Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          97HixCRvL7dlDrjopmem6mZNJCCmvPUfQXSRrGXza/g=
Subject key identifier:   BE:29:0D:6B:DB:08:24:96:24:7C:EB:D7:8E:B2:9C:6F:5B:6B:82:43
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       019D9B515988E011E0EFCE4B2FF74931D6DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 12:01:32 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:32 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:32 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: boUAFs2XTqNF8bKmDa3tToSD/WoBtapOql9VYfFjenA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:59:88:e0:11:e0:ef:ce:4b:2f:f7:49:31:d6:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Apr 17 12:01:32 2026 GMT
            Not After : Apr 18 12:01:32 2026 GMT
        Subject: CN=be290d6bdb082496247cebd78eb29c6f5b6b8243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:ed:da:45:42:d0:d8:38:cf:b2:e5:e7:f2:81:
                    65:7c:ce:4c:88:5a:09:a4:ae:d0:64:bd:0f:f1:68:
                    d1:50:f8:2d:04:fc:a8:17:57:13:0f:b6:b1:98:24:
                    16:ba:4c:1f:bb:f1:00:38:cb:0b:91:6c:da:05:4c:
                    60:9b:34:43:7b:67:3f:d2:c2:17:2e:a8:f2:cc:d8:
                    be:51:9d:10:98:ee:2d:d7:5b:d0:ac:27:37:34:c8:
                    99:45:0f:8f:40:39:5d:7b:4f:35:47:b7:e8:37:56:
                    f5:d5:ca:66:91:7c:d2:40:f7:ca:8e:c4:dc:ba:75:
                    6c:48:d7:86:ca:d9:03:34:47:29:35:d6:ee:c7:35:
                    3d:f4:3b:97:d2:d8:58:0f:05:8c:41:74:9c:59:dd:
                    2e:58:ea:78:d0:a5:9e:13:75:3a:48:51:52:1a:5d:
                    6a:93:96:0d:bb:16:f6:64:ee:fb:05:04:ef:25:68:
                    e4:bf:d1:d1:99:f1:99:50:78:2d:e5:e4:0e:00:90:
                    b2:97:ba:d8:ea:6f:9f:bb:5a:86:0d:7d:15:83:ae:
                    a3:66:a4:79:c4:df:62:3a:fa:c8:a2:33:4a:8f:5d:
                    02:e6:30:48:38:08:50:0a:92:2e:6b:c8:4b:4e:83:
                    bc:70:05:3a:0e:41:d3:51:39:0a:34:0f:6c:8c:94:
                    44:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:29:0D:6B:DB:08:24:96:24:7C:EB:D7:8E:B2:9C:6F:5B:6B:82:43
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:26:1f:f2:8e:a8:e3:fd:91:9d:d7:85:6b:a3:cb:23:1e:2c:
         03:38:af:82:fb:a3:a4:ba:7a:8f:18:ae:26:55:d0:a3:b3:67:
         42:6b:9a:94:1e:1d:1d:d3:c7:e0:ee:18:11:27:f4:91:e8:8d:
         3d:5c:c3:8c:44:50:c4:32:45:19:b4:26:17:0f:91:14:72:41:
         47:51:4e:be:6d:01:f5:8c:98:0c:50:d4:5e:62:bf:d4:3a:96:
         d7:ea:4d:9f:c8:71:e4:36:e8:73:63:9d:f3:ee:0f:13:4f:80:
         51:0a:20:ea:12:89:20:ba:75:ba:87:47:f6:7b:20:d4:6e:f5:
         a4:27:a3:8c:56:7b:3f:b7:67:47:f8:f7:95:fe:90:36:bf:a2:
         f0:a8:a1:f1:69:cc:c2:a8:2c:3e:ee:a3:ea:6d:72:c3:eb:d9:
         29:9c:01:2a:fd:ab:78:66:b2:58:af:92:4e:96:7b:d3:09:0f:
         21:af:8b:40:9a:cb:c5:3e:76:fb:29:26:25:7e:67:67:6b:dd:
         78:4d:c9:29:17:b0:a3:b9:10:09:cb:b0:ac:b2:7b:07:91:e1:
         a3:71:27:38:0e:95:59:6c:71:49:75:60:2b:c9:0d:3d:c4:a6:
         68:33:1f:1b:d7:93:28:3f:51:6c:ec:ea:23:8c:80:7e:b6:df:
         39:72:f6:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUVmI4BHg785LL/dJMdbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjYwNDE3MTIwMTMyWhcNMjYwNDE4MTIwMTMyWjAzMTEwLwYDVQQD
EyhiZTI5MGQ2YmRiMDgyNDk2MjQ3Y2ViZDc4ZWIyOWM2ZjViNmI4MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwe3aRULQ2DjPsuXn8oFlfM5MiFoJ
pK7QZL0P8WjRUPgtBPyoF1cTD7axmCQWukwfu/EAOMsLkWzaBUxgmzRDe2c/0sIX
LqjyzNi+UZ0QmO4t11vQrCc3NMiZRQ+PQDlde081R7foN1b11cpmkXzSQPfKjsTc
unVsSNeGytkDNEcpNdbuxzU99DuX0thYDwWMQXScWd0uWOp40KWeE3U6SFFSGl1q
k5YNuxb2ZO77BQTvJWjkv9HRmfGZUHgt5eQOAJCyl7rY6m+fu1qGDX0Vg66jZqR5
xN9iOvrIojNKj10C5jBIOAhQCpIua8hLToO8cAU6DkHTUTkKNA9sjJREywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4pDWvbCCSWJHzr146ynG9ba4JDMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABSYf8o6o
4/2RndeFa6PLIx4sAzivgvujpLp6jxiuJlXQo7NnQmualB4dHdPH4O4YESf0keiN
PVzDjERQxDJFGbQmFw+RFHJBR1FOvm0B9YyYDFDUXmK/1DqW1+pNn8hx5Dboc2Od
8+4PE0+AUQog6hKJILp1uodH9nsg1G71pCejjFZ7P7dnR/j3lf6QNr+i8Kih8WnM
wqgsPu6j6m1yw+vZKZwBKv2reGayWK+STpZ70wkPIa+LQJrLxT52+ykmJX5nZ2vd
eE3JKRewo7kQCcuwrLJ7B5Hho3EnOA6VWWxxSXVgK8kNPcSmaDMfG9eTKD9RbOzq
I4yAfrbfOXL2Bw==
-----END CERTIFICATE-----