Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
File:                     4UYAGfiAaeNhThUQkhzH5E0cq-I.mft (raw, json)
Hash identifier:          ESMIV4lAfCYcxU936gfB6uUO2pu3P1J9IvFqJmR+2Cw=
Subject key identifier:   13:53:99:EF:38:0D:36:12:22:D8:95:11:F7:B2:1D:FD:F2:72:39:FC
Authority key identifier: E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2
Certificate issuer:       /CN=e1460019f88069e3614e1510921cc7e44d1cabe2
Certificate serial:       019D2996C950F1C7FED4924D98E86A88A9CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 10:00:40 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:40 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:40 +0000
Files and hashes:         1: 4UYAGfiAaeNhThUQkhzH5E0cq-I.crl (hash: yuld+qexYHmFGZqjeChA2zmfhI0oM0duBp7spLMdk8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:c9:50:f1:c7:fe:d4:92:4d:98:e8:6a:88:a9:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1460019f88069e3614e1510921cc7e44d1cabe2
        Validity
            Not Before: Mar 26 10:00:40 2026 GMT
            Not After : Mar 27 10:00:40 2026 GMT
        Subject: CN=135399ef380d361222d89511f7b21dfdf27239fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b1:95:c2:9d:7a:ae:9f:0e:d8:7a:d8:38:29:
                    fa:53:d1:5c:f9:c9:09:5e:e1:7d:9a:a6:c3:4a:2f:
                    a1:3f:b0:96:7a:e6:5c:c7:d5:f5:07:d9:f5:57:d0:
                    f6:e1:d2:08:99:22:55:94:bb:bb:cb:f4:ab:ff:c5:
                    cf:ec:22:0d:47:88:37:a7:e3:42:f1:f8:91:f5:8c:
                    eb:27:f9:40:b7:c2:49:c2:0d:63:56:92:dd:a3:4c:
                    6d:3c:6b:98:05:f3:ad:7a:d1:95:2e:0f:ca:2b:7f:
                    39:95:92:3f:1b:5c:b0:5e:4e:ca:68:fe:3e:1f:2f:
                    4d:82:e9:73:df:67:92:25:7e:49:a2:32:ab:22:c9:
                    5e:33:ee:ff:c2:be:9b:10:f2:fc:28:cb:42:71:a8:
                    f5:7d:21:cc:dc:28:c4:e3:59:98:e8:dd:b4:3d:73:
                    e3:d5:5f:c4:bb:f8:aa:1b:c5:df:b0:b1:b3:0e:34:
                    67:e8:2a:e6:6e:32:2d:1c:56:9f:01:b3:9e:e5:c0:
                    69:2b:57:6a:57:fd:31:ed:3d:d0:5e:37:95:d3:e7:
                    c6:96:b4:74:3b:3e:e7:34:4c:dd:4c:b3:79:91:d2:
                    57:14:39:74:ed:54:09:3e:de:63:0d:fc:65:b1:58:
                    15:3b:6e:40:02:ee:99:af:50:5a:67:82:8a:80:a7:
                    13:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:53:99:EF:38:0D:36:12:22:D8:95:11:F7:B2:1D:FD:F2:72:39:FC
            X509v3 Authority Key Identifier:
                keyid:E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:59:e0:47:22:69:d6:f8:86:61:3c:ae:1c:20:96:90:d6:57:
         5a:0d:f2:d9:be:fe:1c:30:f1:33:0f:ab:90:76:b4:b4:5f:ce:
         47:b0:e3:4e:22:25:a7:07:77:e5:a8:c3:9b:43:2c:ae:e7:73:
         29:e1:52:95:51:e9:67:bf:e4:ca:01:63:e9:5c:a5:69:94:4b:
         59:da:66:0e:de:9d:ac:03:59:92:db:e8:4c:6f:86:af:59:e7:
         0b:37:c8:e8:2c:79:b2:b0:d5:b2:76:9f:da:ba:39:36:77:86:
         83:28:7f:4e:c8:43:0d:e5:49:cd:80:c4:2c:5b:6a:28:c5:9c:
         84:bb:5d:3e:74:7d:42:9f:1b:33:e5:80:0a:de:a4:06:fc:45:
         01:e5:48:97:f0:82:aa:ac:aa:80:9e:a5:f6:49:12:5e:e9:50:
         78:a2:88:ff:31:8d:e4:86:35:c6:4f:cc:77:cb:be:5f:64:53:
         e8:ec:87:d9:1d:eb:55:81:34:8b:7f:a1:2c:32:d4:fa:07:38:
         b4:e3:a4:5f:b3:50:58:66:01:ff:d0:c5:3d:1b:03:66:ad:9c:
         ff:c9:a9:8e:6c:3c:a2:8a:14:d4:f2:fc:55:d2:c4:8b:1b:1b:
         4e:48:15:d7:e4:68:c0:d6:1c:d4:83:a3:f7:85:67:55:1c:43:
         c5:16:e6:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plslQ8cf+1JJNmOhqiKnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNDYwMDE5Zjg4MDY5ZTM2MTRlMTUxMDkyMWNjN2U0NGQx
Y2FiZTIwHhcNMjYwMzI2MTAwMDQwWhcNMjYwMzI3MTAwMDQwWjAzMTEwLwYDVQQD
EygxMzUzOTllZjM4MGQzNjEyMjJkODk1MTFmN2IyMWRmZGYyNzIzOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7GVwp16rp8O2HrYOCn6U9Fc+ckJ
XuF9mqbDSi+hP7CWeuZcx9X1B9n1V9D24dIImSJVlLu7y/Sr/8XP7CINR4g3p+NC
8fiR9YzrJ/lAt8JJwg1jVpLdo0xtPGuYBfOtetGVLg/KK385lZI/G1ywXk7KaP4+
Hy9Ngulz32eSJX5JojKrIsleM+7/wr6bEPL8KMtCcaj1fSHM3CjE41mY6N20PXPj
1V/Eu/iqG8XfsLGzDjRn6CrmbjItHFafAbOe5cBpK1dqV/0x7T3QXjeV0+fGlrR0
Oz7nNEzdTLN5kdJXFDl07VQJPt5jDfxlsVgVO25AAu6Zr1BaZ4KKgKcTvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNTme84DTYSItiVEfeyHf3ycjn8MB8GA1UdIwQY
MBaAFOFGABn4gGnjYU4VEJIcx+RNHKviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQt
ZmNkMWE2M2M1YzQ1LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQtZmNkMWE2M2M1YzQ1
LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVngRyJp
1viGYTyuHCCWkNZXWg3y2b7+HDDxMw+rkHa0tF/OR7DjTiIlpwd35ajDm0Msrudz
KeFSlVHpZ7/kygFj6VylaZRLWdpmDt6drANZktvoTG+Gr1nnCzfI6Cx5srDVsnaf
2ro5NneGgyh/TshDDeVJzYDELFtqKMWchLtdPnR9Qp8bM+WACt6kBvxFAeVIl/CC
qqyqgJ6l9kkSXulQeKKI/zGN5IY1xk/Md8u+X2RT6OyH2R3rVYE0i3+hLDLU+gc4
tOOkX7NQWGYB/9DFPRsDZq2c/8mpjmw8oooU1PL8VdLEixsbTkgV1+RowNYc1IOj
94VnVRxDxRbmAw==
-----END CERTIFICATE-----