Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
File:                     gGM2o7hr9zon3dkGZn6tp1tHxJk.mft (raw, json)
Hash identifier:          x8TNoXxXaAfxIyhLr4AZ+MW9IUdGmgc2RSMRQCoAAi8=
Subject key identifier:   0E:0F:2D:33:E7:E2:C4:F5:30:E4:AB:D2:30:01:D2:EA:A5:98:7E:CA
Authority key identifier: 80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99
Certificate issuer:       /CN=806336a3b86bf73a27ddd906667eada75b47c499
Certificate serial:       019D99D00F0785C772F5B9A6018B8DA899C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
Manifest number:          0E5E
Signing time:             Fri 17 Apr 2026 05:00:42 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:42 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:42 +0000
Files and hashes:         1: gGM2o7hr9zon3dkGZn6tp1tHxJk.crl (hash: zNMGJchcxAEYDdp8WJOfshlxVivHYjzPQiB3jLSxM20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:0f:07:85:c7:72:f5:b9:a6:01:8b:8d:a8:99:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=806336a3b86bf73a27ddd906667eada75b47c499
        Validity
            Not Before: Apr 17 05:00:42 2026 GMT
            Not After : Apr 18 05:00:42 2026 GMT
        Subject: CN=0e0f2d33e7e2c4f530e4abd23001d2eaa5987eca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:b1:3b:a8:4c:7d:7d:55:45:b0:50:49:81:5c:
                    8f:17:61:14:10:fe:74:8d:0c:fc:94:d1:3b:0b:1b:
                    72:b9:06:c3:ce:70:19:75:7e:7d:9c:d6:53:ef:02:
                    cb:9a:0a:47:46:18:18:b6:28:82:c5:5b:e8:e6:d9:
                    9a:80:52:cf:33:e7:cd:94:d6:83:58:3b:68:bc:c4:
                    fa:91:65:96:7b:eb:40:99:d6:29:5d:79:75:62:7d:
                    75:37:39:9b:2c:25:db:9e:34:25:fb:e7:8f:7e:ca:
                    84:79:b1:18:20:23:23:ee:84:41:eb:b2:bf:61:ce:
                    c5:3a:06:0e:3b:9b:43:c4:d4:52:57:2d:20:9b:8a:
                    a3:36:58:6e:41:d2:45:a7:8e:33:53:71:50:e3:9c:
                    20:5d:fe:db:83:6a:e4:ed:c6:7e:76:ae:9a:b0:c2:
                    1b:8b:18:71:63:24:30:e3:b9:78:27:0b:8c:58:25:
                    60:bb:73:8b:af:3b:a2:6a:99:49:25:cd:6e:b1:1a:
                    87:bc:5e:33:b2:23:d5:14:0c:53:f9:c9:b9:d2:6b:
                    42:f8:77:3d:d1:73:92:f9:61:a4:83:66:a2:3a:f0:
                    00:40:ec:e8:d9:18:6a:f5:d4:37:50:85:f9:ce:7c:
                    a5:1c:b4:8b:38:10:61:a9:d6:e7:32:4d:27:0f:47:
                    3e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:0F:2D:33:E7:E2:C4:F5:30:E4:AB:D2:30:01:D2:EA:A5:98:7E:CA
            X509v3 Authority Key Identifier:
                keyid:80:63:36:A3:B8:6B:F7:3A:27:DD:D9:06:66:7E:AD:A7:5B:47:C4:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGM2o7hr9zon3dkGZn6tp1tHxJk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/aa80fc-0d4a-4a97-ab81-09bb596e8454/1/gGM2o7hr9zon3dkGZn6tp1tHxJk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:25:fc:4b:24:f3:fd:65:3d:d4:a6:2b:6d:ea:f9:b8:e6:b3:
         39:ae:13:0b:2f:7f:34:a1:53:3e:a2:a6:32:5b:6b:b0:cb:da:
         5c:ab:9e:81:c1:03:59:0d:c9:d6:b6:b7:5e:61:db:2f:74:49:
         76:84:b8:ff:d0:90:6d:34:46:48:81:85:d6:56:13:d3:c0:c3:
         bf:ce:59:97:fb:80:61:67:e1:f8:4d:a6:36:46:e1:24:e0:08:
         bf:f3:0d:f9:32:7d:0c:62:4c:66:33:a1:b5:67:c7:31:e0:74:
         45:03:ba:6b:5b:37:2b:77:1b:e1:a9:87:90:64:a2:1d:84:db:
         42:a8:23:1c:3b:ef:60:45:d0:23:55:ba:3b:89:cf:3a:a7:28:
         79:e9:59:6b:2d:c2:40:74:41:1a:b8:49:36:da:f1:2c:bf:dc:
         b7:32:20:55:76:87:22:0c:00:03:1d:97:9d:25:31:4e:79:19:
         6e:5d:cb:42:32:38:f5:e6:34:2d:23:58:bc:f6:b9:3e:fa:fe:
         cb:89:e4:43:05:b7:1a:09:12:1e:84:e4:71:8d:13:ee:6c:21:
         8a:e8:41:49:6c:ae:fe:cd:33:be:6a:7d:35:f8:c2:42:39:83:
         c2:13:32:42:7a:3e:b8:38:37:e2:94:35:54:57:4b:75:65:41:
         69:c7:28:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0A8Hhcdy9bmmAYuNqJnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjMzNmEzYjg2YmY3M2EyN2RkZDkwNjY2N2VhZGE3NWI0
N2M0OTkwHhcNMjYwNDE3MDUwMDQyWhcNMjYwNDE4MDUwMDQyWjAzMTEwLwYDVQQD
EygwZTBmMmQzM2U3ZTJjNGY1MzBlNGFiZDIzMDAxZDJlYWE1OTg3ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bE7qEx9fVVFsFBJgVyPF2EUEP50
jQz8lNE7CxtyuQbDznAZdX59nNZT7wLLmgpHRhgYtiiCxVvo5tmagFLPM+fNlNaD
WDtovMT6kWWWe+tAmdYpXXl1Yn11NzmbLCXbnjQl++ePfsqEebEYICMj7oRB67K/
Yc7FOgYOO5tDxNRSVy0gm4qjNlhuQdJFp44zU3FQ45wgXf7bg2rk7cZ+dq6asMIb
ixhxYyQw47l4JwuMWCVgu3OLrzuiaplJJc1usRqHvF4zsiPVFAxT+cm50mtC+Hc9
0XOS+WGkg2aiOvAAQOzo2Rhq9dQ3UIX5znylHLSLOBBhqdbnMk0nD0c+uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4PLTPn4sT1MOSr0jAB0uqlmH7KMB8GA1UdIwQY
MBaAFIBjNqO4a/c6J93ZBmZ+radbR8SZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEt
MDliYjU5NmU4NDU0LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hYTgwZmMtMGQ0YS00YTk3LWFiODEtMDliYjU5NmU4NDU0
LzEvZ0dNMm83aHI5em9uM2RrR1puNnRwMXRIeEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQyX8SyTz
/WU91KYrber5uOazOa4TCy9/NKFTPqKmMltrsMvaXKuegcEDWQ3J1ra3XmHbL3RJ
doS4/9CQbTRGSIGF1lYT08DDv85Zl/uAYWfh+E2mNkbhJOAIv/MN+TJ9DGJMZjOh
tWfHMeB0RQO6a1s3K3cb4amHkGSiHYTbQqgjHDvvYEXQI1W6O4nPOqcoeelZay3C
QHRBGrhJNtrxLL/ctzIgVXaHIgwAAx2XnSUxTnkZbl3LQjI49eY0LSNYvPa5Pvr+
y4nkQwW3GgkSHoTkcY0T7mwhiuhBSWyu/s0zvmp9NfjCQjmDwhMyQno+uDg34pQ1
VFdLdWVBaccoCg==
-----END CERTIFICATE-----