Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
File:                     vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft (raw, json)
Hash identifier:          tIb9oQ/qqu/jBc63CY2qkgvlswuNkL/EQ73q5vUVC4I=
Subject key identifier:   37:A6:F7:38:0D:D8:C1:2F:6D:F5:54:52:A3:39:6F:FF:9E:61:62:41
Authority key identifier: BE:55:39:AF:E9:25:DB:80:B4:15:EF:B1:4C:63:1B:2D:82:C8:CE:DD
Certificate issuer:       /CN=be5539afe925db80b415efb14c631b2d82c8cedd
Certificate serial:       019EB76AAB319A256405D4A59FF105A67179
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
Manifest number:          0532
Signing time:             Thu 11 Jun 2026 16:01:21 +0000
Manifest this update:     Thu 11 Jun 2026 16:01:21 +0000
Manifest next update:     Fri 12 Jun 2026 16:01:21 +0000
Files and hashes:         1: vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl (hash: 14oib75Ophnf9aT3AUm0VS8ecahpl7kQEEtwRRM60MU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 13:27:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b7:6a:ab:31:9a:25:64:05:d4:a5:9f:f1:05:a6:71:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be5539afe925db80b415efb14c631b2d82c8cedd
        Validity
            Not Before: Jun 11 16:01:21 2026 GMT
            Not After : Jun 12 16:01:21 2026 GMT
        Subject: CN=37a6f7380dd8c12f6df55452a3396fff9e616241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:61:bb:5c:dd:91:f3:99:fd:5a:62:19:14:3e:
                    db:65:98:40:a7:e5:a6:1a:a5:02:83:e2:97:c6:cc:
                    5c:f7:5c:c3:f9:92:61:81:c3:2c:62:a1:35:34:2a:
                    54:c4:0b:6a:46:36:90:dd:89:d2:16:c9:5f:cd:7b:
                    2e:bb:be:7e:11:4b:63:c9:91:f9:a5:ff:66:db:bd:
                    f9:16:1f:18:af:19:6b:ba:27:eb:9c:7e:c8:6d:96:
                    00:01:09:6d:a9:c3:45:50:56:b4:52:11:c5:38:35:
                    be:2f:79:c8:c2:5a:84:92:78:f6:c3:f9:5b:a2:82:
                    2b:0a:b3:43:f6:83:c4:47:43:c9:0c:be:32:83:cd:
                    12:7a:db:93:11:83:d0:25:81:94:12:14:40:b2:f8:
                    ea:f0:10:e0:b5:64:22:fb:14:5a:71:ed:fe:1d:0d:
                    37:56:3d:46:38:bc:5c:3e:e3:7c:6a:73:3b:7d:0e:
                    01:e0:94:37:8c:e4:db:c3:11:04:ce:2f:b0:21:6f:
                    2c:26:d3:b4:9d:3c:16:b2:27:6f:83:45:11:16:9c:
                    d2:ba:b7:d4:40:94:c0:f2:58:13:ca:66:e9:c2:7d:
                    23:13:22:36:ec:d4:d8:1b:49:3b:6a:0e:00:67:36:
                    f9:ba:49:61:8e:26:6f:28:5b:96:7b:64:6b:95:a4:
                    42:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:A6:F7:38:0D:D8:C1:2F:6D:F5:54:52:A3:39:6F:FF:9E:61:62:41
            X509v3 Authority Key Identifier:
                keyid:BE:55:39:AF:E9:25:DB:80:B4:15:EF:B1:4C:63:1B:2D:82:C8:CE:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlU5r-kl24C0Fe-xTGMbLYLIzt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/733dae-0021-44e5-92e5-2500f4efab69/1/vlU5r-kl24C0Fe-xTGMbLYLIzt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:d4:d2:c4:6d:81:4f:52:f5:00:69:f2:ac:ed:6b:69:1a:19:
         55:8b:5d:bd:a5:9b:96:60:6b:42:d9:5a:97:fe:68:da:ea:d8:
         a9:4c:6a:fa:9b:77:2a:59:45:1c:68:05:33:c5:9b:2a:8c:eb:
         a7:3f:00:52:01:e9:35:a3:ca:f4:96:00:01:20:c0:0c:da:71:
         d5:23:46:83:c4:da:dc:6e:0d:6c:7d:ad:38:d5:96:70:57:b9:
         74:04:a8:57:6b:10:41:84:6c:c0:c4:0e:0a:8a:7d:3c:99:8a:
         fe:5b:6d:e1:04:a5:1a:df:09:d6:5b:21:d2:a6:b8:1f:12:e4:
         d6:8d:be:77:ff:97:33:d2:90:f3:d4:a2:95:0a:1f:9a:43:87:
         84:88:53:d5:64:6a:6d:a0:53:31:f1:18:81:7d:93:d3:4f:49:
         9f:c8:16:73:fa:a5:55:6e:7e:7d:bf:e3:7b:e0:1d:b9:4f:a9:
         ca:4c:dc:59:3c:0a:10:3b:e0:33:48:95:9b:80:d5:3d:ce:e2:
         70:71:3f:42:cf:7a:8b:e9:ab:c8:de:dd:f5:fc:68:2b:c0:f8:
         1c:f5:3a:1a:0b:55:d1:9a:dd:2c:2b:56:bf:39:14:8f:01:df:
         c1:cd:d8:46:d1:0c:4f:e1:3a:ae:49:6b:04:2d:4d:e5:ab:50:
         ae:d0:fe:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ63aqsxmiVkBdSln/EFpnF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUzOWFmZTkyNWRiODBiNDE1ZWZiMTRjNjMxYjJkODJj
OGNlZGQwHhcNMjYwNjExMTYwMTIxWhcNMjYwNjEyMTYwMTIxWjAzMTEwLwYDVQQD
EygzN2E2ZjczODBkZDhjMTJmNmRmNTU0NTJhMzM5NmZmZjllNjE2MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimG7XN2R85n9WmIZFD7bZZhAp+Wm
GqUCg+KXxsxc91zD+ZJhgcMsYqE1NCpUxAtqRjaQ3YnSFslfzXsuu75+EUtjyZH5
pf9m2735Fh8YrxlruifrnH7IbZYAAQltqcNFUFa0UhHFODW+L3nIwlqEknj2w/lb
ooIrCrND9oPER0PJDL4yg80SetuTEYPQJYGUEhRAsvjq8BDgtWQi+xRace3+HQ03
Vj1GOLxcPuN8anM7fQ4B4JQ3jOTbwxEEzi+wIW8sJtO0nTwWsidvg0URFpzSurfU
QJTA8lgTymbpwn0jEyI27NTYG0k7ag4AZzb5uklhjiZvKFuWe2RrlaRCTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDem9zgN2MEvbfVUUqM5b/+eYWJBMB8GA1UdIwQY
MBaAFL5VOa/pJduAtBXvsUxjGy2CyM7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MzNkYWUtMDAyMS00NGU1LTkyZTUt
MjUwMGY0ZWZhYjY5LzEvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MzNkYWUtMDAyMS00NGU1LTkyZTUtMjUwMGY0ZWZhYjY5
LzEvdmxVNXIta2wyNEMwRmUteFRHTWJMWUxJenQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJtTSxG2B
T1L1AGnyrO1raRoZVYtdvaWblmBrQtlal/5o2urYqUxq+pt3KllFHGgFM8WbKozr
pz8AUgHpNaPK9JYAASDADNpx1SNGg8Ta3G4NbH2tONWWcFe5dASoV2sQQYRswMQO
Cop9PJmK/ltt4QSlGt8J1lsh0qa4HxLk1o2+d/+XM9KQ89SilQofmkOHhIhT1WRq
baBTMfEYgX2T009Jn8gWc/qlVW5+fb/je+AduU+pykzcWTwKEDvgM0iVm4DVPc7i
cHE/Qs96i+mryN7d9fxoK8D4HPU6GgtV0ZrdLCtWvzkUjwHfwc3YRtEMT+E6rklr
BC1N5atQrtD+NA==
-----END CERTIFICATE-----