Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
File:                     gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json)
Hash identifier:          W29jIzEWuwJ0zph8sxGnK/QksvBRpuFgATnApYPUsRY=
Subject key identifier:   2D:BE:59:0D:C0:A1:29:C4:C1:D9:DF:EA:CA:8A:6E:44:DD:71:F1:AC
Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66
Certificate issuer:       /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
Certificate serial:       019D98F4E14AEC1B7F9786E8B78D91D0DFEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:18 +0000
Files and hashes:         1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: Qvbo3WQmVJgej9pzQfzO/XfxSRpwEMHU3iXw0Y1aUAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:e1:4a:ec:1b:7f:97:86:e8:b7:8d:91:d0:df:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66
        Validity
            Not Before: Apr 17 01:01:18 2026 GMT
            Not After : Apr 18 01:01:18 2026 GMT
        Subject: CN=2dbe590dc0a129c4c1d9dfeaca8a6e44dd71f1ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:cd:30:cf:06:24:a2:20:64:09:77:04:c7:37:
                    ab:97:c4:bc:b0:36:47:c6:35:3f:4e:d6:ef:28:36:
                    44:f8:4a:38:b3:da:30:1e:ef:ca:0d:9e:e6:fc:e6:
                    f7:5b:65:2f:9c:5d:05:0b:21:aa:d7:15:f8:f9:19:
                    13:77:03:c6:a3:7c:b5:3f:13:60:eb:31:ba:9e:69:
                    dc:43:6a:bb:66:20:6e:47:c5:87:5b:94:7a:da:ad:
                    a2:2b:ac:24:e9:74:d6:b8:30:e7:cc:91:7c:97:05:
                    55:93:00:9e:bb:d5:22:46:96:ff:8a:85:8a:88:89:
                    d0:e9:f6:b7:f2:9f:55:5e:d2:ee:fd:18:f8:20:81:
                    25:c5:c7:2a:6a:4b:c5:1f:fe:d6:f8:78:05:af:77:
                    cb:ee:4d:52:54:83:54:e1:86:df:94:68:18:8f:b8:
                    46:d1:02:39:38:99:84:16:3c:67:29:25:27:ca:3c:
                    e8:94:a3:f0:aa:5e:03:55:f1:a7:f6:31:be:fc:e0:
                    18:06:b7:59:53:dc:33:07:99:9d:3d:fb:ed:40:f8:
                    87:cf:aa:6b:91:3f:5f:a0:73:43:c4:ca:5d:12:1c:
                    95:1e:0a:f3:f6:a6:22:fc:45:5f:32:97:d3:d2:2d:
                    69:96:23:c4:0d:67:8e:99:07:73:8f:ec:cd:f2:a2:
                    01:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:BE:59:0D:C0:A1:29:C4:C1:D9:DF:EA:CA:8A:6E:44:DD:71:F1:AC
            X509v3 Authority Key Identifier:
                keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:18:21:0c:83:3d:17:32:63:dd:d8:56:b9:fc:fb:67:5e:8f:
         40:bc:e5:ac:84:74:20:72:69:6d:ec:74:37:7a:d4:6b:ae:c1:
         af:94:a7:e2:49:07:b4:fd:2a:30:93:d7:ec:3e:4e:e7:97:d2:
         00:7a:82:c9:aa:4d:76:07:59:c2:e3:40:01:84:5d:c8:67:7e:
         bf:b2:36:72:32:8d:a9:d5:ca:af:37:38:83:df:ba:65:76:98:
         24:53:b5:e1:2a:10:e4:be:f7:93:f8:e8:2b:f0:96:87:9e:d7:
         a9:de:10:6e:98:ec:26:72:42:a6:61:e9:c5:c8:5c:99:c5:5f:
         6f:5a:79:d2:cd:6b:7a:07:13:c9:88:f2:6b:a5:be:39:04:21:
         09:81:15:22:7d:f9:73:2b:53:d4:7e:43:a2:c8:e0:a0:e9:24:
         8b:2b:c2:41:36:e6:3a:3e:4a:31:d9:34:86:b0:7d:3f:88:b7:
         73:66:26:fa:c7:8f:f7:de:60:ce:a6:21:b2:99:d7:57:24:fd:
         89:db:61:76:72:9b:e6:92:de:72:a3:7b:41:ff:9d:1a:0c:07:
         45:41:41:8a:4d:3c:20:cb:01:17:9d:8e:b3:61:ba:39:9b:22:
         da:59:42:5f:91:30:64:03:a4:b5:a4:57:3d:41:f0:3c:e4:55:
         7f:05:a2:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9OFK7Bt/l4bot42R0N/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi
NWZhNjYwHhcNMjYwNDE3MDEwMTE4WhcNMjYwNDE4MDEwMTE4WjAzMTEwLwYDVQQD
EygyZGJlNTkwZGMwYTEyOWM0YzFkOWRmZWFjYThhNmU0NGRkNzFmMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5M0wzwYkoiBkCXcExzerl8S8sDZH
xjU/TtbvKDZE+Eo4s9owHu/KDZ7m/Ob3W2UvnF0FCyGq1xX4+RkTdwPGo3y1PxNg
6zG6nmncQ2q7ZiBuR8WHW5R62q2iK6wk6XTWuDDnzJF8lwVVkwCeu9UiRpb/ioWK
iInQ6fa38p9VXtLu/Rj4IIElxccqakvFH/7W+HgFr3fL7k1SVINU4YbflGgYj7hG
0QI5OJmEFjxnKSUnyjzolKPwql4DVfGn9jG+/OAYBrdZU9wzB5mdPfvtQPiHz6pr
kT9foHNDxMpdEhyVHgrz9qYi/EVfMpfT0i1pliPEDWeOmQdzj+zN8qIBWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2+WQ3AoSnEwdnf6sqKbkTdcfGsMB8GA1UdIwQY
MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt
NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz
LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBghDIM9
FzJj3dhWufz7Z16PQLzlrIR0IHJpbex0N3rUa67Br5Sn4kkHtP0qMJPX7D5O55fS
AHqCyapNdgdZwuNAAYRdyGd+v7I2cjKNqdXKrzc4g9+6ZXaYJFO14SoQ5L73k/jo
K/CWh57Xqd4QbpjsJnJCpmHpxchcmcVfb1p50s1regcTyYjya6W+OQQhCYEVIn35
cytT1H5DosjgoOkkiyvCQTbmOj5KMdk0hrB9P4i3c2Ym+seP995gzqYhspnXVyT9
idthdnKb5pLecqN7Qf+dGgwHRUFBik08IMsBF52Os2G6OZsi2llCX5EwZAOktaRX
PUHwPORVfwWiJg==
-----END CERTIFICATE-----