Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          GKAC5nE0mrOADtfy9OE4UY/72Tzkjf7IoAFAPuDFg5I=
Subject key identifier:   30:2E:F1:FE:89:4F:D4:D3:1C:CA:85:18:1E:8A:0B:02:77:BE:74:97
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019EC0DAD326F7000290B7D2D18761F0102D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1957
Signing time:             Sat 13 Jun 2026 12:00:26 +0000
Manifest this update:     Sat 13 Jun 2026 12:00:26 +0000
Manifest next update:     Sun 14 Jun 2026 12:00:26 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: wEKf1XnD4ZdI+fee0xT+rETyngUH9zmjV8kWNqq7zEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:da:d3:26:f7:00:02:90:b7:d2:d1:87:61:f0:10:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Jun 13 12:00:26 2026 GMT
            Not After : Jun 14 12:00:26 2026 GMT
        Subject: CN=302ef1fe894fd4d31cca85181e8a0b0277be7497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6d:72:9f:04:6a:63:5e:ea:5c:b1:59:2a:fc:
                    3e:63:8a:c0:63:bc:db:05:29:fd:00:d0:5f:f9:e9:
                    59:7e:fe:9f:8d:9a:f2:83:dd:99:3f:21:b5:5d:77:
                    b5:cc:a7:f5:f5:76:e2:46:67:31:15:e4:07:6e:eb:
                    33:9f:ce:45:de:51:be:f0:b2:6b:72:d7:5c:7c:80:
                    01:c6:16:fc:02:0d:29:33:51:b1:aa:8b:28:50:10:
                    dc:6c:b2:ef:98:95:ec:8a:a2:89:b0:f8:a9:67:30:
                    ce:16:ce:c6:9f:53:28:1c:b2:e9:f9:b4:0f:e3:c1:
                    8d:2c:3c:47:2a:7c:ea:bc:cb:45:25:33:ef:0a:01:
                    c3:f0:60:4c:06:54:f0:6a:2b:a1:8b:00:f5:50:cc:
                    5f:67:a5:63:c8:6c:ca:20:8d:f5:fc:ca:f3:f8:b1:
                    4b:27:2c:3d:26:e2:6d:fb:65:0f:1b:5a:ac:45:89:
                    25:24:8f:4f:c2:22:12:6a:94:42:ab:91:54:72:bb:
                    51:af:01:a7:6e:8f:dd:7d:37:e4:20:8c:ad:c8:69:
                    4f:a7:cc:f6:be:81:da:4c:2c:2e:da:4c:2c:cc:4d:
                    bf:98:44:b5:10:f8:ed:20:50:ff:2e:40:49:a3:0d:
                    1b:6c:c8:11:ac:7c:e4:db:b0:66:a2:28:de:bd:b6:
                    79:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:2E:F1:FE:89:4F:D4:D3:1C:CA:85:18:1E:8A:0B:02:77:BE:74:97
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:e4:9f:2b:4a:c2:93:d2:59:f6:c1:c3:49:cd:24:31:db:a8:
         24:41:dd:11:1d:53:99:94:50:00:0d:27:23:3e:64:ab:39:a7:
         b6:fa:4d:34:6f:e0:36:94:d0:ba:ad:58:b0:71:a7:90:f1:d9:
         61:cd:f2:21:e2:71:da:f4:e3:a1:6b:b7:58:08:1c:3b:85:5b:
         bf:dc:cf:93:46:02:54:75:cd:5e:b0:24:64:bd:30:d5:8b:2c:
         73:bb:ef:d1:fa:fb:73:56:71:e4:ab:ff:77:5d:07:84:ab:e3:
         c4:a6:d6:06:a0:1e:f6:8d:c0:1e:26:02:74:d6:71:6c:56:be:
         65:0e:d7:5d:41:90:a3:43:4f:68:1e:56:0c:a6:04:4f:11:72:
         49:81:d7:c2:ff:e7:43:e8:8f:4a:40:6b:c5:15:73:74:6e:d2:
         22:55:73:2d:53:ba:12:5a:33:09:43:85:cd:b7:77:1f:48:7d:
         1e:f9:0a:cf:78:92:70:54:92:94:37:12:74:ab:07:c5:99:fb:
         cf:f0:6b:36:4e:5c:06:8f:86:f4:93:9b:3e:26:74:8d:54:86:
         2d:4a:a4:6f:63:f2:35:a4:a2:1b:7a:56:6e:78:56:4f:bf:50:
         65:46:f6:d8:32:5c:32:b4:63:0d:b8:24:3c:67:cf:65:bd:e8:
         dc:89:cc:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7A2tMm9wACkLfS0Ydh8BAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjYwNjEzMTIwMDI2WhcNMjYwNjE0MTIwMDI2WjAzMTEwLwYDVQQD
EygzMDJlZjFmZTg5NGZkNGQzMWNjYTg1MTgxZThhMGIwMjc3YmU3NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW1ynwRqY17qXLFZKvw+Y4rAY7zb
BSn9ANBf+elZfv6fjZryg92ZPyG1XXe1zKf19XbiRmcxFeQHbuszn85F3lG+8LJr
ctdcfIABxhb8Ag0pM1GxqosoUBDcbLLvmJXsiqKJsPipZzDOFs7Gn1MoHLLp+bQP
48GNLDxHKnzqvMtFJTPvCgHD8GBMBlTwaiuhiwD1UMxfZ6VjyGzKII31/Mrz+LFL
Jyw9JuJt+2UPG1qsRYklJI9PwiISapRCq5FUcrtRrwGnbo/dfTfkIIytyGlPp8z2
voHaTCwu2kwszE2/mES1EPjtIFD/LkBJow0bbMgRrHzk27BmoijevbZ5TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDAu8f6JT9TTHMqFGB6KCwJ3vnSXMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+SfK0rC
k9JZ9sHDSc0kMduoJEHdER1TmZRQAA0nIz5kqzmntvpNNG/gNpTQuq1YsHGnkPHZ
Yc3yIeJx2vTjoWu3WAgcO4Vbv9zPk0YCVHXNXrAkZL0w1Yssc7vv0fr7c1Zx5Kv/
d10HhKvjxKbWBqAe9o3AHiYCdNZxbFa+ZQ7XXUGQo0NPaB5WDKYETxFySYHXwv/n
Q+iPSkBrxRVzdG7SIlVzLVO6ElozCUOFzbd3H0h9HvkKz3iScFSSlDcSdKsHxZn7
z/BrNk5cBo+G9JObPiZ0jVSGLUqkb2PyNaSiG3pWbnhWT79QZUb22DJcMrRjDbgk
PGfPZb3o3InMrw==
-----END CERTIFICATE-----