Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
File:                     H83UEOElAi3gfKWWP5L3jo-JSG4.mft (raw, json)
Hash identifier:          p8kImT86l5GieQQw6rS9oyyke9mFI9+yLmGPDCtSJ08=
Subject key identifier:   23:5C:D3:58:08:89:4A:39:57:71:7B:0F:E6:AD:A2:C5:6E:B6:75:17
Authority key identifier: 1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E
Certificate issuer:       /CN=1fcdd410e125022de07ca5963f92f78e8f89486e
Certificate serial:       019D9962FB3E4060EAAF9F2DF875F9B9CEE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 03:01:34 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:34 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:34 +0000
Files and hashes:         1: H83UEOElAi3gfKWWP5L3jo-JSG4.crl (hash: SOd+AJvBPt24Kuh76Dbem4iJB7lORIpRb4J8dDXG6LA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:fb:3e:40:60:ea:af:9f:2d:f8:75:f9:b9:ce:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fcdd410e125022de07ca5963f92f78e8f89486e
        Validity
            Not Before: Apr 17 03:01:34 2026 GMT
            Not After : Apr 18 03:01:34 2026 GMT
        Subject: CN=235cd35808894a3957717b0fe6ada2c56eb67517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:81:58:e8:c8:0d:5a:a3:58:8c:90:6d:38:91:
                    29:6d:3f:93:3d:3b:f5:2b:4d:8e:7e:a7:1c:c7:18:
                    d9:31:bb:e1:2d:97:f8:72:1d:f6:6f:99:d3:e5:cd:
                    6a:4c:b8:05:9a:7f:b3:32:0f:fc:b6:42:7e:bc:e0:
                    dc:6b:be:17:a6:b9:8f:11:43:79:de:30:4e:7c:55:
                    5c:56:21:e1:5f:91:3f:4b:1a:b8:ea:03:ac:5e:36:
                    19:f3:50:05:f5:17:9d:80:5c:c9:0e:69:6c:47:71:
                    77:0e:1d:7d:04:7a:33:96:34:45:72:3e:ef:26:8c:
                    c4:11:6e:24:02:f6:85:b9:8b:d1:66:bf:bd:62:6a:
                    c9:ca:e4:0e:17:e8:64:2a:04:a7:e4:f8:e5:dd:dc:
                    23:de:13:86:31:ac:39:da:09:47:4e:4c:0d:b9:00:
                    54:16:4a:6c:b8:f3:6d:cf:5b:ec:71:1e:03:5b:be:
                    f6:eb:2d:26:33:9a:0e:44:80:6c:f7:51:42:da:81:
                    47:4d:e8:bc:2a:bc:7e:ec:bf:89:7a:0c:6a:4c:25:
                    d2:1a:30:eb:f0:7e:c5:17:39:60:a8:48:03:16:1f:
                    ac:85:23:f4:78:36:b9:55:fb:c2:65:a2:14:75:79:
                    d7:25:91:6c:82:dc:b1:3b:8d:fb:fd:08:18:64:f2:
                    5d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:5C:D3:58:08:89:4A:39:57:71:7B:0F:E6:AD:A2:C5:6E:B6:75:17
            X509v3 Authority Key Identifier:
                keyid:1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a2:b6:d1:8f:db:bb:3c:95:f8:44:af:66:27:d1:14:f3:b4:
         07:4a:5d:e3:47:8b:80:96:c9:83:02:43:78:d3:77:6a:a6:87:
         bf:1e:ea:64:8c:26:91:8b:ac:0d:4f:79:c9:a2:07:52:ac:43:
         69:a4:b6:76:bc:73:0d:73:3e:05:72:aa:6a:5b:e8:c1:2c:02:
         a9:56:19:f5:82:c5:8b:5e:a5:3f:c6:ba:c9:15:e7:79:53:17:
         24:36:10:cc:39:09:60:47:41:fa:b3:8d:97:17:9f:e3:46:5c:
         8d:b2:c7:8b:7a:2d:5a:56:8a:23:7b:e4:ab:b8:d6:e7:dd:b5:
         65:70:c6:e8:b6:46:57:28:dc:eb:d5:33:41:00:c2:93:ab:fa:
         c6:ac:e8:da:5d:08:54:e4:5e:2a:17:8d:ae:ff:b8:08:51:51:
         df:7e:49:dd:5c:38:b0:7e:74:0b:ab:3c:dd:20:e9:41:50:06:
         21:76:50:7e:fa:2c:b4:18:7b:62:67:38:0c:71:66:f9:c7:ee:
         c2:7d:5f:38:de:58:6d:85:39:d2:41:db:0f:a8:89:d7:7d:a6:
         ea:8b:c0:c1:6c:9c:34:d4:57:7b:06:48:e5:e7:6d:6b:ef:2f:
         c5:0e:b6:48:9f:dd:b2:fe:5f:c1:54:46:83:74:30:f9:24:7f:
         86:2e:e6:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYvs+QGDqr58t+HX5uc7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmY2RkNDEwZTEyNTAyMmRlMDdjYTU5NjNmOTJmNzhlOGY4
OTQ4NmUwHhcNMjYwNDE3MDMwMTM0WhcNMjYwNDE4MDMwMTM0WjAzMTEwLwYDVQQD
EygyMzVjZDM1ODA4ODk0YTM5NTc3MTdiMGZlNmFkYTJjNTZlYjY3NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYFY6MgNWqNYjJBtOJEpbT+TPTv1
K02OfqccxxjZMbvhLZf4ch32b5nT5c1qTLgFmn+zMg/8tkJ+vODca74XprmPEUN5
3jBOfFVcViHhX5E/Sxq46gOsXjYZ81AF9RedgFzJDmlsR3F3Dh19BHozljRFcj7v
JozEEW4kAvaFuYvRZr+9YmrJyuQOF+hkKgSn5Pjl3dwj3hOGMaw52glHTkwNuQBU
FkpsuPNtz1vscR4DW7726y0mM5oORIBs91FC2oFHTei8Krx+7L+JegxqTCXSGjDr
8H7FFzlgqEgDFh+shSP0eDa5VfvCZaIUdXnXJZFsgtyxO437/QgYZPJdgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNc01gIiUo5V3F7D+atosVutnUXMB8GA1UdIwQY
MBaAFB/N1BDhJQIt4Hyllj+S946PiUhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUt
YWI2OWRhOGYzN2VjLzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUtYWI2OWRhOGYzN2Vj
LzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKK20Y/b
uzyV+ESvZifRFPO0B0pd40eLgJbJgwJDeNN3aqaHvx7qZIwmkYusDU95yaIHUqxD
aaS2drxzDXM+BXKqalvowSwCqVYZ9YLFi16lP8a6yRXneVMXJDYQzDkJYEdB+rON
lxef40ZcjbLHi3otWlaKI3vkq7jW5921ZXDG6LZGVyjc69UzQQDCk6v6xqzo2l0I
VOReKheNrv+4CFFR335J3Vw4sH50C6s83SDpQVAGIXZQfvostBh7Ymc4DHFm+cfu
wn1fON5YbYU50kHbD6iJ132m6ovAwWycNNRXewZI5edta+8vxQ62SJ/dsv5fwVRG
g3Qw+SR/hi7m8Q==
-----END CERTIFICATE-----