Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          0RmIt6pz14pZNuGDnEGnCpy6I0G53U09iWxwwfH1aTM=
Subject key identifier:   98:81:BB:60:82:FC:4E:24:C8:A0:5D:31:FC:42:C9:36:8A:ED:75:10
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019E2F9759CD34C86A30C7619C257A358364
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          13D8
Signing time:             Sat 16 May 2026 07:01:48 +0000
Manifest this update:     Sat 16 May 2026 07:01:48 +0000
Manifest next update:     Sun 17 May 2026 07:01:48 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: exR6NkorVNhjhjTYfPRyf3u7XTOATFTMpngVJ9/Eogw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:59:cd:34:c8:6a:30:c7:61:9c:25:7a:35:83:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: May 16 07:01:48 2026 GMT
            Not After : May 17 07:01:48 2026 GMT
        Subject: CN=9881bb6082fc4e24c8a05d31fc42c9368aed7510
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e2:b4:c9:d8:ad:10:c5:60:d0:a1:64:7a:a9:
                    bb:d4:89:b9:1e:91:be:44:bd:d5:5d:b9:56:16:f5:
                    4a:33:ff:7b:25:07:1a:79:3d:23:4b:c2:15:31:06:
                    d1:d8:9d:b0:f3:5a:7b:73:74:4a:e7:c4:ac:f7:ad:
                    30:88:49:64:e5:a3:50:d6:2e:cf:f1:6e:af:0e:54:
                    52:dc:1b:b4:5b:c1:a1:cf:fc:7b:0c:46:ba:0e:1f:
                    0a:8a:10:89:1e:a4:5d:12:41:92:c4:33:f3:8f:0c:
                    d9:c0:a7:af:7f:2b:ea:94:e7:59:6f:ae:73:7f:c9:
                    e9:91:bd:c9:19:bf:da:cc:fb:41:24:dc:c6:2b:95:
                    2e:28:c5:3b:0a:19:14:c2:07:11:e4:11:fd:51:78:
                    27:9c:f9:13:dd:21:51:13:09:f3:f5:12:c3:f9:6d:
                    31:30:79:a7:55:82:e2:79:99:c9:39:2a:e0:6e:2b:
                    88:66:67:3a:af:63:e6:50:ff:d1:ff:42:1c:b7:34:
                    03:85:23:34:8a:e0:2f:c8:a9:70:93:f9:78:63:f3:
                    c3:59:13:5a:2c:a2:00:90:53:b5:e8:f5:1e:74:f9:
                    ca:7c:c4:67:b7:7e:57:4d:2e:a9:4c:93:fb:b9:92:
                    4f:15:59:ab:a1:30:c9:72:66:c6:71:fc:aa:f5:f9:
                    c3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:81:BB:60:82:FC:4E:24:C8:A0:5D:31:FC:42:C9:36:8A:ED:75:10
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:c4:7b:7f:64:44:0b:d9:13:ed:ac:34:2b:4f:82:e5:e8:43:
         0f:c1:ad:8e:e1:c6:de:08:ee:da:d6:6c:6d:2a:a1:22:66:aa:
         2e:f4:bc:2f:bd:cf:0b:dc:8d:86:66:10:e6:9e:16:dd:82:27:
         dc:c9:12:3f:3f:52:e5:5d:c2:df:3f:a5:5c:39:57:83:71:36:
         db:a3:dd:9e:6b:1f:64:f2:08:ac:73:cf:15:87:79:99:f6:4b:
         53:ec:e6:2c:b9:26:04:e2:c4:c6:bc:79:d9:10:d9:82:03:c6:
         44:27:4b:a4:c6:58:54:8b:d8:77:1f:9a:17:59:39:cd:a4:09:
         26:08:91:78:82:29:5a:c6:bb:5d:1b:96:87:dc:25:c8:a4:47:
         05:74:e6:d1:c8:be:be:5e:84:9e:26:43:e6:e1:da:73:7b:b5:
         fe:e9:51:6a:7f:52:10:6d:b0:eb:5d:5f:81:88:e7:ef:54:ae:
         2a:0c:ac:b5:77:6b:4b:f1:a8:63:e4:72:80:a1:d0:41:48:15:
         3f:13:22:1a:9f:0f:f3:04:db:d3:b8:39:5b:9b:2b:4e:f7:83:
         8d:e5:97:9e:27:72:55:1d:05:c2:f7:38:d0:0b:d3:8c:e7:fc:
         21:27:43:e4:cb:45:7e:37:8e:72:8e:63:9d:ab:ce:86:d8:a8:
         d2:48:6b:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vl1nNNMhqMMdhnCV6NYNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwNTE2MDcwMTQ4WhcNMjYwNTE3MDcwMTQ4WjAzMTEwLwYDVQQD
Eyg5ODgxYmI2MDgyZmM0ZTI0YzhhMDVkMzFmYzQyYzkzNjhhZWQ3NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+K0yditEMVg0KFkeqm71Im5HpG+
RL3VXblWFvVKM/97JQcaeT0jS8IVMQbR2J2w81p7c3RK58Ss960wiElk5aNQ1i7P
8W6vDlRS3Bu0W8Ghz/x7DEa6Dh8KihCJHqRdEkGSxDPzjwzZwKevfyvqlOdZb65z
f8npkb3JGb/azPtBJNzGK5UuKMU7ChkUwgcR5BH9UXgnnPkT3SFREwnz9RLD+W0x
MHmnVYLieZnJOSrgbiuIZmc6r2PmUP/R/0IctzQDhSM0iuAvyKlwk/l4Y/PDWRNa
LKIAkFO16PUedPnKfMRnt35XTS6pTJP7uZJPFVmroTDJcmbGcfyq9fnDIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiBu2CC/E4kyKBdMfxCyTaK7XUQMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8R7f2RE
C9kT7aw0K0+C5ehDD8GtjuHG3gju2tZsbSqhImaqLvS8L73PC9yNhmYQ5p4W3YIn
3MkSPz9S5V3C3z+lXDlXg3E226PdnmsfZPIIrHPPFYd5mfZLU+zmLLkmBOLExrx5
2RDZggPGRCdLpMZYVIvYdx+aF1k5zaQJJgiReIIpWsa7XRuWh9wlyKRHBXTm0ci+
vl6EniZD5uHac3u1/ulRan9SEG2w611fgYjn71SuKgystXdrS/GoY+RygKHQQUgV
PxMiGp8P8wTb07g5W5srTveDjeWXnidyVR0Fwvc40AvTjOf8ISdD5MtFfjeOco5j
navOhtio0khr9Q==
-----END CERTIFICATE-----