Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
File:                     NhIf0uc0bus8H451uTyE-VhB9EY.mft (raw, json)
Hash identifier:          cwXCHVOQdmaoM+bgm6tF8dRTp7iVhCihfBn1awhK2mI=
Subject key identifier:   DC:D7:BD:BF:A4:0C:F5:DC:D4:39:67:53:03:5A:19:21:D5:69:60:8A
Authority key identifier: 36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46
Certificate issuer:       /CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
Certificate serial:       019D9BF59BD97911B8687E5ADDC5AEBEA00A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
Manifest number:          05D9
Signing time:             Fri 17 Apr 2026 15:00:57 +0000
Manifest this update:     Fri 17 Apr 2026 15:00:57 +0000
Manifest next update:     Sat 18 Apr 2026 15:00:57 +0000
Files and hashes:         1: NhIf0uc0bus8H451uTyE-VhB9EY.crl (hash: BCI434cWR030RVEXQB/vw3u+cfLWi4O3+cgJgsCjYsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:47:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:f5:9b:d9:79:11:b8:68:7e:5a:dd:c5:ae:be:a0:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
        Validity
            Not Before: Apr 17 15:00:57 2026 GMT
            Not After : Apr 18 15:00:57 2026 GMT
        Subject: CN=dcd7bdbfa40cf5dcd4396753035a1921d569608a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2c:6a:17:93:97:93:bc:bb:61:ac:69:ec:3e:
                    15:8b:9d:cf:f1:dc:c1:90:99:b5:b8:fd:86:37:0f:
                    ad:c0:21:a0:ab:fe:68:c8:06:52:51:39:bd:75:96:
                    47:5c:7f:75:c1:60:4e:aa:ee:40:cd:a9:77:eb:1b:
                    b8:79:3f:8d:9f:6e:55:21:a5:71:7f:bb:00:75:8a:
                    0c:5b:a5:ea:e5:9a:46:14:36:ef:6d:3b:e9:f3:43:
                    01:41:38:2d:39:1f:b9:83:a9:0c:9c:7f:59:ad:16:
                    82:c4:83:be:ec:73:92:b1:90:e2:1b:9e:1a:2b:e7:
                    3c:cf:a9:ea:70:12:7a:8c:a1:5c:d1:b5:21:62:6c:
                    49:6d:fc:40:3f:99:4f:39:2b:6f:1f:51:15:d4:28:
                    93:c0:d9:85:04:57:e5:db:a4:8d:43:1f:96:66:20:
                    ae:24:b5:63:3e:d3:d4:c6:6d:3a:ea:ad:f7:91:95:
                    f2:cb:b0:60:9d:d1:9e:c9:f2:70:31:30:e6:96:e7:
                    bb:99:2e:9b:6f:e3:2c:ab:71:f7:18:70:ea:ed:e7:
                    c2:01:83:04:a3:57:30:9a:a2:ec:d6:d9:0d:55:7c:
                    bd:9c:6e:05:f1:9e:3d:c8:79:d7:a9:29:09:e9:6f:
                    51:cf:02:a6:8c:80:40:3a:9c:b2:e5:d1:d9:94:2b:
                    a4:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:D7:BD:BF:A4:0C:F5:DC:D4:39:67:53:03:5A:19:21:D5:69:60:8A
            X509v3 Authority Key Identifier:
                keyid:36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:53:ac:ce:8a:df:25:59:21:be:1d:03:df:5f:3e:cc:2d:50:
         49:c0:1a:8c:1c:2b:4c:d6:81:72:d0:04:7f:fe:4a:82:e3:46:
         83:93:b9:86:cd:2c:c8:2e:2f:d9:8e:e3:e5:d3:45:fd:c6:ef:
         67:2a:a7:0f:56:ea:8d:fb:fd:de:c0:a4:19:e7:5b:9a:81:2e:
         d7:07:ae:91:46:ea:35:19:6c:af:ac:54:39:17:dc:87:9f:40:
         ea:c0:cc:2b:be:10:68:72:96:af:7e:1a:4c:7d:b8:0e:39:7d:
         96:35:15:6f:1a:47:cd:9e:d9:8f:10:f2:6c:39:94:a0:41:6b:
         c1:f5:7e:fc:e3:23:91:4b:ae:29:69:8e:23:1b:13:c6:5c:3b:
         01:fb:24:2c:ed:3e:54:25:72:6c:ae:a6:3e:5c:59:06:39:8e:
         ac:df:ee:62:8a:7d:7d:b4:60:8d:3f:d1:ba:4e:ec:c4:2f:29:
         d8:5e:f9:c3:14:b9:96:54:8a:dc:bd:13:8f:48:4f:ea:14:2a:
         cb:6a:00:07:05:2e:cd:e0:05:f4:45:47:e3:02:ae:1e:ad:30:
         c6:4b:de:42:5b:a9:7f:bc:0c:b1:b2:19:64:ca:9c:7d:5e:9b:
         f5:71:ec:10:20:a4:ae:c5:3c:9e:b5:ae:db:4a:6a:9c:44:1c:
         3c:25:11:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2b9ZvZeRG4aH5a3cWuvqAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTIxZmQyZTczNDZlZWIzYzFmOGU3NWI5M2M4NGY5NTg0
MWY0NDYwHhcNMjYwNDE3MTUwMDU3WhcNMjYwNDE4MTUwMDU3WjAzMTEwLwYDVQQD
EyhkY2Q3YmRiZmE0MGNmNWRjZDQzOTY3NTMwMzVhMTkyMWQ1Njk2MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySxqF5OXk7y7Yaxp7D4Vi53P8dzB
kJm1uP2GNw+twCGgq/5oyAZSUTm9dZZHXH91wWBOqu5Azal36xu4eT+Nn25VIaVx
f7sAdYoMW6Xq5ZpGFDbvbTvp80MBQTgtOR+5g6kMnH9ZrRaCxIO+7HOSsZDiG54a
K+c8z6nqcBJ6jKFc0bUhYmxJbfxAP5lPOStvH1EV1CiTwNmFBFfl26SNQx+WZiCu
JLVjPtPUxm066q33kZXyy7BgndGeyfJwMTDmlue7mS6bb+Msq3H3GHDq7efCAYME
o1cwmqLs1tkNVXy9nG4F8Z49yHnXqSkJ6W9RzwKmjIBAOpyy5dHZlCukEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzXvb+kDPXc1DlnUwNaGSHVaWCKMB8GA1UdIwQY
MBaAFDYSH9LnNG7rPB+Odbk8hPlYQfRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQt
YTg5ZTkzN2UyOWQxLzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQtYTg5ZTkzN2UyOWQx
LzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFOszorf
JVkhvh0D318+zC1QScAajBwrTNaBctAEf/5KguNGg5O5hs0syC4v2Y7j5dNF/cbv
ZyqnD1bqjfv93sCkGedbmoEu1weukUbqNRlsr6xUORfch59A6sDMK74QaHKWr34a
TH24Djl9ljUVbxpHzZ7ZjxDybDmUoEFrwfV+/OMjkUuuKWmOIxsTxlw7AfskLO0+
VCVybK6mPlxZBjmOrN/uYop9fbRgjT/Ruk7sxC8p2F75wxS5llSK3L0Tj0hP6hQq
y2oABwUuzeAF9EVH4wKuHq0wxkveQlupf7wMsbIZZMqcfV6b9XHsECCkrsU8nrWu
20pqnEQcPCURIg==
-----END CERTIFICATE-----