Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          hS8Ids9rsGwXAfw7Ig7izLAw8TTcDmT8aQGQrBskx9c=
Subject key identifier:   BF:D2:69:BB:5B:E9:C8:34:61:B0:68:3C:FC:E7:08:84:45:57:6B:E3
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019EC0365EAB5CE598BB71254996100BA2FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          14E9
Signing time:             Sat 13 Jun 2026 09:00:49 +0000
Manifest this update:     Sat 13 Jun 2026 09:00:49 +0000
Manifest next update:     Sun 14 Jun 2026 09:00:49 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: 4hBaNYZvOiil1vYTE1lCS/myUST49omOFKHH8clK4a8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:36:5e:ab:5c:e5:98:bb:71:25:49:96:10:0b:a2:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Jun 13 09:00:49 2026 GMT
            Not After : Jun 14 09:00:49 2026 GMT
        Subject: CN=bfd269bb5be9c83461b0683cfce7088445576be3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:57:12:51:8f:be:3c:31:f7:70:1d:b8:22:2b:
                    fe:9b:1c:5d:14:fe:a3:ab:ca:c3:c6:6b:82:aa:83:
                    91:a6:79:4c:d3:e9:20:55:ab:14:64:8d:25:ac:d1:
                    4c:60:ce:ef:ca:b6:81:7d:13:cf:94:0a:d4:50:88:
                    3b:51:df:ee:ba:7f:0f:a3:bd:73:a9:d9:ba:a1:d7:
                    6a:6a:2c:b5:70:84:23:81:f1:02:e9:31:30:b4:d1:
                    7e:82:4b:e0:19:35:e3:dc:bc:2a:f8:6c:c6:2b:67:
                    19:dd:6c:a0:ea:8a:59:ad:b8:08:b2:85:37:33:52:
                    53:23:3b:0b:80:53:dc:4b:dd:8d:39:50:dc:01:98:
                    29:00:9a:58:d7:47:9a:59:ff:61:b6:f7:69:07:9f:
                    9c:ab:c8:3b:9e:e7:2c:20:24:02:9e:c9:71:61:47:
                    3c:95:1a:20:fd:25:63:ad:72:b9:cd:3c:35:c9:68:
                    19:27:44:13:88:0c:61:97:b9:bd:51:83:c3:4d:6b:
                    06:c5:ca:4e:b1:0c:83:c1:5f:cb:cb:1e:2b:aa:9e:
                    37:5a:ee:cc:c3:55:9b:32:2c:7e:b6:d7:df:e4:39:
                    e7:eb:a9:ca:b7:6a:44:12:56:59:cb:99:46:87:43:
                    84:80:d1:85:40:84:02:60:47:1d:33:07:58:da:0b:
                    d7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D2:69:BB:5B:E9:C8:34:61:B0:68:3C:FC:E7:08:84:45:57:6B:E3
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:44:d9:b7:5d:13:43:d8:5f:47:bb:62:85:d5:13:f2:8f:78:
         27:65:49:85:7d:33:91:7f:c5:56:ac:3b:98:a2:f6:24:ff:e5:
         0c:12:f6:f9:22:95:45:2c:cf:62:5d:7b:31:b8:dc:0a:cf:77:
         3c:f0:82:e9:97:70:6c:8c:a5:e9:91:3e:b2:dd:08:e6:db:a1:
         49:d2:65:d6:75:ec:f5:20:37:0c:b2:23:67:a0:53:a5:05:e6:
         7b:85:46:72:b3:c9:f4:39:7b:9e:fb:6e:49:a3:1c:5e:9d:72:
         46:63:97:91:fd:19:29:3c:98:2b:ef:af:ee:8b:44:de:ef:98:
         6e:f2:8e:76:34:9d:c5:ad:ba:7b:2c:e9:98:18:ee:95:70:4f:
         e0:fc:b8:b6:6a:63:c2:a0:d1:51:a0:87:cd:3f:60:b1:18:b9:
         63:d3:ac:21:60:a4:c2:b7:ea:b5:b3:23:e6:2b:5d:9b:9f:92:
         01:0b:16:07:67:3d:1d:f3:2b:a7:b8:84:e5:95:ff:27:34:b5:
         6c:34:40:3b:10:a1:77:b2:fb:a5:8d:bb:86:cc:11:19:c7:d9:
         8e:2d:d5:a5:b1:55:3c:fb:43:fc:77:3f:51:22:37:26:a4:48:
         f0:42:91:b4:c1:2d:25:0d:37:1f:03:d9:c1:3a:c1:6f:46:e2:
         46:bf:2e:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7ANl6rXOWYu3ElSZYQC6L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwNjEzMDkwMDQ5WhcNMjYwNjE0MDkwMDQ5WjAzMTEwLwYDVQQD
EyhiZmQyNjliYjViZTljODM0NjFiMDY4M2NmY2U3MDg4NDQ1NTc2YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFcSUY++PDH3cB24Iiv+mxxdFP6j
q8rDxmuCqoORpnlM0+kgVasUZI0lrNFMYM7vyraBfRPPlArUUIg7Ud/uun8Po71z
qdm6oddqaiy1cIQjgfEC6TEwtNF+gkvgGTXj3Lwq+GzGK2cZ3Wyg6opZrbgIsoU3
M1JTIzsLgFPcS92NOVDcAZgpAJpY10eaWf9htvdpB5+cq8g7nucsICQCnslxYUc8
lRog/SVjrXK5zTw1yWgZJ0QTiAxhl7m9UYPDTWsGxcpOsQyDwV/Lyx4rqp43Wu7M
w1WbMix+ttff5Dnn66nKt2pEElZZy5lGh0OEgNGFQIQCYEcdMwdY2gvXFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/Sabtb6cg0YbBoPPznCIRFV2vjMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFETZt10T
Q9hfR7tihdUT8o94J2VJhX0zkX/FVqw7mKL2JP/lDBL2+SKVRSzPYl17MbjcCs93
PPCC6ZdwbIyl6ZE+st0I5tuhSdJl1nXs9SA3DLIjZ6BTpQXme4VGcrPJ9Dl7nvtu
SaMcXp1yRmOXkf0ZKTyYK++v7otE3u+YbvKOdjSdxa26eyzpmBjulXBP4Py4tmpj
wqDRUaCHzT9gsRi5Y9OsIWCkwrfqtbMj5itdm5+SAQsWB2c9HfMrp7iE5ZX/JzS1
bDRAOxChd7L7pY27hswRGcfZji3VpbFVPPtD/Hc/USI3JqRI8EKRtMEtJQ03HwPZ
wTrBb0biRr8u4g==
-----END CERTIFICATE-----