Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          VgaESGnPmxu55AyRNdrwfzqxEN0BMO0Vy03ILmYwWcE=
Subject key identifier:   86:78:9A:C8:4E:94:73:E9:8F:26:62:7E:C2:B3:F2:83:36:ED:07:CD
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019E1E359EB19700B2F294035A439B8B1AE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0992
Signing time:             Tue 12 May 2026 22:01:30 +0000
Manifest this update:     Tue 12 May 2026 22:01:30 +0000
Manifest next update:     Wed 13 May 2026 22:01:30 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: LWnbr9e44cPV3L678APlQ7919KZAUHtDtmeTkPyVo+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:9e:b1:97:00:b2:f2:94:03:5a:43:9b:8b:1a:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: May 12 22:01:30 2026 GMT
            Not After : May 13 22:01:30 2026 GMT
        Subject: CN=86789ac84e9473e98f26627ec2b3f28336ed07cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7f:56:07:77:f1:c5:52:2a:74:8f:6d:2d:c0:
                    56:6e:4f:5e:4c:31:ff:e5:ed:fa:5f:99:10:37:17:
                    50:83:c1:52:5e:9b:0b:5a:92:de:10:2a:1b:e0:b2:
                    88:75:c7:e0:33:68:67:9a:de:18:c7:1d:ba:9f:9d:
                    95:19:c7:ee:19:96:e7:c1:af:45:ee:a8:98:99:58:
                    be:fc:ae:65:71:59:de:11:5e:2b:79:e5:1e:40:5c:
                    18:08:f4:12:91:06:8b:f8:46:66:20:d3:f8:96:26:
                    87:40:6f:ff:27:b4:fc:6f:2e:73:b4:42:db:53:3b:
                    64:bc:22:c3:a8:b3:0f:3f:f1:50:55:a8:46:0a:01:
                    58:cf:f4:91:51:6e:ab:cd:e7:02:16:4a:f6:d6:2b:
                    37:11:4b:27:ed:5d:65:b1:36:aa:b2:72:5b:3c:dc:
                    65:31:45:e3:40:e6:65:71:20:70:8c:20:a7:f0:54:
                    13:d6:70:53:e7:0f:ce:e1:ba:4f:f1:13:91:68:b6:
                    e5:99:26:71:58:4e:fa:8b:2c:2e:ba:59:7d:36:0b:
                    59:7f:86:1d:28:7a:1d:53:fd:86:b6:79:8e:fa:e7:
                    ae:de:02:14:59:ba:a7:3b:7d:8e:de:9e:46:e9:de:
                    5c:55:b4:f2:e4:4b:fe:0a:aa:90:29:0e:8a:1a:36:
                    cd:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:78:9A:C8:4E:94:73:E9:8F:26:62:7E:C2:B3:F2:83:36:ED:07:CD
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:55:36:66:37:09:0b:6d:fa:c7:16:49:37:1c:86:c7:08:a0:
         04:9e:05:61:07:d7:7a:db:d5:7b:46:7a:38:21:f9:a7:5d:7c:
         4d:c7:b3:c1:43:94:25:f8:8e:f6:4d:fc:38:20:6f:c3:f4:47:
         99:05:04:b6:70:63:c6:4b:3d:19:07:36:b2:ba:b5:1b:b2:28:
         14:80:d3:e4:ac:bc:3f:6c:ae:d9:c2:34:82:96:36:7a:00:1e:
         ee:ac:53:af:f9:00:90:d1:d3:17:2f:f8:e1:73:fb:7d:24:fa:
         ea:32:b6:b9:97:f4:ec:66:ad:4d:c8:22:dd:42:28:91:a6:96:
         60:5c:52:3e:ec:85:25:a9:e1:c8:0f:fa:2f:0a:01:4e:96:4f:
         9c:bf:5d:a0:18:ad:e9:a1:f5:2e:78:4a:0c:3f:08:86:32:9e:
         6f:be:ee:43:a9:29:b3:51:e7:fc:c8:c6:4a:e3:e2:49:94:61:
         ad:1e:bd:93:83:ce:ba:4c:97:85:f3:03:00:d9:74:d9:76:31:
         cc:1a:b7:03:58:de:ef:64:54:83:24:a6:00:11:0a:c0:38:96:
         32:0f:1c:2e:10:c7:c9:4c:8e:43:01:3b:6e:93:14:7e:29:de:
         9a:54:f6:25:9c:0b:a8:d3:cd:3d:58:69:08:5a:ff:80:17:3e:
         24:64:86:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNZ6xlwCy8pQDWkObixrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwNTEyMjIwMTMwWhcNMjYwNTEzMjIwMTMwWjAzMTEwLwYDVQQD
Eyg4Njc4OWFjODRlOTQ3M2U5OGYyNjYyN2VjMmIzZjI4MzM2ZWQwN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr39WB3fxxVIqdI9tLcBWbk9eTDH/
5e36X5kQNxdQg8FSXpsLWpLeECob4LKIdcfgM2hnmt4Yxx26n52VGcfuGZbnwa9F
7qiYmVi+/K5lcVneEV4reeUeQFwYCPQSkQaL+EZmINP4liaHQG//J7T8by5ztELb
UztkvCLDqLMPP/FQVahGCgFYz/SRUW6rzecCFkr21is3EUsn7V1lsTaqsnJbPNxl
MUXjQOZlcSBwjCCn8FQT1nBT5w/O4bpP8RORaLblmSZxWE76iywuull9NgtZf4Yd
KHodU/2GtnmO+ueu3gIUWbqnO32O3p5G6d5cVbTy5Ev+CqqQKQ6KGjbNpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZ4mshOlHPpjyZifsKz8oM27QfNMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1U2ZjcJ
C236xxZJNxyGxwigBJ4FYQfXetvVe0Z6OCH5p118TcezwUOUJfiO9k38OCBvw/RH
mQUEtnBjxks9GQc2srq1G7IoFIDT5Ky8P2yu2cI0gpY2egAe7qxTr/kAkNHTFy/4
4XP7fST66jK2uZf07GatTcgi3UIokaaWYFxSPuyFJanhyA/6LwoBTpZPnL9doBit
6aH1LnhKDD8IhjKeb77uQ6kps1Hn/MjGSuPiSZRhrR69k4POukyXhfMDANl02XYx
zBq3A1je72RUgySmABEKwDiWMg8cLhDHyUyOQwE7bpMUfinemlT2JZwLqNPNPVhp
CFr/gBc+JGSGOg==
-----END CERTIFICATE-----