Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft
File:                     5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft (raw, json)
Hash identifier:          TDxjiacxkS5XMBqD1JKhITvpYIn45mF1PuqKQ/AKW7g=
Subject key identifier:   FD:42:45:E7:4F:73:62:B4:40:F8:A4:FE:B5:EA:4C:A6:46:FD:79:4B
Authority key identifier: E4:03:F4:DA:5B:42:3D:89:9F:BB:5B:56:16:4F:B0:76:96:D8:15:9D
Certificate issuer:       /CN=e403f4da5b423d899fbb5b56164fb07696d8159d
Certificate serial:       019E1E3583C7B788A3618851CA594A772FE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5AP02ltCPYmfu1tWFk-wdpbYFZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft
Manifest number:          0290
Signing time:             Tue 12 May 2026 22:01:24 +0000
Manifest this update:     Tue 12 May 2026 22:01:24 +0000
Manifest next update:     Wed 13 May 2026 22:01:24 +0000
Files and hashes:         1: 5AP02ltCPYmfu1tWFk-wdpbYFZ0.crl (hash: CC7tN6+olWRFU+NckSqPhP09hvWdBfx9NDyN1aDwJtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5AP02ltCPYmfu1tWFk-wdpbYFZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:83:c7:b7:88:a3:61:88:51:ca:59:4a:77:2f:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e403f4da5b423d899fbb5b56164fb07696d8159d
        Validity
            Not Before: May 12 22:01:24 2026 GMT
            Not After : May 13 22:01:24 2026 GMT
        Subject: CN=fd4245e74f7362b440f8a4feb5ea4ca646fd794b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:8e:3a:81:cb:f0:bb:79:7f:f6:4f:63:d8:ab:
                    60:0e:2e:d1:ae:ee:4b:04:11:dc:a6:e5:d3:52:ca:
                    e7:82:ad:14:65:ef:06:3a:ec:d3:f4:c0:48:e0:95:
                    0f:a0:be:24:a8:63:c3:ab:72:f2:1f:42:ff:d4:25:
                    33:5f:4f:d5:ec:9f:99:79:3f:68:6e:c1:e5:89:8b:
                    bc:68:e3:06:68:b7:d7:09:1c:54:19:13:b6:55:76:
                    ac:c4:a3:42:b2:73:50:96:cc:46:37:af:00:b8:3d:
                    9e:a2:0c:03:d0:00:2c:e2:aa:18:49:c4:c3:30:d5:
                    27:f9:73:4c:8d:ef:e5:d5:e2:23:f6:e9:ac:73:d3:
                    4c:82:4b:76:00:ff:72:cd:a6:20:69:e4:8a:7f:65:
                    64:42:fd:8b:a4:d5:49:b1:bf:cf:95:c5:b8:55:4f:
                    3a:f2:dd:81:93:57:5f:7d:2a:64:2c:9f:4d:3f:91:
                    a7:cc:25:a3:49:50:6b:07:32:0f:1a:5a:4e:d9:92:
                    43:a0:cd:1e:61:08:98:a5:8b:e4:f9:ee:4f:00:4b:
                    65:ff:ba:74:b8:fc:af:fc:f4:08:b2:c2:66:eb:00:
                    0b:8b:26:99:d9:58:ec:fb:6a:a6:77:ce:02:ad:55:
                    36:20:02:86:2e:f2:1b:48:ee:de:cf:68:2b:da:9e:
                    0d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:42:45:E7:4F:73:62:B4:40:F8:A4:FE:B5:EA:4C:A6:46:FD:79:4B
            X509v3 Authority Key Identifier:
                keyid:E4:03:F4:DA:5B:42:3D:89:9F:BB:5B:56:16:4F:B0:76:96:D8:15:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5AP02ltCPYmfu1tWFk-wdpbYFZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fd210d-d4c3-4831-a446-a00956afc469/1/5AP02ltCPYmfu1tWFk-wdpbYFZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:bd:32:a6:a6:af:20:19:40:89:ea:8f:e8:b9:43:3a:f9:c9:
         e1:fa:a2:8d:56:0f:1a:ba:6b:91:f7:f0:31:cf:10:3b:74:d0:
         e0:e9:8b:78:84:93:74:38:2e:18:8a:d3:d9:a5:f3:31:39:d2:
         ca:95:89:4d:ea:b8:14:0c:e5:c0:27:31:f2:ab:29:66:26:ec:
         d5:0e:56:2d:88:96:b8:de:9b:78:57:00:60:f9:b5:e3:50:ca:
         69:f7:fc:91:24:e7:3f:75:16:85:9c:22:d4:a6:ee:5d:59:6b:
         e7:ba:66:98:d7:71:e9:ad:4e:c8:48:af:21:c7:11:e9:1d:45:
         ed:5d:4c:d4:ec:b4:11:f7:94:50:75:7e:6d:63:a4:2e:72:c0:
         d7:66:27:89:c0:a0:64:fb:4a:0e:58:e8:bf:ce:d3:be:29:79:
         64:92:f6:d6:30:29:a6:bc:c6:4f:30:a2:77:77:c9:1b:22:2b:
         5f:1e:0f:0f:98:3e:ed:26:41:c6:f2:b1:53:37:75:6c:eb:0e:
         de:b5:53:48:94:6f:56:b5:41:de:31:85:63:0c:7f:7a:13:20:
         54:c8:00:c5:d1:1e:7f:ce:4a:13:13:69:ea:4a:5b:e0:4a:3d:
         52:fc:4f:9e:35:94:3a:d0:b7:e6:64:f6:b6:61:f6:bf:34:b3:
         b5:05:24:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNYPHt4ijYYhRyllKdy/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MDNmNGRhNWI0MjNkODk5ZmJiNWI1NjE2NGZiMDc2OTZk
ODE1OWQwHhcNMjYwNTEyMjIwMTI0WhcNMjYwNTEzMjIwMTI0WjAzMTEwLwYDVQQD
EyhmZDQyNDVlNzRmNzM2MmI0NDBmOGE0ZmViNWVhNGNhNjQ2ZmQ3OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo46gcvwu3l/9k9j2KtgDi7Rru5L
BBHcpuXTUsrngq0UZe8GOuzT9MBI4JUPoL4kqGPDq3LyH0L/1CUzX0/V7J+ZeT9o
bsHliYu8aOMGaLfXCRxUGRO2VXasxKNCsnNQlsxGN68AuD2eogwD0AAs4qoYScTD
MNUn+XNMje/l1eIj9umsc9NMgkt2AP9yzaYgaeSKf2VkQv2LpNVJsb/PlcW4VU86
8t2Bk1dffSpkLJ9NP5GnzCWjSVBrBzIPGlpO2ZJDoM0eYQiYpYvk+e5PAEtl/7p0
uPyv/PQIssJm6wALiyaZ2Vjs+2qmd84CrVU2IAKGLvIbSO7ez2gr2p4N6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1CRedPc2K0QPik/rXqTKZG/XlLMB8GA1UdIwQY
MBaAFOQD9NpbQj2Jn7tbVhZPsHaW2BWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUFQMDJsdENQWW1mdTF0V0ZrLXdkcGJZRlowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mZDIxMGQtZDRjMy00ODMxLWE0NDYt
YTAwOTU2YWZjNDY5LzEvNUFQMDJsdENQWW1mdTF0V0ZrLXdkcGJZRlowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mZDIxMGQtZDRjMy00ODMxLWE0NDYtYTAwOTU2YWZjNDY5
LzEvNUFQMDJsdENQWW1mdTF0V0ZrLXdkcGJZRlowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcL0ypqav
IBlAieqP6LlDOvnJ4fqijVYPGrprkffwMc8QO3TQ4OmLeISTdDguGIrT2aXzMTnS
ypWJTeq4FAzlwCcx8qspZibs1Q5WLYiWuN6beFcAYPm141DKaff8kSTnP3UWhZwi
1KbuXVlr57pmmNdx6a1OyEivIccR6R1F7V1M1Oy0EfeUUHV+bWOkLnLA12YnicCg
ZPtKDljov87Tvil5ZJL21jApprzGTzCid3fJGyIrXx4PD5g+7SZBxvKxUzd1bOsO
3rVTSJRvVrVB3jGFYwx/ehMgVMgAxdEef85KExNp6kpb4Eo9UvxPnjWUOtC35mT2
tmH2vzSztQUkCA==
-----END CERTIFICATE-----