz/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz
YmRhODUwHhcNMjYwNDE2MTkwMDU1WhcNMjYwNDE3MTkwMDU1WjAzMTEwLwYDVQQD
EyhhN2Q4ODFhZGFkNWMyOGI3NDQ0NDI2OTlhODA0NTI5MzZjM2YzNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzA9b+o1ckRDx9WJwjLYFFXlZbXgm
GWGnwaK1DNlNwgSoN7GkHmNngx2NOQR5VS/GvzqTghVVVucfG0E4krwYFX2sDxaW
9xL1yf9led0d1A/5Mt7DjFbU7wThVFuDA10Sfr4dtLnoF62kEQQM3hmdCAaXDMf7
NFrZGCVZB0wFSxFodbtwYwE4cIltMttSO7Y8o4C6zGx4ChjU/nZZfu9Q6ThREVTC
OZPa1CaJ4OdXPZdPwLCZ5SGLZdKnamlqa7oh++QWpgN2FOCPlndDDn3Xh6mUDjdM
omW49tm5smXx5756oeTJQVEjVOnpC3h2Ucbb+trdNci+oCOeexHdZ7nLqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfYga2tXCi3REQmmagEUpNsPzU1MB8GA1UdIwQY
MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt
ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm
LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATBCCSezI
qEWYA0tM3X5nnY77VkWxnHJyVKyh8HvHd7gZiJvqlwebOU14QnbEVkXkjRShq0gH
VT4wPzisYEfd9UQdTdC6KDQnre+HiuFU532faaS+EJtFqgm1n7cSGnHW/QdpOwRD
P0lkvUvonMCLWER+g7aoGGhzDkAkRLhIgOeuIO7Gye1W4CVyYIrJffAMu2+ELtZh
J2+NerbnrHkeNAldWzisbYK4Q1Gee7CCcQOY6NWQMkwJoMJzpp4I0/Lr2TBCPHtI
VRCSbFUxivV5x7e4X6TnyXIgB3K0jfZJlLKpEP8OAX9BHM7GfavX+zUgpLZw4aie
cbDEbSnZBhEKjQ==
-----END CERTIFICATE-----