Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
File:                     i6gkldaDsIyIGoGM0B-kL_9v9tE.mft (raw, json)
Hash identifier:          tyd/GqUnlkk8FaOssuFvoi4j4mqfNIpDlIbRPZWw7wM=
Subject key identifier:   02:E7:67:61:2C:16:44:96:C3:DB:65:A4:A4:6C:98:25:ED:B3:1B:7C
Authority key identifier: 8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1
Certificate issuer:       /CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
Certificate serial:       019D9A3EBB3B7FE2A33937C9724538B82922
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
Manifest number:          04B7
Signing time:             Fri 17 Apr 2026 07:01:35 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:35 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:35 +0000
Files and hashes:         1: i6gkldaDsIyIGoGM0B-kL_9v9tE.crl (hash: /QuKZjH534jc0pL/uNOs5B6MThZIvr/2HfWuc4m6bp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:bb:3b:7f:e2:a3:39:37:c9:72:45:38:b8:29:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
        Validity
            Not Before: Apr 17 07:01:35 2026 GMT
            Not After : Apr 18 07:01:35 2026 GMT
        Subject: CN=02e767612c164496c3db65a4a46c9825edb31b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8b:10:25:e1:5b:dd:b9:fc:23:a2:32:5d:b3:
                    c5:9c:bb:d9:89:05:59:66:80:90:0c:cc:07:33:87:
                    d3:e6:ef:fe:e9:79:c5:1f:0e:f5:e7:35:2e:c9:0d:
                    83:15:ff:ea:c1:73:29:b9:63:91:77:2b:38:b9:00:
                    be:36:59:06:66:5b:2e:76:b5:32:03:16:0c:c5:25:
                    9b:65:7d:a2:b3:8c:02:8d:a1:d8:de:b6:0e:1e:7c:
                    6c:aa:d8:e1:4d:8c:c6:d1:8d:f1:9c:98:92:42:64:
                    0e:ad:9a:71:22:80:c1:d9:51:a6:6d:ec:05:5b:b7:
                    e9:af:f9:20:ab:b8:25:83:48:c6:17:8a:54:69:aa:
                    84:35:5b:5e:ea:0f:8d:d8:35:aa:51:4a:ad:08:46:
                    5e:12:44:cd:2e:6f:83:63:93:fd:3e:63:a1:19:8e:
                    d5:12:a2:3c:5b:c6:3c:78:75:fe:9b:c2:9a:fd:14:
                    89:c5:ea:8a:e9:86:46:10:84:2b:70:3f:6e:6f:04:
                    7d:7a:e2:00:c1:5b:48:ca:d3:c2:c0:3c:f6:b1:6a:
                    b5:ac:72:69:9a:df:b5:fa:8b:91:86:cb:09:f6:4a:
                    c2:de:be:4f:9d:a7:b0:34:38:9e:39:a2:43:02:87:
                    ae:02:89:f2:14:66:e9:59:75:70:11:37:7b:3a:a9:
                    1c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:E7:67:61:2C:16:44:96:C3:DB:65:A4:A4:6C:98:25:ED:B3:1B:7C
            X509v3 Authority Key Identifier:
                keyid:8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:0a:5c:71:72:e6:14:2b:aa:f7:1e:93:2f:77:8a:31:46:c9:
         86:fa:9d:f7:7b:21:96:c9:80:5b:a9:64:3f:3e:37:c1:de:09:
         41:bc:41:ef:2d:aa:6a:d2:53:9c:cb:de:c4:38:2d:14:4d:21:
         b9:63:78:cc:40:b8:b2:9d:90:cf:09:5e:32:cc:b8:51:02:25:
         2b:39:56:74:13:7d:a5:f0:10:5b:24:dd:c5:8d:96:23:7f:a1:
         31:f6:c7:c6:8f:b7:4a:9b:3f:f1:49:01:16:1d:e5:ad:30:17:
         e3:ed:d3:fa:e9:4d:3f:e4:bf:51:c5:94:3f:e5:b5:de:2a:3b:
         38:e7:7a:4e:00:3b:96:21:11:03:7a:8b:b4:a1:87:26:01:0f:
         9f:31:56:cb:a1:e8:ce:a5:2a:45:79:43:93:5c:d2:b0:71:4e:
         db:82:7d:c0:fb:b8:7a:bd:a8:ed:ff:fd:a2:22:66:25:50:c6:
         4b:0f:a6:65:06:7f:b0:00:ba:f7:ff:ec:08:62:c4:73:49:78:
         29:55:40:39:53:cd:c5:b4:0a:f8:8d:73:d2:99:94:81:97:44:
         f1:34:84:31:54:39:47:37:b9:6d:94:a7:dc:fe:fc:ae:7b:1d:
         32:84:e8:0c:93:c4:3f:2e:d4:91:91:38:2b:05:55:60:54:22:
         ae:b0:08:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPrs7f+KjOTfJckU4uCkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYTgyNDk1ZDY4M2IwOGM4ODFhODE4Y2QwMWZhNDJmZmY2
ZmY2ZDEwHhcNMjYwNDE3MDcwMTM1WhcNMjYwNDE4MDcwMTM1WjAzMTEwLwYDVQQD
EygwMmU3Njc2MTJjMTY0NDk2YzNkYjY1YTRhNDZjOTgyNWVkYjMxYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjosQJeFb3bn8I6IyXbPFnLvZiQVZ
ZoCQDMwHM4fT5u/+6XnFHw715zUuyQ2DFf/qwXMpuWORdys4uQC+NlkGZlsudrUy
AxYMxSWbZX2is4wCjaHY3rYOHnxsqtjhTYzG0Y3xnJiSQmQOrZpxIoDB2VGmbewF
W7fpr/kgq7glg0jGF4pUaaqENVte6g+N2DWqUUqtCEZeEkTNLm+DY5P9PmOhGY7V
EqI8W8Y8eHX+m8Ka/RSJxeqK6YZGEIQrcD9ubwR9euIAwVtIytPCwDz2sWq1rHJp
mt+1+ouRhssJ9krC3r5PnaewNDieOaJDAoeuAonyFGbpWXVwETd7OqkcHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALnZ2EsFkSWw9tlpKRsmCXtsxt8MB8GA1UdIwQY
MBaAFIuoJJXWg7CMiBqBjNAfpC//b/bRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTkt
YzYyNTBmYjYwOTZlLzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTktYzYyNTBmYjYwOTZl
LzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQpccXLm
FCuq9x6TL3eKMUbJhvqd93shlsmAW6lkPz43wd4JQbxB7y2qatJTnMvexDgtFE0h
uWN4zEC4sp2QzwleMsy4UQIlKzlWdBN9pfAQWyTdxY2WI3+hMfbHxo+3Sps/8UkB
Fh3lrTAX4+3T+ulNP+S/UcWUP+W13io7OOd6TgA7liERA3qLtKGHJgEPnzFWy6Ho
zqUqRXlDk1zSsHFO24J9wPu4er2o7f/9oiJmJVDGSw+mZQZ/sAC69//sCGLEc0l4
KVVAOVPNxbQK+I1z0pmUgZdE8TSEMVQ5Rze5bZSn3P78rnsdMoToDJPEPy7UkZE4
KwVVYFQirrAIFA==
-----END CERTIFICATE-----