Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          2Lvb1hJ9YF74LId8BGzkj+MjHKp36bFID7uO/8lRNa4=
Subject key identifier:   75:70:45:AC:86:54:FA:9B:61:4C:D6:FC:45:85:47:A7:90:79:93:5A
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019D9A06C431E1ED18DE1D9A084D4B9EED36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          05EB
Signing time:             Fri 17 Apr 2026 06:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 06:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 06:00:27 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: ivFINUDf2I3/F3kxf46T5WTWSo0OXrlpAqxjb5RInto=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:06:c4:31:e1:ed:18:de:1d:9a:08:4d:4b:9e:ed:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Apr 17 06:00:27 2026 GMT
            Not After : Apr 18 06:00:27 2026 GMT
        Subject: CN=757045ac8654fa9b614cd6fc458547a79079935a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:74:c2:52:7e:05:16:03:d7:e9:bf:e0:ba:08:
                    ad:2d:76:87:d7:a2:10:20:6e:b9:5e:ea:3e:a2:ce:
                    4b:16:7e:2b:04:6e:9f:3b:d5:5c:f8:42:4e:7d:e5:
                    2c:cd:e9:09:0a:b4:ca:cc:47:5b:48:1a:e5:43:cb:
                    73:81:dd:b1:53:48:1a:1f:64:c9:91:e6:dd:44:b2:
                    a1:19:49:c1:d6:42:9e:39:aa:4f:29:45:1a:05:68:
                    f1:59:3f:86:f1:45:33:bd:8c:2e:8a:3d:80:a5:f8:
                    9a:ab:c0:4b:58:5c:34:ee:b8:87:d6:5f:8a:97:ad:
                    1e:df:21:16:60:48:e8:8f:5b:6d:94:26:0e:12:6a:
                    dd:8a:83:17:68:d7:42:80:20:b9:5b:3b:c2:29:ae:
                    71:1c:09:d8:c2:f9:12:01:b2:f6:f0:50:69:e7:70:
                    c7:3e:4a:0a:5e:08:0a:d8:41:4e:f7:ae:29:c9:4b:
                    b7:65:bd:0a:4c:88:2e:38:b9:14:66:5e:ab:d2:55:
                    ba:7a:96:8e:76:1d:5f:dd:ac:b4:0b:e8:30:d1:9f:
                    41:0d:6a:40:db:84:67:c5:29:55:d0:f9:1d:32:d2:
                    74:27:ce:b0:93:7a:49:50:39:5b:7b:a8:da:02:12:
                    25:e7:9c:c9:e9:9c:8d:d5:24:a3:9d:76:8a:80:52:
                    56:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:70:45:AC:86:54:FA:9B:61:4C:D6:FC:45:85:47:A7:90:79:93:5A
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:70:d8:a6:d0:14:3e:18:6f:d2:8c:dc:7a:4e:a2:0d:2e:3b:
         9a:34:1a:b9:4c:fe:10:52:09:02:c8:43:14:78:8f:01:fc:26:
         52:60:1c:31:70:5d:e2:6e:61:dd:8d:e8:82:d7:11:00:26:e3:
         d8:3b:be:1c:ae:28:f3:9a:2f:d9:a8:03:cc:5d:41:b9:4a:bf:
         82:6d:7d:ed:a6:30:ac:9d:ea:0c:de:9b:ef:7e:9a:a1:00:50:
         ec:63:cb:46:92:f1:08:85:7a:49:5a:ee:e3:d3:92:16:31:ef:
         43:59:0d:a6:83:e9:b1:92:31:54:f1:34:c4:e1:66:11:1a:56:
         65:a6:c5:a8:56:69:87:8c:ed:2b:84:a3:70:d2:61:a1:8d:db:
         2b:9a:d5:00:0f:57:88:bd:6a:b8:fc:69:0e:3f:1b:4a:db:1e:
         8d:cd:8c:02:37:af:35:4f:c2:82:4b:e6:a2:5d:7f:da:2a:20:
         fe:23:e7:9c:60:8f:fb:22:f4:a9:e2:37:b7:7f:9e:d3:79:7e:
         f6:21:51:82:fb:3c:66:c5:98:2a:b7:4b:d0:37:6d:b3:69:4d:
         27:d7:de:26:e5:a3:91:6e:21:ea:46:90:7b:d5:3e:66:72:de:
         16:8d:b1:0b:5a:49:ee:50:b4:94:b1:41:6f:79:39:6a:12:45:
         60:11:e2:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBsQx4e0Y3h2aCE1Lnu02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjYwNDE3MDYwMDI3WhcNMjYwNDE4MDYwMDI3WjAzMTEwLwYDVQQD
Eyg3NTcwNDVhYzg2NTRmYTliNjE0Y2Q2ZmM0NTg1NDdhNzkwNzk5MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXTCUn4FFgPX6b/gugitLXaH16IQ
IG65Xuo+os5LFn4rBG6fO9Vc+EJOfeUszekJCrTKzEdbSBrlQ8tzgd2xU0gaH2TJ
kebdRLKhGUnB1kKeOapPKUUaBWjxWT+G8UUzvYwuij2Apfiaq8BLWFw07riH1l+K
l60e3yEWYEjoj1ttlCYOEmrdioMXaNdCgCC5WzvCKa5xHAnYwvkSAbL28FBp53DH
PkoKXggK2EFO964pyUu3Zb0KTIguOLkUZl6r0lW6epaOdh1f3ay0C+gw0Z9BDWpA
24RnxSlV0PkdMtJ0J86wk3pJUDlbe6jaAhIl55zJ6ZyN1SSjnXaKgFJW/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVwRayGVPqbYUzW/EWFR6eQeZNaMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiXDYptAU
Phhv0ozcek6iDS47mjQauUz+EFIJAshDFHiPAfwmUmAcMXBd4m5h3Y3ogtcRACbj
2Du+HK4o85ov2agDzF1BuUq/gm197aYwrJ3qDN6b736aoQBQ7GPLRpLxCIV6SVru
49OSFjHvQ1kNpoPpsZIxVPE0xOFmERpWZabFqFZph4ztK4SjcNJhoY3bK5rVAA9X
iL1quPxpDj8bStsejc2MAjevNU/Cgkvmol1/2iog/iPnnGCP+yL0qeI3t3+e03l+
9iFRgvs8ZsWYKrdL0Ddts2lNJ9feJuWjkW4h6kaQe9U+ZnLeFo2xC1pJ7lC0lLFB
b3k5ahJFYBHiXw==
-----END CERTIFICATE-----