Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          nUL3tXQ8pAXhX/4iPOEfUvZaMPav1bN0sleFahCrL8k=
Subject key identifier:   83:7B:1D:FA:3A:AB:6A:F1:53:11:DE:7B:F1:75:58:E7:E4:15:E4:BF
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       019E30E07293F3482E95007AD3438D5FC5D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          15A1
Signing time:             Sat 16 May 2026 13:01:16 +0000
Manifest this update:     Sat 16 May 2026 13:01:16 +0000
Manifest next update:     Sun 17 May 2026 13:01:16 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: c1GhmrADdTg5pVvh7zp+iG/8dWvGeM2bmAyShgLICsw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:e0:72:93:f3:48:2e:95:00:7a:d3:43:8d:5f:c5:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: May 16 13:01:16 2026 GMT
            Not After : May 17 13:01:16 2026 GMT
        Subject: CN=837b1dfa3aab6af15311de7bf17558e7e415e4bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ee:f1:cd:9f:54:68:26:92:0b:5e:38:a0:23:
                    0d:fc:86:ae:5b:b1:15:fe:0c:2c:56:ac:79:1b:6f:
                    43:5c:d5:59:68:bd:24:eb:5b:4c:75:ac:6c:5f:66:
                    d8:35:7f:95:8d:77:26:24:6f:50:01:7b:49:b1:95:
                    04:57:6f:f2:dc:d3:72:7b:70:ba:59:71:5d:15:03:
                    f0:76:49:3f:c8:f4:f6:05:6f:e0:af:25:63:67:dc:
                    62:a7:2f:81:f2:d2:47:a2:3c:88:05:56:52:42:ad:
                    17:5b:6f:2d:80:22:a0:98:59:18:44:97:2e:09:e1:
                    15:78:15:27:ba:dd:26:35:26:14:e8:ea:96:fb:5f:
                    a1:22:89:36:2d:aa:b3:db:bb:72:d2:72:e1:59:0e:
                    40:d1:c1:3e:79:2b:3f:cb:21:d4:aa:d8:06:4b:45:
                    74:e7:0c:6a:ec:d2:b8:0e:4f:0a:d0:b2:52:32:a9:
                    53:6e:b3:90:d5:0c:5f:f5:b0:35:70:68:74:57:4a:
                    f5:68:90:88:90:68:ed:8f:72:0b:59:59:db:7a:c0:
                    17:e3:c0:c8:ff:37:8e:8f:f9:37:32:44:9f:b9:59:
                    14:03:94:eb:6a:91:71:61:4b:35:7b:c7:77:91:8e:
                    a4:81:b3:09:82:7a:eb:01:5b:8f:7e:95:8a:8c:75:
                    ec:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:7B:1D:FA:3A:AB:6A:F1:53:11:DE:7B:F1:75:58:E7:E4:15:E4:BF
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:55:49:20:ff:b5:ce:f3:c8:b2:74:99:8c:b8:c5:76:9c:04:
         99:17:53:a7:31:78:64:16:40:0c:33:94:b7:0d:69:d8:8a:39:
         50:c8:5b:16:1e:e8:31:1a:45:e4:94:e7:37:36:05:ff:df:7f:
         3b:f9:a3:95:16:cf:7d:b8:d3:b4:e2:99:b1:08:dd:23:c0:a6:
         08:8f:c9:98:50:9d:25:e6:e8:b2:eb:7c:82:d7:8f:fa:76:d3:
         46:1a:cc:cf:06:e0:8b:53:a2:ba:29:54:21:b8:6a:59:42:a7:
         43:24:82:ea:da:c2:f6:9e:ba:84:59:bd:d2:c3:fb:39:37:d6:
         fa:55:5d:70:04:6e:fb:ad:e9:5a:18:fe:18:cb:ac:a8:19:a5:
         57:36:67:6f:5b:a8:1e:90:32:42:6a:86:bd:a8:9f:fa:a7:54:
         ae:be:ea:df:83:ca:ff:2f:6a:bd:f2:ee:8b:11:ef:9f:57:e5:
         f0:ac:ea:e4:57:ce:db:c1:b9:3c:1a:a3:ea:2d:d7:12:95:e7:
         11:de:04:be:1f:a1:ed:43:c4:f8:84:b5:ff:dd:96:f5:27:2f:
         62:ed:c7:de:43:08:3e:6c:38:ee:23:8a:18:f5:3a:c2:6e:04:
         a1:f7:2e:2e:b9:5b:20:63:c4:48:6f:0f:57:bf:7f:1d:28:99:
         99:21:72:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4HKT80gulQB600ONX8XVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjYwNTE2MTMwMTE2WhcNMjYwNTE3MTMwMTE2WjAzMTEwLwYDVQQD
Eyg4MzdiMWRmYTNhYWI2YWYxNTMxMWRlN2JmMTc1NThlN2U0MTVlNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAye7xzZ9UaCaSC144oCMN/IauW7EV
/gwsVqx5G29DXNVZaL0k61tMdaxsX2bYNX+VjXcmJG9QAXtJsZUEV2/y3NNye3C6
WXFdFQPwdkk/yPT2BW/gryVjZ9xipy+B8tJHojyIBVZSQq0XW28tgCKgmFkYRJcu
CeEVeBUnut0mNSYU6OqW+1+hIok2Laqz27ty0nLhWQ5A0cE+eSs/yyHUqtgGS0V0
5wxq7NK4Dk8K0LJSMqlTbrOQ1Qxf9bA1cGh0V0r1aJCIkGjtj3ILWVnbesAX48DI
/zeOj/k3MkSfuVkUA5TrapFxYUs1e8d3kY6kgbMJgnrrAVuPfpWKjHXsgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIN7Hfo6q2rxUxHee/F1WOfkFeS/MB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeFVJIP+1
zvPIsnSZjLjFdpwEmRdTpzF4ZBZADDOUtw1p2Io5UMhbFh7oMRpF5JTnNzYF/99/
O/mjlRbPfbjTtOKZsQjdI8CmCI/JmFCdJebosut8gteP+nbTRhrMzwbgi1OiuilU
IbhqWUKnQySC6trC9p66hFm90sP7OTfW+lVdcARu+63pWhj+GMusqBmlVzZnb1uo
HpAyQmqGvaif+qdUrr7q34PK/y9qvfLuixHvn1fl8Kzq5FfO28G5PBqj6i3XEpXn
Ed4Evh+h7UPE+IS1/92W9ScvYu3H3kMIPmw47iOKGPU6wm4EofcuLrlbIGPESG8P
V79/HSiZmSFy4Q==
-----END CERTIFICATE-----