Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          UG5hATaizKC383VCFEbZIfd1CdG34USkbKl0qRiLC1o=
Subject key identifier:   7A:BE:2F:26:1F:E2:09:30:91:FD:AE:88:C7:BB:6A:A6:77:B4:39:CE
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019DA30A028F90F93215E5BCE236EE08C69F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          07DA
Signing time:             Sun 19 Apr 2026 00:00:35 +0000
Manifest this update:     Sun 19 Apr 2026 00:00:35 +0000
Manifest next update:     Mon 20 Apr 2026 00:00:35 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: Dk/B+atKeml7KTd3okYjZ4gO0e0GGkT1fzKrlzDK+h0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:02:8f:90:f9:32:15:e5:bc:e2:36:ee:08:c6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Apr 19 00:00:35 2026 GMT
            Not After : Apr 20 00:00:35 2026 GMT
        Subject: CN=7abe2f261fe2093091fdae88c7bb6aa677b439ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f7:80:ce:7c:f8:fa:55:37:64:75:27:6e:77:
                    9e:bc:72:e8:2d:d1:47:f4:3e:a8:3d:46:0e:9d:5b:
                    87:d7:38:cc:df:fb:19:44:6e:d5:a7:5f:23:8d:e3:
                    6b:d2:d4:30:5f:bb:7b:f3:aa:d1:1f:98:f5:3b:09:
                    5d:86:a2:2a:2b:36:ba:26:97:21:fc:a9:1a:c0:8b:
                    bd:c1:5a:69:63:90:92:09:d3:26:30:cf:15:41:95:
                    6d:b8:58:77:16:80:62:e0:6c:5c:0a:95:da:68:63:
                    b4:9f:27:63:3d:80:26:9f:b9:d8:f7:eb:75:24:e7:
                    54:59:4d:d7:b2:d9:b5:9a:69:09:e0:eb:a2:5f:56:
                    24:96:b1:a1:2a:19:bd:60:ae:89:37:b1:05:95:a9:
                    a4:68:ad:87:3d:2a:cf:15:59:6b:67:41:1a:03:a4:
                    fc:30:2d:46:3a:cd:6e:d2:86:b4:93:07:06:b2:40:
                    a6:c4:d0:e9:f3:e0:84:06:83:1f:6c:62:6e:ce:7d:
                    39:af:2e:3d:1d:c8:85:ce:be:ce:dc:1a:ff:60:0b:
                    a5:85:e3:17:09:d5:65:31:68:36:34:b9:1f:d0:52:
                    c3:f5:19:d2:b0:e5:4e:25:c4:72:79:39:af:a3:b9:
                    e4:ef:0f:47:cc:b4:eb:1f:be:c0:85:21:d7:91:97:
                    9d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:BE:2F:26:1F:E2:09:30:91:FD:AE:88:C7:BB:6A:A6:77:B4:39:CE
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:3c:98:3c:19:93:04:7a:bd:65:dd:81:0d:97:5a:32:48:15:
         4e:d9:1e:b1:d0:21:24:2d:9e:55:eb:45:99:32:62:8d:5f:0b:
         5a:16:1b:0a:bc:6a:31:62:3e:b4:51:b1:23:33:65:7e:49:6c:
         e5:a8:ea:64:a9:e0:5f:5f:02:d8:79:62:10:28:ce:6d:1c:d8:
         97:3e:e0:ee:32:a9:6d:21:49:58:96:7d:0c:e1:08:b0:57:29:
         48:14:0c:9c:21:f6:cf:4d:c2:5c:7a:a1:fb:f2:4c:db:31:06:
         b1:47:fe:18:c3:63:99:06:06:ce:04:5f:ba:16:c6:26:d6:30:
         5d:d0:f0:c1:dd:63:56:56:df:8f:43:87:96:0e:d9:3a:45:61:
         c3:06:51:3c:0b:f1:f7:4d:83:3a:14:ac:26:8d:82:13:b8:d6:
         19:48:c3:64:69:f7:2a:e1:ce:66:4c:40:b2:10:75:11:44:c3:
         62:d7:92:ef:7c:29:49:df:cb:da:5d:ee:3a:bf:0b:9a:36:0a:
         a2:9c:33:71:35:5e:d8:b4:3b:7a:16:8d:f4:b1:d3:5e:bf:c9:
         8d:97:1e:d2:5d:62:54:ba:e2:b2:d9:e8:c9:a6:2a:a7:18:b1:
         ed:75:b2:8e:4a:74:fc:ab:ba:80:ee:cb:81:00:f8:9f:da:6d:
         b3:1a:54:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCgKPkPkyFeW84jbuCMafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjYwNDE5MDAwMDM1WhcNMjYwNDIwMDAwMDM1WjAzMTEwLwYDVQQD
Eyg3YWJlMmYyNjFmZTIwOTMwOTFmZGFlODhjN2JiNmFhNjc3YjQzOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfeAznz4+lU3ZHUnbneevHLoLdFH
9D6oPUYOnVuH1zjM3/sZRG7Vp18jjeNr0tQwX7t786rRH5j1OwldhqIqKza6Jpch
/KkawIu9wVppY5CSCdMmMM8VQZVtuFh3FoBi4GxcCpXaaGO0nydjPYAmn7nY9+t1
JOdUWU3Xstm1mmkJ4OuiX1YklrGhKhm9YK6JN7EFlamkaK2HPSrPFVlrZ0EaA6T8
MC1GOs1u0oa0kwcGskCmxNDp8+CEBoMfbGJuzn05ry49HciFzr7O3Br/YAulheMX
CdVlMWg2NLkf0FLD9RnSsOVOJcRyeTmvo7nk7w9HzLTrH77AhSHXkZedFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHq+LyYf4gkwkf2uiMe7aqZ3tDnOMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzyYPBmT
BHq9Zd2BDZdaMkgVTtkesdAhJC2eVetFmTJijV8LWhYbCrxqMWI+tFGxIzNlfkls
5ajqZKngX18C2HliECjObRzYlz7g7jKpbSFJWJZ9DOEIsFcpSBQMnCH2z03CXHqh
+/JM2zEGsUf+GMNjmQYGzgRfuhbGJtYwXdDwwd1jVlbfj0OHlg7ZOkVhwwZRPAvx
902DOhSsJo2CE7jWGUjDZGn3KuHOZkxAshB1EUTDYteS73wpSd/L2l3uOr8LmjYK
opwzcTVe2LQ7ehaN9LHTXr/JjZce0l1iVLristnoyaYqpxix7XWyjkp0/Ku6gO7L
gQD4n9ptsxpUNg==
-----END CERTIFICATE-----