Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          KzgRzBS1f1AE2zKRq3tK8tQxggXRbbCG6SP3OhvfESg=
Subject key identifier:   7F:33:F1:14:22:F0:AB:06:5F:BA:18:2C:C6:33:53:EA:CB:D1:7D:13
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019EC300002EE9DA56119EDFD395B7C1758A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0D2D
Signing time:             Sat 13 Jun 2026 22:00:17 +0000
Manifest this update:     Sat 13 Jun 2026 22:00:17 +0000
Manifest next update:     Sun 14 Jun 2026 22:00:17 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: 1XZSLinHf9X6l3fAKoaVlieKsUZSj0TrfbwgZXTCXY0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c3:00:00:2e:e9:da:56:11:9e:df:d3:95:b7:c1:75:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Jun 13 22:00:17 2026 GMT
            Not After : Jun 14 22:00:17 2026 GMT
        Subject: CN=7f33f11422f0ab065fba182cc63353eacbd17d13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c3:d1:ee:43:a4:be:3c:4d:90:f8:e8:a1:f3:
                    88:ab:02:6e:29:24:06:ad:3a:05:27:dc:16:b8:d5:
                    a5:cc:3d:64:ce:fc:e3:e3:37:71:bb:b9:66:1a:08:
                    a8:42:b6:90:8a:0f:0f:f3:91:f5:cf:df:c0:84:5a:
                    ba:63:bf:9e:97:54:10:21:8a:58:9e:dc:35:bf:a7:
                    3c:c2:76:9c:11:85:e0:0a:57:22:54:8d:28:cc:7b:
                    91:82:e3:32:34:bf:1c:f1:81:7f:eb:cc:60:b7:26:
                    14:9e:5c:00:76:bd:35:e2:df:f6:2c:26:20:88:da:
                    69:b9:77:6c:75:83:b4:34:08:54:fd:2e:fa:8f:c3:
                    6b:41:17:a0:0e:0c:94:29:2d:2e:b9:b8:6f:3f:6f:
                    8f:8e:7b:f6:b7:83:3a:34:0b:99:1b:69:91:14:c6:
                    40:1e:0b:64:e1:e5:ba:01:24:f8:a7:7c:a7:da:de:
                    3d:fc:1c:56:ec:0e:aa:9b:ca:c9:66:ea:c0:71:67:
                    65:aa:ec:75:3b:89:88:fc:22:86:35:79:1c:0a:df:
                    1c:32:e5:5c:02:fb:9d:30:35:44:7f:7f:58:cb:5e:
                    5e:cd:03:b9:a3:f3:77:37:38:e5:ec:2f:7b:53:4f:
                    4e:d0:7e:f5:df:a4:73:78:75:c3:54:6f:24:9e:dd:
                    34:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:33:F1:14:22:F0:AB:06:5F:BA:18:2C:C6:33:53:EA:CB:D1:7D:13
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:14:2f:12:c8:96:f4:69:ad:66:16:68:c1:d0:f6:dd:ec:05:
         22:58:fa:91:07:be:22:b5:7e:60:3b:b5:ce:b3:53:4f:c6:9c:
         b0:15:04:3a:44:64:5a:27:8a:ec:4b:80:f9:ad:3e:13:32:5f:
         47:1f:88:5e:a5:7f:66:e8:cd:4f:b4:8c:5e:01:8d:9a:93:b5:
         3b:0b:35:29:10:6c:70:ee:5d:d0:5c:a7:05:bd:59:50:ce:86:
         28:f6:31:94:d1:73:9b:df:cd:3c:d1:0f:14:ad:1d:91:b1:0d:
         da:11:41:ba:88:e5:be:b8:e2:66:56:1c:9a:26:89:89:f7:8b:
         55:d7:25:20:6f:99:d1:9a:b0:81:92:c3:64:ff:7e:02:fb:30:
         88:e8:4c:32:ae:88:94:82:68:ad:67:b5:91:ea:38:53:1c:88:
         20:7a:bf:2d:45:e7:cb:57:41:af:ab:bb:2c:35:1d:02:08:e5:
         b7:11:99:7a:8a:30:83:a4:74:12:d7:0d:4e:85:bd:a1:d4:ce:
         82:81:af:4d:75:a2:1b:90:e9:17:f0:16:ff:66:af:5a:23:f9:
         fd:6f:dc:60:51:c3:f8:5d:d8:60:eb:27:70:60:eb:bc:2c:0c:
         b5:f1:13:81:d6:2b:94:06:18:4c:ab:75:c2:77:53:ad:6d:a8:
         49:d6:97:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7DAAAu6dpWEZ7f05W3wXWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjYwNjEzMjIwMDE3WhcNMjYwNjE0MjIwMDE3WjAzMTEwLwYDVQQD
Eyg3ZjMzZjExNDIyZjBhYjA2NWZiYTE4MmNjNjMzNTNlYWNiZDE3ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8PR7kOkvjxNkPjoofOIqwJuKSQG
rToFJ9wWuNWlzD1kzvzj4zdxu7lmGgioQraQig8P85H1z9/AhFq6Y7+el1QQIYpY
ntw1v6c8wnacEYXgClciVI0ozHuRguMyNL8c8YF/68xgtyYUnlwAdr014t/2LCYg
iNppuXdsdYO0NAhU/S76j8NrQRegDgyUKS0uubhvP2+Pjnv2t4M6NAuZG2mRFMZA
Hgtk4eW6AST4p3yn2t49/BxW7A6qm8rJZurAcWdlqux1O4mI/CKGNXkcCt8cMuVc
AvudMDVEf39Yy15ezQO5o/N3Nzjl7C97U09O0H7136RzeHXDVG8knt00cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8z8RQi8KsGX7oYLMYzU+rL0X0TMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlxQvEsiW
9GmtZhZowdD23ewFIlj6kQe+IrV+YDu1zrNTT8acsBUEOkRkWieK7EuA+a0+EzJf
Rx+IXqV/ZujNT7SMXgGNmpO1Ows1KRBscO5d0FynBb1ZUM6GKPYxlNFzm9/NPNEP
FK0dkbEN2hFBuojlvrjiZlYcmiaJifeLVdclIG+Z0ZqwgZLDZP9+AvswiOhMMq6I
lIJorWe1keo4UxyIIHq/LUXny1dBr6u7LDUdAgjltxGZeoowg6R0EtcNToW9odTO
goGvTXWiG5DpF/AW/2avWiP5/W/cYFHD+F3YYOsncGDrvCwMtfETgdYrlAYYTKt1
wndTrW2oSdaXWQ==
-----END CERTIFICATE-----