Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          JJTd3QWYHF0Ws+nBDeisngkQHD/dp3zl81niBaBWKfE=
Subject key identifier:   AD:94:AC:4D:B7:6D:10:61:54:70:B4:ED:10:7A:D1:AA:E3:68:FA:90
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019D9999A261E8A05E393BA81B778A9252B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          058E
Signing time:             Fri 17 Apr 2026 04:01:15 +0000
Manifest this update:     Fri 17 Apr 2026 04:01:15 +0000
Manifest next update:     Sat 18 Apr 2026 04:01:15 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: 9WxhDh8y13DOtX5RCx3gp8Pkfw9Th5vzxTXSwspVAaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:a2:61:e8:a0:5e:39:3b:a8:1b:77:8a:92:52:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Apr 17 04:01:15 2026 GMT
            Not After : Apr 18 04:01:15 2026 GMT
        Subject: CN=ad94ac4db76d10615470b4ed107ad1aae368fa90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:12:6d:ab:93:5b:f0:5a:c9:17:8a:ef:8f:c7:
                    9b:59:bf:d3:3d:a2:2d:7c:02:e4:87:cb:25:38:6a:
                    7d:29:f6:72:f0:f1:a7:92:4e:45:cf:96:0e:6b:80:
                    71:05:82:c4:2a:82:d8:65:7e:06:78:8c:10:3f:12:
                    ef:d0:32:fe:37:eb:89:4d:bc:1b:0c:80:6d:0d:d8:
                    53:52:9e:d0:48:8e:09:77:13:b6:37:99:c5:17:c5:
                    58:54:35:62:99:35:d2:b6:be:e7:ca:ef:be:f2:77:
                    ac:6b:81:b7:27:4f:5c:c3:b9:27:d4:b0:4b:1d:be:
                    db:cb:cb:b2:cc:22:2e:85:17:2c:9f:3c:25:81:89:
                    1d:51:45:9e:d0:d7:12:98:43:29:93:66:eb:27:8a:
                    ca:f4:c2:28:b8:b4:2e:b6:cf:8a:f3:a3:03:97:2b:
                    6a:56:ce:01:58:f8:f9:eb:00:f0:97:11:43:fe:9d:
                    a8:3d:a9:d5:34:74:40:49:70:72:f6:4e:5c:2a:3f:
                    ef:d1:d8:d4:84:76:f5:02:60:d2:07:78:9d:76:6f:
                    f2:92:79:97:ff:f4:cd:42:97:8e:a7:f8:a4:fa:67:
                    a8:f5:d9:c1:8a:0a:29:31:9b:b0:b0:34:97:63:17:
                    42:cf:d2:20:9e:fa:c4:44:2e:f9:c6:86:09:79:b1:
                    f8:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:94:AC:4D:B7:6D:10:61:54:70:B4:ED:10:7A:D1:AA:E3:68:FA:90
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:c0:26:9d:12:5e:36:be:6b:a5:a7:ab:f7:58:93:e9:3e:d9:
         36:9d:aa:19:61:5f:dd:21:b9:50:e8:ba:23:36:92:47:70:56:
         b9:a2:0e:d0:97:61:51:09:1c:74:d8:fa:4a:ec:6c:6a:d6:31:
         3f:b1:81:8b:7c:9c:2e:f4:be:9c:5f:76:bc:22:72:d4:69:15:
         e8:16:12:1f:a2:ae:d4:d2:57:2d:32:dc:4b:89:4e:3d:11:f0:
         aa:fe:7a:d3:47:9d:15:a0:e4:59:77:0b:ae:9e:af:ff:96:f0:
         3c:86:80:5d:c9:c0:a7:78:ce:d2:a3:a9:3c:cc:81:98:2d:9f:
         f7:df:30:bd:03:7e:46:a4:72:78:78:01:59:29:37:a2:a7:8e:
         af:b8:8d:a3:8d:13:89:2a:0e:2f:cf:92:f4:fb:f4:6f:38:ac:
         53:3c:79:92:bb:19:bd:b1:0a:9c:13:9c:f0:9a:60:94:7e:95:
         08:8a:1d:09:22:2f:d8:39:00:0e:9a:dc:c5:8a:94:20:22:5f:
         56:44:0a:06:87:7d:ba:ca:b8:50:2a:51:c9:0a:c8:36:4b:3d:
         f1:e9:43:9e:d5:5b:3f:57:fc:41:6b:15:41:cc:17:7d:9e:7c:
         b8:62:8d:86:9d:b9:f7:1d:dd:0e:8a:07:26:7d:5e:83:42:17:
         b8:4c:ba:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmaJh6KBeOTuoG3eKklK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjYwNDE3MDQwMTE1WhcNMjYwNDE4MDQwMTE1WjAzMTEwLwYDVQQD
EyhhZDk0YWM0ZGI3NmQxMDYxNTQ3MGI0ZWQxMDdhZDFhYWUzNjhmYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhJtq5Nb8FrJF4rvj8ebWb/TPaIt
fALkh8slOGp9KfZy8PGnkk5Fz5YOa4BxBYLEKoLYZX4GeIwQPxLv0DL+N+uJTbwb
DIBtDdhTUp7QSI4JdxO2N5nFF8VYVDVimTXStr7nyu++8nesa4G3J09cw7kn1LBL
Hb7by8uyzCIuhRcsnzwlgYkdUUWe0NcSmEMpk2brJ4rK9MIouLQuts+K86MDlytq
Vs4BWPj56wDwlxFD/p2oPanVNHRASXBy9k5cKj/v0djUhHb1AmDSB3iddm/yknmX
//TNQpeOp/ik+meo9dnBigopMZuwsDSXYxdCz9IgnvrERC75xoYJebH4/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2UrE23bRBhVHC07RB60arjaPqQMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH8AmnRJe
Nr5rpaer91iT6T7ZNp2qGWFf3SG5UOi6IzaSR3BWuaIO0JdhUQkcdNj6SuxsatYx
P7GBi3ycLvS+nF92vCJy1GkV6BYSH6Ku1NJXLTLcS4lOPRHwqv5600edFaDkWXcL
rp6v/5bwPIaAXcnAp3jO0qOpPMyBmC2f998wvQN+RqRyeHgBWSk3oqeOr7iNo40T
iSoOL8+S9Pv0bzisUzx5krsZvbEKnBOc8JpglH6VCIodCSIv2DkADprcxYqUICJf
VkQKBod9usq4UCpRyQrINks98elDntVbP1f8QWsVQcwXfZ58uGKNhp259x3dDooH
Jn1eg0IXuEy6/w==
-----END CERTIFICATE-----