Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          ixbZBXiviUwyaWjbsSyZzNN2QI1oimjXbEQRfTIbUd0=
Subject key identifier:   40:5E:D2:89:39:F2:0F:79:70:58:FA:77:05:DF:DC:7E:16:9B:25:66
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       019EC25C4B8E21BBDDD0E722B82374C851C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          05AA
Signing time:             Sat 13 Jun 2026 19:01:28 +0000
Manifest this update:     Sat 13 Jun 2026 19:01:28 +0000
Manifest next update:     Sun 14 Jun 2026 19:01:28 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: 0VVD1OVkfKvF7IaHO3gpQMEf/zMe8B0ukbOoPthXfG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:5c:4b:8e:21:bb:dd:d0:e7:22:b8:23:74:c8:51:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Jun 13 19:01:28 2026 GMT
            Not After : Jun 14 19:01:28 2026 GMT
        Subject: CN=405ed28939f20f797058fa7705dfdc7e169b2566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cb:7f:d7:46:16:a9:01:c3:66:17:b7:3b:91:
                    96:ea:3d:88:24:78:71:eb:9f:46:ef:c3:59:21:f5:
                    41:5c:4d:e7:6a:88:78:c1:ca:03:6e:1f:78:6e:bc:
                    4c:da:40:74:68:86:cc:f9:e0:56:25:9f:b8:cb:5e:
                    ad:f8:d5:59:6d:49:88:bf:da:45:91:81:41:fd:63:
                    2e:88:72:6f:95:cd:cc:70:e1:49:c7:8d:78:b3:6b:
                    ad:60:e8:9c:35:6b:9e:04:16:78:68:90:c1:43:82:
                    78:7e:cc:3e:c1:fa:17:e9:04:e6:04:86:43:56:a5:
                    b9:17:b3:ed:26:7b:d3:2a:0a:8a:ae:2f:d2:f4:7d:
                    27:fc:91:e3:a6:1f:99:13:b7:42:6f:ad:f9:73:d0:
                    f0:64:f8:ba:0e:27:69:2f:be:d1:b7:6b:4e:a0:00:
                    45:b3:3c:31:7b:70:ec:e0:f0:b5:bb:cf:68:c7:98:
                    34:fc:c4:0e:63:37:aa:8e:b0:1f:52:67:9f:94:1e:
                    27:ce:4c:7e:2e:f1:1f:c3:8b:22:61:8b:73:99:49:
                    ce:e9:88:3d:5f:15:73:fc:f9:9b:d1:19:bb:6d:70:
                    d9:27:38:88:dd:d0:ac:6a:ad:5f:b8:36:3f:a1:fb:
                    fe:69:88:d3:6b:cb:fb:5d:56:3a:c7:ec:5a:af:db:
                    72:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:5E:D2:89:39:F2:0F:79:70:58:FA:77:05:DF:DC:7E:16:9B:25:66
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:39:7e:f5:76:d6:3e:5d:90:7a:bb:1c:2c:1f:a0:5d:0c:61:
         df:5d:60:8b:c0:8b:fc:96:8b:7d:76:18:68:00:8c:17:5f:54:
         6b:1f:c8:1f:a4:67:4a:ea:e2:b9:c4:33:4a:2a:69:12:bd:74:
         4a:3a:21:b5:ef:47:65:3e:23:bc:c7:b5:9e:9a:e0:24:59:e3:
         6e:26:35:c8:ad:82:c7:57:a2:e4:8a:c1:85:67:67:0f:58:9e:
         63:11:18:7d:2d:75:83:38:04:4f:c2:35:79:0f:04:d0:14:e8:
         77:42:f4:1d:85:40:8d:62:51:23:bf:fc:b2:58:9a:65:0d:c0:
         5b:ff:2d:52:3d:e7:f1:46:f9:01:a9:82:24:6e:d6:d8:30:84:
         ff:3c:54:77:5c:a2:d4:dd:8e:c9:d0:41:44:fc:6b:10:b2:b4:
         c4:f7:7b:66:f5:2e:f7:b7:ef:ad:a2:be:d9:cb:a1:b2:09:b8:
         cf:53:52:96:1e:7d:48:f9:85:3c:14:b1:e3:63:4e:11:41:d3:
         53:61:9e:fe:28:ce:15:f0:6b:5d:14:3c:34:00:09:ce:67:40:
         69:3d:56:73:45:2f:1e:eb:45:f2:c0:5e:df:77:2b:04:ee:19:
         6c:56:eb:37:a4:81:4a:9a:f4:01:83:08:92:8a:54:b2:be:7c:
         23:b3:ce:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CXEuOIbvd0OciuCN0yFHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjYwNjEzMTkwMTI4WhcNMjYwNjE0MTkwMTI4WjAzMTEwLwYDVQQD
Eyg0MDVlZDI4OTM5ZjIwZjc5NzA1OGZhNzcwNWRmZGM3ZTE2OWIyNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMt/10YWqQHDZhe3O5GW6j2IJHhx
659G78NZIfVBXE3naoh4wcoDbh94brxM2kB0aIbM+eBWJZ+4y16t+NVZbUmIv9pF
kYFB/WMuiHJvlc3McOFJx414s2utYOicNWueBBZ4aJDBQ4J4fsw+wfoX6QTmBIZD
VqW5F7PtJnvTKgqKri/S9H0n/JHjph+ZE7dCb635c9DwZPi6DidpL77Rt2tOoABF
szwxe3Ds4PC1u89ox5g0/MQOYzeqjrAfUmeflB4nzkx+LvEfw4siYYtzmUnO6Yg9
XxVz/Pmb0Rm7bXDZJziI3dCsaq1fuDY/ofv+aYjTa8v7XVY6x+xar9tyQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBe0ok58g95cFj6dwXf3H4WmyVmMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjl+9XbW
Pl2QerscLB+gXQxh311gi8CL/JaLfXYYaACMF19Uax/IH6RnSuriucQzSippEr10
Sjohte9HZT4jvMe1nprgJFnjbiY1yK2Cx1ei5IrBhWdnD1ieYxEYfS11gzgET8I1
eQ8E0BTod0L0HYVAjWJRI7/8sliaZQ3AW/8tUj3n8Ub5AamCJG7W2DCE/zxUd1yi
1N2OydBBRPxrELK0xPd7ZvUu97fvraK+2cuhsgm4z1NSlh59SPmFPBSx42NOEUHT
U2Ge/ijOFfBrXRQ8NAAJzmdAaT1Wc0UvHutF8sBe33crBO4ZbFbrN6SBSpr0AYMI
kopUsr58I7POpw==
-----END CERTIFICATE-----