Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
File:                     9PpnFz_1YpCIuXCWGuG-dGldxmE.mft (raw, json)
Hash identifier:          Wz40Mk3XGh4RlkXw3zhqQuPvKeNbdhnXnPQwNx5rs6g=
Subject key identifier:   D7:39:BF:7F:D5:D2:CF:68:6D:BA:D6:47:EE:8D:FC:9B:B4:03:5B:AC
Authority key identifier: F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61
Certificate issuer:       /CN=f4fa67173ff5629088b970961ae1be74695dc661
Certificate serial:       019E1E35FF319530A07512CFDBF24D02E3F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
Manifest number:          1902
Signing time:             Tue 12 May 2026 22:01:55 +0000
Manifest this update:     Tue 12 May 2026 22:01:55 +0000
Manifest next update:     Wed 13 May 2026 22:01:55 +0000
Files and hashes:         1: 9PpnFz_1YpCIuXCWGuG-dGldxmE.crl (hash: 2a0IXEvAXX3VrvhOKXfVIx7javOBG0ms3rUCPxeNLgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:ff:31:95:30:a0:75:12:cf:db:f2:4d:02:e3:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4fa67173ff5629088b970961ae1be74695dc661
        Validity
            Not Before: May 12 22:01:55 2026 GMT
            Not After : May 13 22:01:55 2026 GMT
        Subject: CN=d739bf7fd5d2cf686dbad647ee8dfc9bb4035bac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d5:2f:08:1b:33:ec:03:bd:65:4a:fe:63:2f:
                    65:b6:be:3d:da:54:be:4a:c4:71:19:b6:2a:dc:0f:
                    09:67:e6:f5:4f:90:45:da:f3:9d:38:fa:85:0e:56:
                    51:07:61:aa:d4:e9:76:af:c5:9b:2d:c9:12:36:a2:
                    36:03:ce:d1:07:e7:c7:64:7a:89:2b:42:16:1d:77:
                    d2:27:4f:e3:d0:bf:59:4c:1f:cc:33:00:fe:4b:5a:
                    8a:b3:1c:bf:43:37:dd:93:4f:33:5f:42:b2:03:e3:
                    53:cb:eb:49:16:02:cc:96:94:ce:aa:93:a0:81:35:
                    ef:72:c8:cb:54:9d:6c:cb:27:cf:8c:75:49:79:59:
                    55:3e:ed:04:30:6c:bc:03:b1:c9:09:df:51:db:a7:
                    d5:82:96:87:81:8b:4e:d8:ae:02:10:d8:c3:e5:6b:
                    bc:52:cb:69:08:6a:03:ac:14:a2:74:4a:30:4d:f3:
                    4f:f4:83:b7:9c:5f:7a:0c:a4:07:42:43:ec:81:8e:
                    6a:fd:1d:6d:cf:a1:fb:95:4d:e9:c6:c8:aa:f0:34:
                    11:1b:58:6c:e1:10:91:d0:24:ca:b3:f6:4a:16:71:
                    16:8b:4c:cd:10:33:c0:a3:a7:67:bc:6e:fa:7f:b9:
                    fb:7f:75:91:a1:05:22:bc:9e:b8:95:af:9f:b2:d9:
                    d5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:39:BF:7F:D5:D2:CF:68:6D:BA:D6:47:EE:8D:FC:9B:B4:03:5B:AC
            X509v3 Authority Key Identifier:
                keyid:F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:c2:2b:dd:dc:30:4c:da:a7:fd:73:48:17:31:a9:65:ce:66:
         76:cb:cd:3d:8a:13:3e:1b:c8:76:ff:66:d3:1e:16:20:f5:bd:
         8f:1f:9b:41:b6:84:2d:59:c8:71:c4:38:86:c3:98:60:ca:5e:
         97:af:1c:2e:20:99:2a:35:13:26:fd:66:8d:50:9f:36:f1:d8:
         e7:21:f5:f3:15:64:cd:92:75:02:57:39:ad:bf:51:f6:75:89:
         44:58:45:89:6c:6c:e6:70:b9:15:c0:30:1f:eb:dc:45:a8:22:
         48:88:45:3d:c8:24:77:29:b6:6b:d7:32:13:8f:fa:0f:c4:62:
         50:83:5d:98:b4:4f:af:19:3b:39:6b:91:57:5f:47:99:8e:3f:
         0f:9a:07:b4:5f:7a:03:c3:2d:79:70:b7:89:19:e6:ff:03:c3:
         ef:94:54:16:63:8e:28:c8:ca:d5:9c:82:6f:d0:ee:16:20:9b:
         be:57:ac:8e:8a:cd:78:09:f6:c0:8f:94:f0:f2:cb:99:3d:54:
         c7:a1:af:d4:c2:8f:a5:cf:f9:14:e3:98:4a:03:1c:a2:a6:ae:
         39:a7:22:65:dd:47:52:bb:3e:ac:9b:9c:95:e3:85:b5:80:d6:
         5f:92:ac:65:a4:3f:59:d9:eb:e9:ca:78:0a:cd:ba:a3:9f:36:
         c9:94:db:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNf8xlTCgdRLP2/JNAuP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZmE2NzE3M2ZmNTYyOTA4OGI5NzA5NjFhZTFiZTc0Njk1
ZGM2NjEwHhcNMjYwNTEyMjIwMTU1WhcNMjYwNTEzMjIwMTU1WjAzMTEwLwYDVQQD
EyhkNzM5YmY3ZmQ1ZDJjZjY4NmRiYWQ2NDdlZThkZmM5YmI0MDM1YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtUvCBsz7AO9ZUr+Yy9ltr492lS+
SsRxGbYq3A8JZ+b1T5BF2vOdOPqFDlZRB2Gq1Ol2r8WbLckSNqI2A87RB+fHZHqJ
K0IWHXfSJ0/j0L9ZTB/MMwD+S1qKsxy/Qzfdk08zX0KyA+NTy+tJFgLMlpTOqpOg
gTXvcsjLVJ1syyfPjHVJeVlVPu0EMGy8A7HJCd9R26fVgpaHgYtO2K4CENjD5Wu8
UstpCGoDrBSidEowTfNP9IO3nF96DKQHQkPsgY5q/R1tz6H7lU3pxsiq8DQRG1hs
4RCR0CTKs/ZKFnEWi0zNEDPAo6dnvG76f7n7f3WRoQUivJ64la+fstnVZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNc5v3/V0s9obbrWR+6N/Ju0A1usMB8GA1UdIwQY
MBaAFPT6Zxc/9WKQiLlwlhrhvnRpXcZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUt
ZDg1ZWJjNWVhOThkLzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUtZDg1ZWJjNWVhOThk
LzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATsIr3dww
TNqn/XNIFzGpZc5mdsvNPYoTPhvIdv9m0x4WIPW9jx+bQbaELVnIccQ4hsOYYMpe
l68cLiCZKjUTJv1mjVCfNvHY5yH18xVkzZJ1Alc5rb9R9nWJRFhFiWxs5nC5FcAw
H+vcRagiSIhFPcgkdym2a9cyE4/6D8RiUINdmLRPrxk7OWuRV19HmY4/D5oHtF96
A8MteXC3iRnm/wPD75RUFmOOKMjK1ZyCb9DuFiCbvlesjorNeAn2wI+U8PLLmT1U
x6Gv1MKPpc/5FOOYSgMcoqauOaciZd1HUrs+rJucleOFtYDWX5KsZaQ/Wdnr6cp4
Cs26o582yZTbpQ==
-----END CERTIFICATE-----