Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          YLgR5ukD4jGnY0ID9zNKfTT0CFRNqMsKm+4DDUOV0MQ=
Subject key identifier:   C3:9E:BE:28:11:E5:0F:CF:38:13:C6:96:48:A1:12:95:29:CF:4F:DE
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019E1E360C64C47606C8E7ECE7E10F72D9C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          1903
Signing time:             Tue 12 May 2026 22:01:58 +0000
Manifest this update:     Tue 12 May 2026 22:01:58 +0000
Manifest next update:     Wed 13 May 2026 22:01:58 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: Ru4vuBqWfMy/DTvc0EIKvIB14tTQDFlgFfxvKKJk3/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:36:0c:64:c4:76:06:c8:e7:ec:e7:e1:0f:72:d9:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: May 12 22:01:58 2026 GMT
            Not After : May 13 22:01:58 2026 GMT
        Subject: CN=c39ebe2811e50fcf3813c69648a1129529cf4fde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a7:46:1f:08:f4:88:9f:bd:bd:6e:80:a0:50:
                    e5:cb:ce:9f:ff:03:df:41:26:5a:27:44:73:9c:f7:
                    3e:91:f6:65:bc:a6:0a:b9:4f:b8:72:70:2a:47:70:
                    7e:65:6b:27:ca:0e:e4:b0:1b:b7:e1:fa:a1:27:9a:
                    72:05:a0:af:79:dd:ce:ab:2a:0e:bc:81:3a:f8:70:
                    62:54:0b:74:8e:04:de:52:87:f8:7a:84:05:d0:c1:
                    0c:ae:a0:38:79:5c:37:c8:75:be:7f:d7:d4:18:d9:
                    0e:6f:58:c9:9a:3e:31:bc:60:1e:05:c3:de:c3:9d:
                    a1:fd:89:e6:75:50:5c:79:ed:36:27:1e:28:c1:2c:
                    b4:77:38:1c:63:36:fd:0e:21:45:16:0f:d0:87:6d:
                    cd:cd:ba:cb:6e:2a:49:48:7a:02:60:a5:5e:65:01:
                    1a:cb:24:15:48:51:c1:dd:31:0a:63:dd:3e:4d:73:
                    99:82:bb:3f:da:60:4b:cb:e7:c9:63:02:dc:fa:7a:
                    52:b8:12:02:5a:79:dd:05:63:67:aa:ec:ac:4b:2a:
                    85:1d:4f:52:8b:8c:6b:d5:47:05:64:9e:ca:8f:62:
                    3a:32:38:72:e6:05:88:59:7a:3c:00:f0:da:f9:db:
                    80:a5:d1:c9:4f:4c:cb:7f:ad:38:81:71:12:a3:15:
                    63:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:9E:BE:28:11:E5:0F:CF:38:13:C6:96:48:A1:12:95:29:CF:4F:DE
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:71:bc:54:00:69:65:3c:38:d6:3d:c5:6c:21:21:d6:5f:af:
         a4:d0:46:46:10:2f:c7:d1:d0:35:cb:9e:e0:e1:82:01:ce:81:
         7c:8b:b5:71:1d:02:b9:63:39:93:0f:a2:94:5b:93:8e:36:5d:
         8f:53:57:b0:a5:0d:6c:30:f7:a3:bd:e5:e0:8d:43:0e:32:c6:
         34:a6:f1:b3:e8:91:d0:4c:73:2f:8d:8c:5d:5b:6a:13:76:60:
         b4:34:45:8c:66:21:05:fa:26:d6:00:43:15:2f:76:e1:f5:98:
         b8:d1:39:16:4f:a5:09:27:5a:f8:ea:f7:c3:44:5d:6f:8b:4b:
         fc:10:e8:10:67:c2:aa:4f:87:33:27:23:fd:c6:bf:ee:c5:f1:
         fb:69:b6:0a:66:79:84:e9:c5:1d:1d:48:a9:90:8d:5c:d5:cb:
         6b:1c:79:fe:48:cf:d4:03:dc:92:3d:d8:e4:98:e8:fe:80:c3:
         50:b5:52:25:09:b0:4b:19:4c:55:89:7c:af:2d:65:07:cd:8d:
         6e:9b:c8:4a:87:9f:16:2f:b3:39:23:e3:55:13:76:dc:8a:e2:
         bf:fa:a2:43:ee:52:c4:81:ae:96:9a:1c:32:c2:f8:bc:f1:da:
         81:41:3b:f3:a3:c7:13:90:11:83:0d:e9:6d:46:dc:66:74:df:
         2d:2e:80:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNgxkxHYGyOfs5+EPctnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjYwNTEyMjIwMTU4WhcNMjYwNTEzMjIwMTU4WjAzMTEwLwYDVQQD
EyhjMzllYmUyODExZTUwZmNmMzgxM2M2OTY0OGExMTI5NTI5Y2Y0ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqdGHwj0iJ+9vW6AoFDly86f/wPf
QSZaJ0RznPc+kfZlvKYKuU+4cnAqR3B+ZWsnyg7ksBu34fqhJ5pyBaCved3OqyoO
vIE6+HBiVAt0jgTeUof4eoQF0MEMrqA4eVw3yHW+f9fUGNkOb1jJmj4xvGAeBcPe
w52h/YnmdVBcee02Jx4owSy0dzgcYzb9DiFFFg/Qh23NzbrLbipJSHoCYKVeZQEa
yyQVSFHB3TEKY90+TXOZgrs/2mBLy+fJYwLc+npSuBICWnndBWNnquysSyqFHU9S
i4xr1UcFZJ7Kj2I6Mjhy5gWIWXo8APDa+duApdHJT0zLf604gXESoxVj1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOevigR5Q/POBPGlkihEpUpz0/eMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFXG8VABp
ZTw41j3FbCEh1l+vpNBGRhAvx9HQNcue4OGCAc6BfIu1cR0CuWM5kw+ilFuTjjZd
j1NXsKUNbDD3o73l4I1DDjLGNKbxs+iR0ExzL42MXVtqE3ZgtDRFjGYhBfom1gBD
FS924fWYuNE5Fk+lCSda+Or3w0Rdb4tL/BDoEGfCqk+HMycj/ca/7sXx+2m2CmZ5
hOnFHR1IqZCNXNXLaxx5/kjP1APckj3Y5Jjo/oDDULVSJQmwSxlMVYl8ry1lB82N
bpvISoefFi+zOSPjVRN23Iriv/qiQ+5SxIGulpocMsL4vPHagUE786PHE5ARgw3p
bUbcZnTfLS6A7w==
-----END CERTIFICATE-----