Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          BZGFOEGLILgIsSsrSE85sZS68g2Wm9jy+vXwJBLybzI=
Subject key identifier:   BC:57:EC:85:E5:73:8E:80:BF:C4:23:43:81:69:95:51:BE:05:31:B2
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       019EBF5AE053E0ABD305CAB2425BC3C1835A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          165B
Signing time:             Sat 13 Jun 2026 05:01:04 +0000
Manifest this update:     Sat 13 Jun 2026 05:01:04 +0000
Manifest next update:     Sun 14 Jun 2026 05:01:04 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: P4F/ehKUJbTFmL11PCNz77nDSsGkciqcqHqpNToYqSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:5a:e0:53:e0:ab:d3:05:ca:b2:42:5b:c3:c1:83:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Jun 13 05:01:04 2026 GMT
            Not After : Jun 14 05:01:04 2026 GMT
        Subject: CN=bc57ec85e5738e80bfc4234381699551be0531b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:94:a9:3a:85:78:92:53:d1:72:37:08:88:f3:
                    a8:a0:aa:d8:25:37:d2:e0:65:a6:71:56:0d:bf:f7:
                    22:67:24:15:43:97:1e:e9:a6:19:dd:a1:10:0a:d8:
                    9a:be:ff:8a:6a:3b:6e:73:22:28:0a:46:32:a9:81:
                    4c:41:6a:45:b4:6b:78:2b:0c:b9:bc:79:ab:1f:18:
                    95:5f:79:3f:2f:55:39:dd:57:e2:ea:fd:53:97:91:
                    4b:2e:87:39:a2:97:a7:25:7c:27:32:79:a3:9d:e6:
                    ef:67:bc:8c:ba:cd:a6:ac:b4:da:83:e0:af:2a:b6:
                    73:af:d5:58:c2:b5:21:22:2f:b8:d4:94:bf:8f:ba:
                    86:99:a4:68:3d:22:77:5e:d6:5d:15:ad:b4:7b:7a:
                    a5:45:6b:32:1e:d8:1c:b8:ab:bb:92:4e:f9:96:66:
                    18:a8:c4:92:28:8b:a6:7e:6e:da:f0:59:a0:03:55:
                    d5:0b:5a:e3:0f:2f:c5:70:9d:02:be:cc:ac:79:32:
                    16:3d:79:17:7b:fc:b4:15:46:ad:d4:a1:6d:c2:a0:
                    11:bc:ca:bf:17:5a:86:76:7d:2a:1d:a8:a0:26:88:
                    56:67:53:9c:08:08:7b:06:bb:3d:53:bc:77:6a:23:
                    16:75:dd:08:9f:f5:36:c1:b0:06:34:e5:c6:54:08:
                    e4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:57:EC:85:E5:73:8E:80:BF:C4:23:43:81:69:95:51:BE:05:31:B2
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:74:b9:fd:ee:8a:db:d9:b7:fa:b8:98:2b:c2:8f:57:6b:f8:
         36:9d:50:86:e7:43:a7:6a:a3:b9:f1:d5:78:0f:db:a7:09:3d:
         d8:10:e0:82:96:82:0e:57:2e:13:4b:47:18:23:49:4c:ed:0e:
         cf:a4:c7:8d:46:e0:62:89:fa:49:cc:51:8a:f5:06:7e:73:73:
         64:84:5d:dc:54:9b:23:b8:d5:89:29:55:b3:43:ed:e1:c8:d6:
         44:55:e0:5a:73:d7:92:05:27:c4:e7:1e:7d:1d:86:26:fb:2f:
         47:5a:e2:df:98:c9:f7:f0:c3:93:2d:7e:d3:81:5c:98:44:01:
         14:f9:22:8e:f7:5e:e3:f3:1f:c6:29:14:ca:f2:87:eb:68:06:
         04:d1:34:1e:d7:a8:03:92:18:58:79:9b:4a:3a:7b:75:28:3a:
         e6:fb:88:bd:73:d8:48:8c:ce:8b:37:c4:3f:af:6b:fc:95:fb:
         b2:3e:f3:a7:e2:ad:2c:8f:72:7d:61:45:00:cd:01:51:a9:b3:
         fb:5d:d7:33:2e:f5:39:ef:2d:f3:3d:f1:05:29:0a:64:36:b9:
         2e:98:fd:ec:fa:0a:08:62:a2:8d:63:05:3d:45:31:7e:33:58:
         5f:47:ec:02:58:45:ec:2c:a8:bc:1a:17:dd:b6:e1:5e:31:8f:
         82:69:5c:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/WuBT4KvTBcqyQlvDwYNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjYwNjEzMDUwMTA0WhcNMjYwNjE0MDUwMTA0WjAzMTEwLwYDVQQD
EyhiYzU3ZWM4NWU1NzM4ZTgwYmZjNDIzNDM4MTY5OTU1MWJlMDUzMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pSpOoV4klPRcjcIiPOooKrYJTfS
4GWmcVYNv/ciZyQVQ5ce6aYZ3aEQCtiavv+KajtucyIoCkYyqYFMQWpFtGt4Kwy5
vHmrHxiVX3k/L1U53Vfi6v1Tl5FLLoc5openJXwnMnmjnebvZ7yMus2mrLTag+Cv
KrZzr9VYwrUhIi+41JS/j7qGmaRoPSJ3XtZdFa20e3qlRWsyHtgcuKu7kk75lmYY
qMSSKIumfm7a8FmgA1XVC1rjDy/FcJ0CvsyseTIWPXkXe/y0FUat1KFtwqARvMq/
F1qGdn0qHaigJohWZ1OcCAh7Brs9U7x3aiMWdd0In/U2wbAGNOXGVAjkzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxX7IXlc46Av8QjQ4FplVG+BTGyMB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXS5/e6K
29m3+riYK8KPV2v4Np1QhudDp2qjufHVeA/bpwk92BDggpaCDlcuE0tHGCNJTO0O
z6THjUbgYon6ScxRivUGfnNzZIRd3FSbI7jViSlVs0Pt4cjWRFXgWnPXkgUnxOce
fR2GJvsvR1ri35jJ9/DDky1+04FcmEQBFPkijvde4/MfxikUyvKH62gGBNE0Hteo
A5IYWHmbSjp7dSg65vuIvXPYSIzOizfEP69r/JX7sj7zp+KtLI9yfWFFAM0BUamz
+13XMy71Oe8t8z3xBSkKZDa5Lpj97PoKCGKijWMFPUUxfjNYX0fsAlhF7CyovBoX
3bbhXjGPgmlcZw==
-----END CERTIFICATE-----