Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          6wJnakhXRzsHIKUK4ppYUiPkAHN84UZjrEbJYnLMMNk=
Subject key identifier:   D9:30:DD:AD:96:98:70:FF:C1:C8:65:53:BF:8D:8D:E7:23:B3:A2:9A
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       019D98F52661B4969017CE7CDEAEEA369E47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 01:01:36 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:36 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:36 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: /oq2jAmc/V2CJutM/9yltVzwgWn8MdWd672qZEXt6nk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:26:61:b4:96:90:17:ce:7c:de:ae:ea:36:9e:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Apr 17 01:01:36 2026 GMT
            Not After : Apr 18 01:01:36 2026 GMT
        Subject: CN=d930ddad969870ffc1c86553bf8d8de723b3a29a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6c:bc:df:81:82:35:28:f9:9c:d4:b0:7d:ff:
                    8b:09:5b:a3:ad:d9:95:ef:85:d7:18:20:09:cf:b1:
                    9c:e1:f2:18:7d:87:0c:ff:95:44:98:67:53:c3:b3:
                    18:c7:b0:97:89:4f:7f:4f:cd:54:5c:e5:fb:b4:9f:
                    c3:cc:e4:0a:16:c6:a5:eb:23:d8:36:0c:91:25:92:
                    6b:1d:70:44:02:b2:ba:47:aa:75:f2:c0:d7:3f:ca:
                    31:7d:b6:92:88:55:f9:f9:2b:55:b3:f7:dd:d0:32:
                    c9:fe:91:14:7b:8d:63:cf:e2:ff:bc:87:a8:54:22:
                    98:d2:0c:a8:30:f7:2c:ac:68:9d:0f:40:e4:9e:61:
                    81:ce:c5:4c:b4:9f:5e:0e:d6:1f:d3:9e:5b:c5:57:
                    2e:3c:2a:7f:96:14:1f:44:b6:f1:9e:87:61:d0:ae:
                    8f:92:dc:b6:d3:b7:e7:5b:fa:34:1e:67:25:0b:4c:
                    41:2a:d1:c0:9a:48:13:17:f3:5e:bb:6d:c5:b6:09:
                    12:90:11:5c:17:1d:c7:54:d9:44:ff:e5:ad:62:62:
                    09:d1:e2:8d:eb:6f:8e:00:99:19:c1:50:5f:d4:d7:
                    07:8a:0b:de:f3:3e:a7:98:74:c3:8e:18:f8:e1:78:
                    43:26:71:76:ce:be:c4:b5:ac:d8:9f:7b:5f:ad:a9:
                    05:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:30:DD:AD:96:98:70:FF:C1:C8:65:53:BF:8D:8D:E7:23:B3:A2:9A
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:1f:1f:df:26:e0:62:c1:46:40:d4:34:86:72:c8:01:80:bd:
         7d:77:40:a6:c3:c5:9b:f1:69:25:1e:93:9f:70:23:c8:69:9d:
         b2:d3:82:dd:65:46:a5:0c:dd:67:12:e1:6e:f5:0e:14:b2:d9:
         0b:94:60:bd:2a:66:13:51:7b:2b:bf:ae:45:1d:73:97:4f:4f:
         f5:6f:c6:13:db:c9:fd:f7:8a:4c:3e:f4:0a:22:52:75:d0:f2:
         7f:ac:95:05:39:09:7a:ca:30:83:c2:76:c5:99:96:f1:cb:b6:
         7d:08:d0:23:80:1d:cb:76:44:39:f6:d7:46:ce:36:b7:84:fd:
         60:87:ec:25:9b:06:21:39:40:66:1c:ec:fe:a3:68:60:3f:af:
         c1:e9:4f:db:93:3b:7c:4c:04:30:3c:c2:dd:e7:22:a9:35:f1:
         b3:01:9f:c1:33:05:b9:56:a2:08:e3:c7:be:95:8c:6e:ef:8a:
         b3:d5:4b:7a:63:01:07:59:a1:54:e3:94:d3:95:cc:52:ab:6b:
         86:b6:41:0f:89:68:a6:cb:07:36:05:2f:34:aa:47:4f:09:4e:
         14:f5:f2:9d:d4:c8:20:32:81:16:bd:94:ba:eb:4b:00:46:a4:
         80:d3:03:57:29:18:c4:3e:ba:ba:ce:0a:2a:38:f1:eb:5f:5e:
         3d:8f:a2:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9SZhtJaQF8583q7qNp5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjYwNDE3MDEwMTM2WhcNMjYwNDE4MDEwMTM2WjAzMTEwLwYDVQQD
EyhkOTMwZGRhZDk2OTg3MGZmYzFjODY1NTNiZjhkOGRlNzIzYjNhMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWy834GCNSj5nNSwff+LCVujrdmV
74XXGCAJz7Gc4fIYfYcM/5VEmGdTw7MYx7CXiU9/T81UXOX7tJ/DzOQKFsal6yPY
NgyRJZJrHXBEArK6R6p18sDXP8oxfbaSiFX5+StVs/fd0DLJ/pEUe41jz+L/vIeo
VCKY0gyoMPcsrGidD0DknmGBzsVMtJ9eDtYf055bxVcuPCp/lhQfRLbxnodh0K6P
kty207fnW/o0HmclC0xBKtHAmkgTF/Neu23FtgkSkBFcFx3HVNlE/+WtYmIJ0eKN
62+OAJkZwVBf1NcHigve8z6nmHTDjhj44XhDJnF2zr7EtazYn3tfrakFlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkw3a2WmHD/wchlU7+Njecjs6KaMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHR8f3ybg
YsFGQNQ0hnLIAYC9fXdApsPFm/FpJR6Tn3AjyGmdstOC3WVGpQzdZxLhbvUOFLLZ
C5RgvSpmE1F7K7+uRR1zl09P9W/GE9vJ/feKTD70CiJSddDyf6yVBTkJesowg8J2
xZmW8cu2fQjQI4Ady3ZEOfbXRs42t4T9YIfsJZsGITlAZhzs/qNoYD+vwelP25M7
fEwEMDzC3eciqTXxswGfwTMFuVaiCOPHvpWMbu+Ks9VLemMBB1mhVOOU05XMUqtr
hrZBD4lopssHNgUvNKpHTwlOFPXyndTIIDKBFr2UuutLAEakgNMDVykYxD66us4K
Kjjx619ePY+iTQ==
-----END CERTIFICATE-----