Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
File:                     2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft (raw, json)
Hash identifier:          87uch52jo+Xe28MC6w6Qay6tpok1xltV90BD43uEP4A=
Subject key identifier:   78:1E:73:AA:E2:4F:E2:0F:79:F2:92:99:01:72:CB:42:B4:D3:5B:13
Authority key identifier: D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9
Certificate issuer:       /CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
Certificate serial:       019E1F111F2CB23DDDBE5E6150178322EC51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
Manifest number:          1628
Signing time:             Wed 13 May 2026 02:01:16 +0000
Manifest this update:     Wed 13 May 2026 02:01:16 +0000
Manifest next update:     Thu 14 May 2026 02:01:16 +0000
Files and hashes:         1: 2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl (hash: 6TY1lD10okexJ65g9pFnjyKS+I0tI24o+JVDJftD0k8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:11:1f:2c:b2:3d:dd:be:5e:61:50:17:83:22:ec:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
        Validity
            Not Before: May 13 02:01:16 2026 GMT
            Not After : May 14 02:01:16 2026 GMT
        Subject: CN=781e73aae24fe20f79f292990172cb42b4d35b13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:68:c2:cd:0b:08:b1:4a:91:13:54:7c:e6:42:
                    fe:07:6d:5f:74:33:07:a9:a0:e1:73:07:e4:4e:a6:
                    5e:26:7b:18:a9:e1:34:e2:02:c1:02:d3:42:bb:86:
                    ec:c9:eb:00:8e:81:79:b5:11:de:41:0b:a8:7c:99:
                    12:75:ca:04:6b:62:1e:eb:f4:58:9f:09:9f:ef:61:
                    75:4b:f2:d6:48:c3:b5:f5:8d:72:18:24:88:a9:fd:
                    9d:3f:a5:41:40:bd:c5:1e:19:da:dd:7d:3e:3c:9f:
                    d4:ed:ff:07:4a:75:d8:13:02:e1:ca:e4:93:93:01:
                    27:d5:9a:7a:0d:85:dd:50:89:10:32:57:38:52:ff:
                    89:5e:5c:19:17:4d:1c:fa:01:4b:83:f9:7e:0f:bd:
                    70:f5:13:9b:6e:64:33:bf:36:6e:45:17:84:07:43:
                    24:d0:b8:12:71:36:a5:a4:c4:fd:53:e3:97:75:d1:
                    95:3e:03:d9:d2:bb:88:ce:62:e9:c8:e1:09:0d:00:
                    0f:30:7d:01:be:bb:bc:35:47:91:96:ed:81:b0:f7:
                    cf:83:df:8c:0b:8b:04:9a:47:21:09:55:55:90:e7:
                    af:8e:66:6d:73:c7:33:92:4a:af:25:5c:2a:3a:1d:
                    62:60:a5:bf:2c:31:aa:9d:30:fa:55:f1:1e:4f:ea:
                    a5:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:1E:73:AA:E2:4F:E2:0F:79:F2:92:99:01:72:CB:42:B4:D3:5B:13
            X509v3 Authority Key Identifier:
                keyid:D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e4:a2:54:d7:6a:d5:47:9f:fb:d4:6c:bb:c5:b8:88:cd:8d:b7:
         0e:12:60:d0:df:f1:71:a5:80:a2:6f:d1:51:3e:b8:b5:74:8c:
         df:fb:c3:c4:ce:e8:52:2f:80:eb:2e:d1:3f:8b:dd:db:fd:b8:
         dc:da:ec:ca:9f:c0:6f:b2:33:4a:1d:bf:7e:db:0e:c7:2f:81:
         8d:80:ad:1c:9e:7e:79:b0:db:b2:03:ca:b3:17:dc:00:be:df:
         4a:10:71:7e:27:3d:c1:3c:4f:a5:30:bc:cc:3f:ab:2d:91:e7:
         16:4b:a6:51:65:bc:f3:9d:59:52:4c:cf:8a:9a:24:b6:d7:e8:
         b2:1f:3e:14:6e:85:24:e8:db:da:8d:09:ca:d9:36:f8:6c:75:
         83:62:9c:7d:af:94:4d:9a:d6:2b:0a:32:41:62:2a:62:4a:36:
         b5:18:c7:d4:f5:9e:f6:50:5a:97:c2:73:b2:64:75:f7:19:bd:
         ae:41:9e:e9:fe:04:41:ad:86:8d:2b:2a:50:af:17:66:03:4f:
         fd:8f:d5:39:ab:9f:0a:1e:fe:cd:f0:29:a0:5f:ea:c0:2d:0e:
         c3:a2:ed:75:58:2b:2c:8a:d0:82:15:85:cb:cd:e7:42:0d:eb:
         ab:69:25:44:9a:c8:70:69:dc:db:cd:ee:dc:b9:72:aa:94:79:
         c4:56:93:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fER8ssj3dvl5hUBeDIuxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGZmYTA0NWIzNWIxNmRjOTk0MTllM2UwZTZlMTZlNmVk
YjQ3ZTkwHhcNMjYwNTEzMDIwMTE2WhcNMjYwNTE0MDIwMTE2WjAzMTEwLwYDVQQD
Eyg3ODFlNzNhYWUyNGZlMjBmNzlmMjkyOTkwMTcyY2I0MmI0ZDM1YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWjCzQsIsUqRE1R85kL+B21fdDMH
qaDhcwfkTqZeJnsYqeE04gLBAtNCu4bsyesAjoF5tRHeQQuofJkSdcoEa2Ie6/RY
nwmf72F1S/LWSMO19Y1yGCSIqf2dP6VBQL3FHhna3X0+PJ/U7f8HSnXYEwLhyuST
kwEn1Zp6DYXdUIkQMlc4Uv+JXlwZF00c+gFLg/l+D71w9RObbmQzvzZuRReEB0Mk
0LgScTalpMT9U+OXddGVPgPZ0ruIzmLpyOEJDQAPMH0Bvru8NUeRlu2BsPfPg9+M
C4sEmkchCVVVkOevjmZtc8czkkqvJVwqOh1iYKW/LDGqnTD6VfEeT+ql0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgec6riT+IPefKSmQFyy0K001sTMB8GA1UdIwQY
MBaAFNmP+gRbNbFtyZQZ4+Dm4W5u20fpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAt
ZWUyNWQyYzViNDEwLzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAtZWUyNWQyYzViNDEw
LzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5KJU12rV
R5/71Gy7xbiIzY23DhJg0N/xcaWAom/RUT64tXSM3/vDxM7oUi+A6y7RP4vd2/24
3Nrsyp/Ab7IzSh2/ftsOxy+BjYCtHJ5+ebDbsgPKsxfcAL7fShBxfic9wTxPpTC8
zD+rLZHnFkumUWW8851ZUkzPipokttfosh8+FG6FJOjb2o0Jytk2+Gx1g2Kcfa+U
TZrWKwoyQWIqYko2tRjH1PWe9lBal8JzsmR19xm9rkGe6f4EQa2GjSsqUK8XZgNP
/Y/VOaufCh7+zfApoF/qwC0Ow6LtdVgrLIrQghWFy83nQg3rq2klRJrIcGnc283u
3LlyqpR5xFaTig==
-----END CERTIFICATE-----