Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
File:                     AIce9D_KCSFC2TVYXyGSZG9HTBw.mft (raw, json)
Hash identifier:          0H/Fx4oOwKBcUnoSl/mKjkPuURcDHQRXiWnxU2eAuEM=
Subject key identifier:   72:B6:70:8F:26:3B:01:78:A8:FF:53:B6:7F:C3:D9:B0:1D:E5:2F:7D
Authority key identifier: 00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C
Certificate issuer:       /CN=00871ef43fca092142d935585f2192646f474c1c
Certificate serial:       019E1C0FA0AE5718EF64EFF10AEEA2C33569
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
Manifest number:          01F9
Signing time:             Tue 12 May 2026 12:00:46 +0000
Manifest this update:     Tue 12 May 2026 12:00:46 +0000
Manifest next update:     Wed 13 May 2026 12:00:46 +0000
Files and hashes:         1: AIce9D_KCSFC2TVYXyGSZG9HTBw.crl (hash: sZCbuK+XV5RZDaDuJcUgnX/mULacea6451A5UWswZ9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 12:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:0f:a0:ae:57:18:ef:64:ef:f1:0a:ee:a2:c3:35:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00871ef43fca092142d935585f2192646f474c1c
        Validity
            Not Before: May 12 12:00:46 2026 GMT
            Not After : May 13 12:00:46 2026 GMT
        Subject: CN=72b6708f263b0178a8ff53b67fc3d9b01de52f7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:95:52:d5:d0:2b:1e:e1:f4:48:9b:3e:9d:4c:
                    b5:8d:ae:3d:3a:98:04:44:56:2c:c9:e0:79:21:50:
                    a1:0a:9e:73:9d:00:93:2e:2f:2c:9e:4f:23:4d:8c:
                    12:55:a4:07:86:a4:ee:b5:d4:6c:85:85:27:ca:f3:
                    8f:00:34:03:f1:47:49:4d:93:cc:02:5c:9f:72:93:
                    28:6f:98:78:4c:6a:39:a1:0c:55:31:a3:a8:bd:1a:
                    d2:ee:3a:b8:de:6e:1a:53:c1:ad:05:c7:9c:63:55:
                    7a:db:c0:5d:8f:f2:78:fa:ab:bb:19:3e:a2:4c:34:
                    b8:d3:8a:5a:f3:fd:03:64:49:45:2c:89:b5:7a:35:
                    ee:44:0a:82:dc:0b:c4:43:7c:a6:99:ca:98:35:16:
                    a3:1b:48:ef:60:14:db:2f:41:cc:9f:32:db:13:e6:
                    92:ba:57:d6:9d:d7:14:b7:17:3b:b7:86:37:1d:2f:
                    29:35:02:8b:e8:c0:a0:08:6c:1c:ac:06:94:fc:7a:
                    e9:65:79:3c:5f:08:c3:de:cb:e4:79:d9:ac:b2:95:
                    aa:50:85:59:14:b5:6e:08:00:c6:8f:4b:a2:86:7f:
                    9e:26:3c:8f:e6:13:3f:5c:da:2b:80:f6:fb:f8:eb:
                    91:7f:f7:69:d1:c1:4a:fe:e7:7d:53:af:2b:0b:4e:
                    1a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:B6:70:8F:26:3B:01:78:A8:FF:53:B6:7F:C3:D9:B0:1D:E5:2F:7D
            X509v3 Authority Key Identifier:
                keyid:00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:40:4a:73:47:00:4a:ee:e6:49:32:b5:2f:f5:0e:14:40:46:
         fd:2a:9e:71:da:9e:5c:e4:37:22:a9:61:b7:b1:c1:83:e0:ca:
         1b:ef:d8:6b:c6:bf:d4:d3:f5:94:59:cd:2e:7b:71:84:bd:4c:
         1c:75:0e:a8:75:73:ef:82:6d:34:be:e9:0e:05:f8:05:88:a2:
         68:e6:5c:dd:65:35:8f:37:ba:63:c9:b3:35:a0:08:db:bf:58:
         08:38:3d:0c:28:c2:09:5f:74:10:f4:fc:75:e1:04:76:74:63:
         47:23:fc:c3:ba:d7:82:f0:57:88:41:a8:2f:a8:ca:3c:85:50:
         d1:17:4c:60:7d:a2:ce:46:77:44:67:84:e1:4c:64:92:86:ca:
         ce:1e:5f:4f:06:2c:92:ae:96:72:5b:80:52:6c:3e:2b:fc:14:
         7f:b1:9d:5d:27:bf:ff:69:d0:34:08:35:ed:c3:ba:db:22:d2:
         91:68:21:29:d4:bc:a7:58:18:33:9b:2d:0c:2c:f4:ca:a7:7d:
         42:80:1f:59:18:be:74:d3:b9:a2:8a:af:1d:a9:ce:db:09:87:
         01:e3:84:c7:e9:46:41:5d:66:63:38:1c:53:b0:4d:38:a8:0e:
         e0:b5:2f:7d:fd:77:d8:ba:5f:ec:7a:c1:97:2e:3e:75:d7:08:
         fa:3d:39:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cD6CuVxjvZO/xCu6iwzVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwODcxZWY0M2ZjYTA5MjE0MmQ5MzU1ODVmMjE5MjY0NmY0
NzRjMWMwHhcNMjYwNTEyMTIwMDQ2WhcNMjYwNTEzMTIwMDQ2WjAzMTEwLwYDVQQD
Eyg3MmI2NzA4ZjI2M2IwMTc4YThmZjUzYjY3ZmMzZDliMDFkZTUyZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpVS1dArHuH0SJs+nUy1ja49OpgE
RFYsyeB5IVChCp5znQCTLi8snk8jTYwSVaQHhqTutdRshYUnyvOPADQD8UdJTZPM
AlyfcpMob5h4TGo5oQxVMaOovRrS7jq43m4aU8GtBcecY1V628Bdj/J4+qu7GT6i
TDS404pa8/0DZElFLIm1ejXuRAqC3AvEQ3ymmcqYNRajG0jvYBTbL0HMnzLbE+aS
ulfWndcUtxc7t4Y3HS8pNQKL6MCgCGwcrAaU/HrpZXk8XwjD3svkedmsspWqUIVZ
FLVuCADGj0uihn+eJjyP5hM/XNorgPb7+OuRf/dp0cFK/ud9U68rC04aowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHK2cI8mOwF4qP9Ttn/D2bAd5S99MB8GA1UdIwQY
MBaAFACHHvQ/ygkhQtk1WF8hkmRvR0wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUt
MGE5YzRiZGRjOGFjLzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUtMGE5YzRiZGRjOGFj
LzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0BKc0cA
Su7mSTK1L/UOFEBG/SqecdqeXOQ3Iqlht7HBg+DKG+/Ya8a/1NP1lFnNLntxhL1M
HHUOqHVz74JtNL7pDgX4BYiiaOZc3WU1jze6Y8mzNaAI279YCDg9DCjCCV90EPT8
deEEdnRjRyP8w7rXgvBXiEGoL6jKPIVQ0RdMYH2izkZ3RGeE4UxkkobKzh5fTwYs
kq6WcluAUmw+K/wUf7GdXSe//2nQNAg17cO62yLSkWghKdS8p1gYM5stDCz0yqd9
QoAfWRi+dNO5ooqvHanO2wmHAeOEx+lGQV1mYzgcU7BNOKgO4LUvff132Lpf7HrB
ly4+ddcI+j05LQ==
-----END CERTIFICATE-----