Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft
File:                     EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft (raw, json)
Hash identifier:          yjEie5GlxZHqn8NzP1cJ65DVbXLRwMixYIev0TSLoEw=
Subject key identifier:   4C:E0:53:8C:31:83:8A:D3:F5:D1:A6:23:0B:C5:3F:CD:27:55:38:CC
Authority key identifier: 12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD
Certificate issuer:       /CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
Certificate serial:       019D992B79CFD43817202A8E02E7669FD1EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft
Manifest number:          0ABC
Signing time:             Fri 17 Apr 2026 02:00:56 +0000
Manifest this update:     Fri 17 Apr 2026 02:00:56 +0000
Manifest next update:     Sat 18 Apr 2026 02:00:56 +0000
Files and hashes:         1: EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl (hash: NbAJiBiuVpjArubC8/FAbCYYSfQdu7KSSxDXFOAtJ/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:79:cf:d4:38:17:20:2a:8e:02:e7:66:9f:d1:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
        Validity
            Not Before: Apr 17 02:00:56 2026 GMT
            Not After : Apr 18 02:00:56 2026 GMT
        Subject: CN=4ce0538c31838ad3f5d1a6230bc53fcd275538cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:95:6c:ac:2b:c5:d4:27:7d:58:bd:cd:5e:59:
                    d7:21:38:a4:ff:be:45:5f:ea:94:8f:0f:24:e2:ca:
                    4b:87:d8:ca:c0:51:5a:4a:4e:46:3c:64:cc:bc:92:
                    81:af:d4:8b:ab:87:17:c2:69:22:35:a3:38:58:17:
                    05:e8:09:a1:21:84:98:be:4e:2e:10:dc:1c:34:56:
                    09:03:a7:be:3c:be:8c:53:e2:fa:d4:81:9f:05:d9:
                    04:a1:75:8d:14:e3:b2:0b:c7:ea:b7:24:e2:61:43:
                    c1:cd:99:ae:8d:03:86:c7:f9:09:19:d6:e2:bf:1a:
                    25:4a:ec:e3:58:47:ab:a3:3c:44:70:8d:3f:e3:d7:
                    bf:a5:0c:d1:ca:4d:6c:54:fa:95:cc:f2:e1:3b:3f:
                    1f:da:1a:8f:14:82:33:e2:c6:48:30:10:9c:b0:b3:
                    19:04:d0:18:99:60:2f:8f:25:e1:36:73:31:7e:fc:
                    c6:ce:35:a4:d1:1a:c6:39:96:35:21:ad:f1:9c:be:
                    99:68:0a:6c:55:24:7c:7a:da:ff:ae:a3:a2:b4:16:
                    ea:e9:bd:88:e6:eb:b8:98:bd:23:f5:b2:c0:0a:6f:
                    49:6d:a2:4e:a7:25:16:31:09:c0:d2:50:34:bb:7c:
                    07:6d:80:45:8e:23:a1:27:f5:2e:23:f9:71:29:8b:
                    43:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E0:53:8C:31:83:8A:D3:F5:D1:A6:23:0B:C5:3F:CD:27:55:38:CC
            X509v3 Authority Key Identifier:
                keyid:12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:3d:9c:5b:0b:00:98:e3:a7:65:31:27:16:31:91:50:32:87:
         a0:f0:c8:4a:c9:ed:9c:99:41:db:70:6e:d3:c9:6b:a0:0d:9c:
         55:86:f9:b3:3f:10:9f:54:16:c7:dd:31:0a:b9:08:8b:f5:38:
         11:ec:8e:9c:e2:53:7b:5c:8d:de:ec:a2:ed:09:cb:78:55:c9:
         a7:cc:4e:c3:c4:c3:21:f4:f4:06:9e:7a:fc:c5:dd:49:cf:6b:
         ff:66:5c:7a:e1:a7:1a:8f:5c:33:fb:b3:5b:a9:36:c6:6c:36:
         2a:ed:b0:e6:3a:0c:18:3c:06:b3:f8:00:18:d9:d0:ef:ec:69:
         c4:1c:77:bc:c9:5c:df:c2:af:aa:31:d7:b1:5d:a4:69:43:09:
         98:60:67:23:2c:65:91:4e:be:da:00:e5:c0:ea:e0:a4:d2:71:
         fc:4a:c3:f1:33:a3:03:e1:3a:35:fe:bb:97:bc:4c:91:9a:65:
         2d:7f:e7:a2:5c:84:3e:40:d0:aa:b1:fd:3b:9c:94:0c:f4:9d:
         9d:88:21:cb:47:8d:45:e6:3c:9b:cb:1d:38:ad:b2:21:4d:26:
         cc:eb:b0:c4:68:f2:59:f3:37:7d:19:e1:d9:c7:a6:43:bd:28:
         42:c1:6b:81:8d:17:e0:61:e3:85:0f:91:17:25:a4:88:61:04:
         d7:36:1b:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK3nP1DgXICqOAudmn9HqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOTQ2MmQ0NWI4YWI5NWQ0YzM1YzQwMjY1YjMxYjUyYmYx
ZThkYmQwHhcNMjYwNDE3MDIwMDU2WhcNMjYwNDE4MDIwMDU2WjAzMTEwLwYDVQQD
Eyg0Y2UwNTM4YzMxODM4YWQzZjVkMWE2MjMwYmM1M2ZjZDI3NTUzOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpVsrCvF1Cd9WL3NXlnXITik/75F
X+qUjw8k4spLh9jKwFFaSk5GPGTMvJKBr9SLq4cXwmkiNaM4WBcF6AmhIYSYvk4u
ENwcNFYJA6e+PL6MU+L61IGfBdkEoXWNFOOyC8fqtyTiYUPBzZmujQOGx/kJGdbi
vxolSuzjWEerozxEcI0/49e/pQzRyk1sVPqVzPLhOz8f2hqPFIIz4sZIMBCcsLMZ
BNAYmWAvjyXhNnMxfvzGzjWk0RrGOZY1Ia3xnL6ZaApsVSR8etr/rqOitBbq6b2I
5uu4mL0j9bLACm9JbaJOpyUWMQnA0lA0u3wHbYBFjiOhJ/UuI/lxKYtDMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzgU4wxg4rT9dGmIwvFP80nVTjMMB8GA1UdIwQY
MBaAFBKUYtRbirldTDXEAmWzG1K/Ho29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQt
M2EzODkzMzJmNzlmLzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQtM2EzODkzMzJmNzlm
LzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPT2cWwsA
mOOnZTEnFjGRUDKHoPDISsntnJlB23Bu08lroA2cVYb5sz8Qn1QWx90xCrkIi/U4
EeyOnOJTe1yN3uyi7QnLeFXJp8xOw8TDIfT0Bp56/MXdSc9r/2ZceuGnGo9cM/uz
W6k2xmw2Ku2w5joMGDwGs/gAGNnQ7+xpxBx3vMlc38KvqjHXsV2kaUMJmGBnIyxl
kU6+2gDlwOrgpNJx/ErD8TOjA+E6Nf67l7xMkZplLX/nolyEPkDQqrH9O5yUDPSd
nYghy0eNReY8m8sdOK2yIU0mzOuwxGjyWfM3fRnh2cemQ70oQsFrgY0X4GHjhQ+R
FyWkiGEE1zYbHg==
-----END CERTIFICATE-----