Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          xn31CRomfHDmzLeTgthKa3mFTV3Q581jiRyJZhe4Dv4=
Subject key identifier:   9C:69:43:FE:46:CE:22:AD:8C:09:D2:21:CB:3A:33:36:A3:9E:C5:37
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019E30720E61789707440B806970081836A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0D1C
Signing time:             Sat 16 May 2026 11:00:41 +0000
Manifest this update:     Sat 16 May 2026 11:00:41 +0000
Manifest next update:     Sun 17 May 2026 11:00:41 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: bOxi6deMbs4zrKxRvz+c405WTlV6CK219X7veo16X4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:72:0e:61:78:97:07:44:0b:80:69:70:08:18:36:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: May 16 11:00:41 2026 GMT
            Not After : May 17 11:00:41 2026 GMT
        Subject: CN=9c6943fe46ce22ad8c09d221cb3a3336a39ec537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:91:30:ce:6b:ba:ad:5d:39:8d:4d:2a:4b:e7:
                    18:7c:b7:aa:00:5e:c7:c0:0c:81:54:3f:74:58:c3:
                    40:21:12:2f:03:0d:07:cc:17:5a:0e:13:38:89:85:
                    a7:18:43:f0:7f:2a:a2:37:33:f0:bb:5b:b4:c2:fc:
                    21:09:7c:be:ed:42:ea:b8:b8:16:bb:f1:3e:a0:9c:
                    cf:95:c6:f4:80:10:cc:7b:bc:37:f7:6b:b4:99:b7:
                    5e:5a:9e:16:7b:3a:9b:88:5a:d6:7a:c9:e1:e6:ab:
                    a3:00:e8:32:44:d0:b3:5d:e2:d0:07:95:18:ff:89:
                    34:f6:a3:e7:be:6d:f5:1f:7b:ab:17:0d:66:c0:0f:
                    da:d1:2c:06:f2:a6:c6:e7:06:a0:d8:34:52:40:0e:
                    c7:63:ad:f1:f8:92:1e:c7:93:11:07:7b:56:ed:69:
                    83:36:aa:d2:ea:be:ad:f8:f0:cd:0a:46:4f:84:08:
                    69:24:99:27:77:0a:a2:af:c1:59:a0:43:8e:0f:0f:
                    90:83:7d:36:85:fe:4f:ce:71:95:c7:80:0d:d7:82:
                    22:d1:0c:b2:ca:0c:7b:5a:a6:97:18:dd:54:9e:68:
                    89:36:5c:c6:93:24:4b:0a:6b:2b:5d:4b:00:1e:26:
                    34:41:96:d9:b9:6b:f2:73:63:35:63:80:48:f1:6c:
                    87:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:69:43:FE:46:CE:22:AD:8C:09:D2:21:CB:3A:33:36:A3:9E:C5:37
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:f1:a6:34:4e:5d:9b:c7:d9:ee:7d:03:03:45:f8:fa:f9:89:
         dc:c5:d5:9a:0e:7c:44:24:b2:7d:56:92:dc:c4:29:3d:80:1a:
         ee:2a:bb:91:81:40:fe:c4:29:da:7a:1d:0f:7b:8d:58:f6:de:
         3d:17:74:b9:a8:cc:4f:9e:3b:b6:7f:71:e7:a0:90:30:94:b3:
         9e:8e:9f:9b:3f:db:9c:79:34:08:42:1f:71:7d:53:3c:ad:56:
         14:2f:4f:8b:57:20:dc:9f:c7:12:61:9d:d6:12:7b:fc:03:28:
         3d:5b:09:01:70:d2:cf:c0:d6:aa:57:96:e5:4e:49:e3:06:ef:
         0a:0f:3f:b9:59:d2:98:fa:b0:6d:1c:ff:c6:ff:06:90:85:82:
         e0:05:de:14:8d:44:ad:6a:72:16:c4:3d:76:e2:04:fe:e1:e5:
         68:26:cb:f9:92:9f:26:ce:b4:bd:91:89:25:da:6b:54:91:65:
         f0:ca:49:48:1a:8e:fa:11:93:42:cb:1c:b2:d6:df:7b:b1:0e:
         c3:49:02:ff:44:99:da:02:f9:00:c8:be:a3:91:f1:4e:02:9c:
         df:52:fe:25:80:bb:2e:c8:fe:a2:35:12:45:68:9f:c5:4f:4e:
         7c:0a:8c:34:3c:db:d2:ae:fc:8c:e4:9e:82:4b:63:bc:0a:23:
         77:0d:9b:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcg5heJcHRAuAaXAIGDanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjYwNTE2MTEwMDQxWhcNMjYwNTE3MTEwMDQxWjAzMTEwLwYDVQQD
Eyg5YzY5NDNmZTQ2Y2UyMmFkOGMwOWQyMjFjYjNhMzMzNmEzOWVjNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZEwzmu6rV05jU0qS+cYfLeqAF7H
wAyBVD90WMNAIRIvAw0HzBdaDhM4iYWnGEPwfyqiNzPwu1u0wvwhCXy+7ULquLgW
u/E+oJzPlcb0gBDMe7w392u0mbdeWp4WezqbiFrWesnh5qujAOgyRNCzXeLQB5UY
/4k09qPnvm31H3urFw1mwA/a0SwG8qbG5wag2DRSQA7HY63x+JIex5MRB3tW7WmD
NqrS6r6t+PDNCkZPhAhpJJkndwqir8FZoEOODw+Qg302hf5PznGVx4AN14Ii0Qyy
ygx7WqaXGN1UnmiJNlzGkyRLCmsrXUsAHiY0QZbZuWvyc2M1Y4BI8WyHfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxpQ/5GziKtjAnSIcs6MzajnsU3MB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiPGmNE5d
m8fZ7n0DA0X4+vmJ3MXVmg58RCSyfVaS3MQpPYAa7iq7kYFA/sQp2nodD3uNWPbe
PRd0uajMT547tn9x56CQMJSzno6fmz/bnHk0CEIfcX1TPK1WFC9Pi1cg3J/HEmGd
1hJ7/AMoPVsJAXDSz8DWqleW5U5J4wbvCg8/uVnSmPqwbRz/xv8GkIWC4AXeFI1E
rWpyFsQ9duIE/uHlaCbL+ZKfJs60vZGJJdprVJFl8MpJSBqO+hGTQsscstbfe7EO
w0kC/0SZ2gL5AMi+o5HxTgKc31L+JYC7Lsj+ojUSRWifxU9OfAqMNDzb0q78jOSe
gktjvAojdw2bGw==
-----END CERTIFICATE-----