Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          pVJVBi233wHMDwCsJjCu8OMZ9ajGvCqQQEYhKGB72mc=
Subject key identifier:   84:E6:0D:39:7D:38:A8:E6:87:D5:17:24:2F:F8:E4:19:DC:A3:B8:8B
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       019DA48B19846A47B1AEABED0D928A82B269
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          18C4
Signing time:             Sun 19 Apr 2026 07:01:12 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:12 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:12 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: dd0VpCzq0fK/UGrHTcfvKEIoUZ1AWypxasqVVsbzNxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:19:84:6a:47:b1:ae:ab:ed:0d:92:8a:82:b2:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Apr 19 07:01:12 2026 GMT
            Not After : Apr 20 07:01:12 2026 GMT
        Subject: CN=84e60d397d38a8e687d517242ff8e419dca3b88b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:5c:ed:4b:bb:ab:6f:79:37:3f:e8:8c:0d:64:
                    22:58:e0:02:5e:3b:32:d3:81:58:e1:f5:76:9d:7f:
                    95:f4:1c:71:76:24:dc:03:a6:c8:0e:48:53:15:46:
                    0a:b7:f6:01:e6:21:15:c2:1d:52:cb:c3:11:b0:bd:
                    01:a2:65:b2:92:de:12:b4:04:e6:0f:39:ab:4f:89:
                    a0:60:50:59:03:b0:f1:e5:79:ea:55:ae:72:1f:94:
                    49:48:1c:26:ae:f4:67:d9:38:81:70:76:19:87:1b:
                    3e:bc:ce:3e:55:a9:10:96:71:20:b4:51:2f:de:6f:
                    83:6d:b0:ec:25:ba:fc:36:97:b5:a3:27:57:95:0d:
                    ff:64:2a:33:09:b4:ef:de:a6:a8:7e:dd:65:25:67:
                    07:29:87:a1:8f:39:9c:27:90:06:e4:cb:8b:5a:f1:
                    96:5c:f1:fe:d6:a9:da:19:ad:f3:91:18:2e:a8:55:
                    92:16:90:df:5a:ea:7a:f1:61:24:39:4d:18:97:8d:
                    f0:5f:8e:cf:fe:ae:6e:f7:11:a6:c3:d3:1b:13:65:
                    1f:54:e7:c3:ba:f8:8a:36:68:e3:a4:b2:8e:82:70:
                    fe:15:19:f6:6a:1d:95:0d:68:ec:d1:66:65:ae:dd:
                    5c:10:f3:6c:45:e8:9c:12:c1:7f:a3:62:54:60:e8:
                    ca:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:E6:0D:39:7D:38:A8:E6:87:D5:17:24:2F:F8:E4:19:DC:A3:B8:8B
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:91:4c:40:c9:d1:e4:80:4d:1f:2e:b3:fc:ab:ca:6f:60:f7:
         25:bb:7d:4c:b4:67:85:c1:46:5f:9d:c5:5a:bd:9f:ac:da:e3:
         33:52:80:6e:2f:80:83:3a:c3:91:be:cc:d0:29:8e:aa:7a:37:
         7b:a6:71:a4:03:c2:ba:7e:d2:2a:09:da:7e:2d:c1:56:ce:eb:
         05:c8:8c:10:01:c0:06:65:19:d8:e5:f8:1b:83:f3:22:23:c6:
         9c:84:88:f4:de:52:7b:c5:d4:e8:ba:58:95:45:2c:f1:72:68:
         79:33:33:a1:40:72:fc:cc:2e:f7:23:cf:4d:b1:e9:2b:5d:aa:
         c2:62:20:da:7f:cb:58:58:25:72:6c:e0:ea:7d:39:ef:d2:b4:
         45:83:a4:9c:63:9f:64:12:b8:0f:cf:23:ca:b4:5a:fb:87:80:
         2e:b8:d7:af:3e:af:6f:24:20:cd:9d:24:fe:3f:a8:ba:5e:8a:
         98:43:5a:19:34:67:a7:52:b4:4b:67:53:3f:84:78:57:56:50:
         a4:2c:ba:8a:07:fa:56:cc:4c:8b:17:e7:17:ab:f9:ad:ec:e0:
         5b:d6:a9:b3:f9:e4:07:b9:5a:a7:fe:07:d6:c0:b2:fa:7d:bc:
         5d:3c:b9:80:24:9e:75:6a:f2:f1:5b:45:5f:ca:1b:79:bf:a0:
         e6:03:10:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kixmEakexrqvtDZKKgrJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjYwNDE5MDcwMTEyWhcNMjYwNDIwMDcwMTEyWjAzMTEwLwYDVQQD
Eyg4NGU2MGQzOTdkMzhhOGU2ODdkNTE3MjQyZmY4ZTQxOWRjYTNiODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1ztS7urb3k3P+iMDWQiWOACXjsy
04FY4fV2nX+V9BxxdiTcA6bIDkhTFUYKt/YB5iEVwh1Sy8MRsL0BomWykt4StATm
DzmrT4mgYFBZA7Dx5XnqVa5yH5RJSBwmrvRn2TiBcHYZhxs+vM4+VakQlnEgtFEv
3m+DbbDsJbr8Npe1oydXlQ3/ZCozCbTv3qaoft1lJWcHKYehjzmcJ5AG5MuLWvGW
XPH+1qnaGa3zkRguqFWSFpDfWup68WEkOU0Yl43wX47P/q5u9xGmw9MbE2UfVOfD
uviKNmjjpLKOgnD+FRn2ah2VDWjs0WZlrt1cEPNsReicEsF/o2JUYOjKbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITmDTl9OKjmh9UXJC/45Bnco7iLMB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAspFMQMnR
5IBNHy6z/KvKb2D3Jbt9TLRnhcFGX53FWr2frNrjM1KAbi+AgzrDkb7M0CmOqno3
e6ZxpAPCun7SKgnafi3BVs7rBciMEAHABmUZ2OX4G4PzIiPGnISI9N5Se8XU6LpY
lUUs8XJoeTMzoUBy/Mwu9yPPTbHpK12qwmIg2n/LWFglcmzg6n0579K0RYOknGOf
ZBK4D88jyrRa+4eALrjXrz6vbyQgzZ0k/j+oul6KmENaGTRnp1K0S2dTP4R4V1ZQ
pCy6igf6VsxMixfnF6v5rezgW9aps/nkB7lap/4H1sCy+n28XTy5gCSedWry8VtF
X8obeb+g5gMQeQ==
-----END CERTIFICATE-----