Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          ecEJ/QtKHvL47dOJ4oK9BidSq4jwt3MhVTDo95R0hCI=
Subject key identifier:   BC:88:D6:66:CF:D5:44:89:91:03:EE:40:03:FE:1B:5C:FB:49:4D:82
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       019D389C3FCE824F7215D66F58C6DB667333
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          181E
Signing time:             Sun 29 Mar 2026 08:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:57 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: 26GUuuHtYQug+kHZs9qqb/jLRKtObzh8JI+rqT8+GHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:3f:ce:82:4f:72:15:d6:6f:58:c6:db:66:73:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Mar 29 08:00:57 2026 GMT
            Not After : Mar 30 08:00:57 2026 GMT
        Subject: CN=bc88d666cfd544899103ee4003fe1b5cfb494d82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5d:8f:9e:8b:31:eb:c9:e5:5c:1a:1e:45:59:
                    f2:77:48:c8:3c:f6:1a:a5:65:86:7b:a6:00:c7:6b:
                    58:5d:f8:db:6e:7c:d9:77:23:c0:60:a3:3f:44:cb:
                    8b:8a:98:e2:e9:ad:c8:e4:0b:5a:2c:d5:43:e7:22:
                    eb:86:42:89:1a:2b:fd:77:b5:0a:bc:c1:fe:74:1f:
                    a8:a7:53:11:0c:ee:91:e3:f3:47:92:71:ea:85:38:
                    01:d0:bc:e9:f4:80:f3:b5:24:3b:0f:80:4b:0a:ca:
                    d3:07:2d:b7:eb:72:08:40:7c:5c:9e:79:f9:47:28:
                    aa:f6:4f:c4:c8:2e:8c:43:e8:e1:57:fc:c9:bf:cc:
                    60:b8:31:7f:f3:43:fa:9f:9d:7b:d0:79:6a:de:d8:
                    fa:6e:71:de:9b:34:4d:89:22:cf:a4:c1:5e:3e:4d:
                    a3:73:e3:17:41:eb:82:90:a9:4f:7b:0d:7c:b0:b2:
                    29:85:bb:30:39:07:f4:fb:43:67:e8:ed:b6:98:95:
                    35:a8:bc:b7:c2:34:77:8e:fe:99:c8:2f:09:65:10:
                    ae:a1:c3:d8:44:b3:a8:5a:1b:a8:af:f3:4f:5c:40:
                    86:01:ca:0b:b0:6a:59:fb:73:c9:0a:ff:08:7e:cb:
                    0c:c0:b5:9a:82:df:9c:36:1e:fe:f7:98:12:7a:4c:
                    88:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:88:D6:66:CF:D5:44:89:91:03:EE:40:03:FE:1B:5C:FB:49:4D:82
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:9c:e8:ad:93:2a:16:5e:40:9a:94:d3:af:05:63:20:a6:bd:
         a9:50:c5:77:58:aa:13:d8:ac:7b:7f:6d:a9:12:36:db:fc:7e:
         0c:06:ff:9d:5f:09:0c:79:5f:e1:63:50:f8:95:46:db:52:a0:
         9c:74:bc:01:66:ab:97:35:cf:6e:f0:0d:4a:b9:59:e0:3f:a3:
         14:e9:87:58:88:e6:4c:49:d1:a5:68:22:50:26:de:26:19:01:
         0e:75:3e:9d:e3:fa:5f:14:c9:df:28:33:e0:c6:65:82:d7:bc:
         d0:c4:44:34:63:cd:23:40:6f:91:61:89:8d:74:8b:a6:a4:42:
         48:86:74:5d:bc:ca:d5:ff:68:94:ec:e1:a7:3d:e7:f2:48:8e:
         d3:2c:11:cd:7f:ad:fb:21:34:cd:5a:c8:cf:40:9d:b9:d0:2d:
         f6:d5:95:7c:f8:27:9c:49:3e:d8:6a:c1:5d:93:91:80:07:9e:
         f7:2a:37:2b:c6:39:d5:e7:57:9f:70:ef:83:53:e4:c3:d6:55:
         a3:8a:23:6a:bf:3b:cc:d5:88:de:d1:ea:a0:85:e7:dc:05:9f:
         85:b8:95:c5:27:a4:d2:7a:e5:dd:fa:20:06:4a:7b:c9:03:40:
         85:8a:33:28:a6:53:70:e3:26:82:42:64:98:83:d9:97:dc:65:
         d5:ae:63:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nD/Ogk9yFdZvWMbbZnMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjYwMzI5MDgwMDU3WhcNMjYwMzMwMDgwMDU3WjAzMTEwLwYDVQQD
EyhiYzg4ZDY2NmNmZDU0NDg5OTEwM2VlNDAwM2ZlMWI1Y2ZiNDk0ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul2Pnosx68nlXBoeRVnyd0jIPPYa
pWWGe6YAx2tYXfjbbnzZdyPAYKM/RMuLipji6a3I5AtaLNVD5yLrhkKJGiv9d7UK
vMH+dB+op1MRDO6R4/NHknHqhTgB0Lzp9IDztSQ7D4BLCsrTBy2363IIQHxcnnn5
Ryiq9k/EyC6MQ+jhV/zJv8xguDF/80P6n5170Hlq3tj6bnHemzRNiSLPpMFePk2j
c+MXQeuCkKlPew18sLIphbswOQf0+0Nn6O22mJU1qLy3wjR3jv6ZyC8JZRCuocPY
RLOoWhuor/NPXECGAcoLsGpZ+3PJCv8IfssMwLWagt+cNh7+95gSekyI5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyI1mbP1USJkQPuQAP+G1z7SU2CMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKZzorZMq
Fl5AmpTTrwVjIKa9qVDFd1iqE9ise39tqRI22/x+DAb/nV8JDHlf4WNQ+JVG21Kg
nHS8AWarlzXPbvANSrlZ4D+jFOmHWIjmTEnRpWgiUCbeJhkBDnU+neP6XxTJ3ygz
4MZlgte80MRENGPNI0BvkWGJjXSLpqRCSIZ0XbzK1f9olOzhpz3n8kiO0ywRzX+t
+yE0zVrIz0CdudAt9tWVfPgnnEk+2GrBXZORgAee9yo3K8Y51edXn3Dvg1Pkw9ZV
o4ojar87zNWI3tHqoIXn3AWfhbiVxSek0nrl3fogBkp7yQNAhYozKKZTcOMmgkJk
mIPZl9xl1a5jWA==
-----END CERTIFICATE-----