Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft
File:                     FyesE93M6XjmP3r186adq0mS1kU.mft (raw, json)
Hash identifier:          /YCdjwlowmjce+ub/U4OCgWfLEUxqHrxgtXJFdOfUL0=
Subject key identifier:   43:72:F4:3F:F1:DC:A9:D9:48:74:C3:04:CD:6C:DA:B4:60:A4:82:19
Authority key identifier: 17:27:AC:13:DD:CC:E9:78:E6:3F:7A:F5:F3:A6:9D:AB:49:92:D6:45
Certificate issuer:       /CN=1727ac13ddcce978e63f7af5f3a69dab4992d645
Certificate serial:       019D99D03B2880872F9BAA92EC84B5A9B22E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyesE93M6XjmP3r186adq0mS1kU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft
Manifest number:          0C20
Signing time:             Fri 17 Apr 2026 05:00:53 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:53 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:53 +0000
Files and hashes:         1: FyesE93M6XjmP3r186adq0mS1kU.crl (hash: EMELDnJh5GMKuR762s1DCXbTkmtT/e9E6QT0p6DxAWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FyesE93M6XjmP3r186adq0mS1kU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:3b:28:80:87:2f:9b:aa:92:ec:84:b5:a9:b2:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1727ac13ddcce978e63f7af5f3a69dab4992d645
        Validity
            Not Before: Apr 17 05:00:53 2026 GMT
            Not After : Apr 18 05:00:53 2026 GMT
        Subject: CN=4372f43ff1dca9d94874c304cd6cdab460a48219
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7b:ec:1b:cc:59:a0:0b:b5:99:4e:e4:e4:85:
                    ef:51:47:d8:bf:c0:66:ba:87:78:de:66:c8:36:ef:
                    a6:c1:a6:dc:fe:a8:1d:58:97:05:8d:39:4d:cc:2c:
                    da:02:eb:7e:ab:e5:7a:00:20:0d:1f:25:fd:fd:39:
                    a1:2b:94:c7:ee:9c:12:6a:ca:f9:75:df:d3:0a:f6:
                    18:94:11:de:b5:0e:7a:a9:78:ab:ba:13:d4:34:5e:
                    98:6b:58:f2:a9:be:c2:08:8f:4a:78:07:f7:0a:fe:
                    67:b0:c5:2b:6f:be:34:35:8f:b7:7c:ae:04:0d:ea:
                    cb:91:48:0e:e6:8f:17:eb:f7:be:38:9d:04:88:48:
                    6b:9d:f9:f5:2c:3a:ef:af:98:ed:29:59:95:e3:e7:
                    b5:9c:13:1f:91:21:02:0b:7c:e9:79:ac:e8:34:58:
                    9a:9f:86:e6:bf:7d:05:c6:5a:e4:d5:81:38:c8:a9:
                    02:03:6c:df:eb:cd:c9:88:75:88:ce:0e:a5:c6:1e:
                    ab:58:05:24:ef:f6:ff:b8:ee:af:e3:59:f6:a5:48:
                    63:f0:48:40:d7:76:9b:42:e7:52:97:03:dd:6b:c5:
                    52:ef:7c:8f:a4:9b:08:41:97:c9:1f:5d:6f:89:24:
                    eb:5a:24:fc:3b:24:65:b6:c6:b2:42:9c:9c:4a:7f:
                    0d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:72:F4:3F:F1:DC:A9:D9:48:74:C3:04:CD:6C:DA:B4:60:A4:82:19
            X509v3 Authority Key Identifier:
                keyid:17:27:AC:13:DD:CC:E9:78:E6:3F:7A:F5:F3:A6:9D:AB:49:92:D6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyesE93M6XjmP3r186adq0mS1kU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:0e:f4:fc:71:8e:7d:a1:d4:87:25:28:b2:22:9c:96:43:e2:
         ab:1e:c5:10:e4:39:e0:14:3c:08:ee:5b:9c:e0:a4:62:f6:ff:
         0e:09:0e:81:23:a5:c0:9b:66:f1:10:27:c1:a2:a7:d4:4b:fb:
         9e:d3:28:4b:c6:6b:54:09:86:14:22:9f:36:99:42:07:7c:40:
         23:86:29:9a:d7:a9:93:4e:96:a5:3f:95:f7:c2:fa:1e:e5:d2:
         e1:27:80:42:26:ac:07:46:bb:13:4b:ee:55:90:d9:98:ff:9c:
         fd:fc:94:69:0c:00:9d:23:00:12:9a:56:8e:4b:96:01:cc:32:
         04:5a:17:d6:58:54:a0:50:8f:ef:6e:db:4a:ef:a0:56:2e:8d:
         5e:76:d6:18:41:fa:0d:a7:3e:34:7a:a1:c5:27:31:bc:81:03:
         c0:d9:01:cc:94:49:85:2c:3e:71:b5:01:fe:83:2c:d0:f9:be:
         a5:eb:bb:fe:4e:67:78:98:13:10:78:68:c0:87:78:91:08:1a:
         f4:24:8d:68:76:63:fe:58:00:b2:cf:7e:c2:19:36:cc:bd:69:
         b6:53:37:89:da:e0:cb:ce:0b:94:92:38:de:44:1a:47:52:e2:
         7c:1d:b3:03:41:2f:44:cf:62:91:bd:78:b6:b0:3e:be:d1:29:
         cd:59:6d:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0DsogIcvm6qS7IS1qbIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjdhYzEzZGRjY2U5NzhlNjNmN2FmNWYzYTY5ZGFiNDk5
MmQ2NDUwHhcNMjYwNDE3MDUwMDUzWhcNMjYwNDE4MDUwMDUzWjAzMTEwLwYDVQQD
Eyg0MzcyZjQzZmYxZGNhOWQ5NDg3NGMzMDRjZDZjZGFiNDYwYTQ4MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnvsG8xZoAu1mU7k5IXvUUfYv8Bm
uod43mbINu+mwabc/qgdWJcFjTlNzCzaAut+q+V6ACANHyX9/TmhK5TH7pwSasr5
dd/TCvYYlBHetQ56qXiruhPUNF6Ya1jyqb7CCI9KeAf3Cv5nsMUrb740NY+3fK4E
DerLkUgO5o8X6/e+OJ0EiEhrnfn1LDrvr5jtKVmV4+e1nBMfkSECC3zpeazoNFia
n4bmv30Fxlrk1YE4yKkCA2zf683JiHWIzg6lxh6rWAUk7/b/uO6v41n2pUhj8EhA
13abQudSlwPda8VS73yPpJsIQZfJH11viSTrWiT8OyRltsayQpycSn8NIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENy9D/x3KnZSHTDBM1s2rRgpIIZMB8GA1UdIwQY
MBaAFBcnrBPdzOl45j969fOmnatJktZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnllc0U5M002WGptUDNyMTg2YWRxMG1TMWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hNzU3M2ItN2ZlNC00ZGU4LTg4ODIt
NDNiY2RiNzQwMzIzLzEvRnllc0U5M002WGptUDNyMTg2YWRxMG1TMWtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hNzU3M2ItN2ZlNC00ZGU4LTg4ODItNDNiY2RiNzQwMzIz
LzEvRnllc0U5M002WGptUDNyMTg2YWRxMG1TMWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQ70/HGO
faHUhyUosiKclkPiqx7FEOQ54BQ8CO5bnOCkYvb/DgkOgSOlwJtm8RAnwaKn1Ev7
ntMoS8ZrVAmGFCKfNplCB3xAI4Ypmtepk06WpT+V98L6HuXS4SeAQiasB0a7E0vu
VZDZmP+c/fyUaQwAnSMAEppWjkuWAcwyBFoX1lhUoFCP727bSu+gVi6NXnbWGEH6
Dac+NHqhxScxvIEDwNkBzJRJhSw+cbUB/oMs0Pm+peu7/k5neJgTEHhowId4kQga
9CSNaHZj/lgAss9+whk2zL1ptlM3idrgy84LlJI43kQaR1LifB2zA0EvRM9ikb14
trA+vtEpzVlt8Q==
-----END CERTIFICATE-----