Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          0iP0kt+QBrOvYtzw3Zs83HqFRqwSaei1MoeqBI7lwfc=
Subject key identifier:   82:4D:1D:29:04:9C:8E:B3:F2:D7:56:C9:4A:45:74:C1:F6:97:A4:1E
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019EC25C9F5F3E8F8FC4D009A1E327D8E3BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          18E9
Signing time:             Sat 13 Jun 2026 19:01:50 +0000
Manifest this update:     Sat 13 Jun 2026 19:01:50 +0000
Manifest next update:     Sun 14 Jun 2026 19:01:50 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: syYLMaUt+aoEcuU8+Hgns8jxwhRbFYOqxKkBx/EHUvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:5c:9f:5f:3e:8f:8f:c4:d0:09:a1:e3:27:d8:e3:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Jun 13 19:01:50 2026 GMT
            Not After : Jun 14 19:01:50 2026 GMT
        Subject: CN=824d1d29049c8eb3f2d756c94a4574c1f697a41e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c1:6a:36:80:af:90:ff:d4:73:4b:ac:df:aa:
                    24:ad:68:60:e2:42:4b:6d:55:b0:f0:46:8f:c1:3f:
                    99:96:16:96:ba:e1:73:3c:41:c2:bb:8b:5a:3c:9f:
                    86:d7:b6:fb:fc:4f:57:3b:42:88:b6:0d:6f:cf:45:
                    1f:88:e6:6e:2d:93:cb:c6:35:ac:21:cb:0b:64:3b:
                    25:0a:5d:f1:e0:c8:15:c9:e5:37:c8:7d:08:c8:e4:
                    00:c2:3c:cb:f0:63:32:32:04:33:dd:1b:fc:16:4a:
                    23:9b:9b:c5:ac:27:cf:d3:a6:2f:67:5c:ac:ed:21:
                    3d:25:6a:8b:ba:c0:d1:de:73:ce:b4:c6:ca:48:15:
                    cc:82:28:88:b4:4f:71:ed:e5:19:e8:9d:8d:3c:23:
                    16:35:0a:cf:91:11:a3:6c:f5:35:e2:2d:f0:93:9a:
                    b5:0b:d6:db:65:de:d3:bc:ea:3e:4e:ff:bd:5f:61:
                    6d:40:a6:7b:d4:b7:e9:1d:f2:9b:c8:50:a7:70:76:
                    6c:86:ac:37:a0:5e:fd:db:01:2a:6b:b0:0b:e7:cc:
                    67:c7:70:07:21:58:76:be:e5:b8:6d:9f:53:0b:82:
                    bd:c5:4c:35:ce:d6:3d:f7:a1:f6:f7:80:83:2c:59:
                    57:b3:81:9f:8c:a7:6b:3b:5f:df:e3:08:88:07:8d:
                    16:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:4D:1D:29:04:9C:8E:B3:F2:D7:56:C9:4A:45:74:C1:F6:97:A4:1E
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:11:6d:fc:08:a7:5a:d5:3f:3f:aa:3e:b1:35:6f:98:e5:3b:
         19:d1:2c:01:94:21:cf:da:5d:4e:a0:e5:0f:e7:35:39:e4:ee:
         74:c2:de:9e:25:b7:cc:48:f3:f8:8e:53:0b:d3:98:36:6a:26:
         01:d2:59:b5:81:38:6b:56:3b:18:de:d1:45:7a:4f:e3:15:bc:
         77:64:65:19:7f:f8:58:43:bd:4c:47:f4:ee:6d:17:6f:65:ee:
         49:de:09:18:c9:17:e5:b1:71:c3:81:de:2c:b6:e3:e8:51:4a:
         c0:b6:fd:bf:17:a8:c5:1c:2f:d6:f4:10:32:42:1f:32:f5:0f:
         e2:99:d6:fa:7b:6a:60:df:a5:2d:c4:0d:f2:55:7c:36:a1:0a:
         49:d9:e1:71:b2:41:00:08:b7:29:1a:29:40:61:5c:20:3c:35:
         a9:27:36:9f:e5:ac:2f:ca:63:b2:65:2e:85:73:52:d2:4d:8e:
         bb:4e:16:b5:12:29:c7:15:26:ce:89:9e:72:8f:8d:39:c7:ac:
         95:73:54:7b:5d:fa:82:e7:19:2e:b1:31:64:0e:cc:14:dd:8d:
         af:86:4a:91:6a:7a:29:7d:92:76:cd:c1:b9:c5:f7:a1:97:68:
         10:49:f1:cd:6d:62:d2:ce:3d:6c:a3:43:08:66:5f:fc:de:d2:
         bf:99:9b:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CXJ9fPo+PxNAJoeMn2OO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjYwNjEzMTkwMTUwWhcNMjYwNjE0MTkwMTUwWjAzMTEwLwYDVQQD
Eyg4MjRkMWQyOTA0OWM4ZWIzZjJkNzU2Yzk0YTQ1NzRjMWY2OTdhNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MFqNoCvkP/Uc0us36okrWhg4kJL
bVWw8EaPwT+ZlhaWuuFzPEHCu4taPJ+G17b7/E9XO0KItg1vz0UfiOZuLZPLxjWs
IcsLZDslCl3x4MgVyeU3yH0IyOQAwjzL8GMyMgQz3Rv8Fkojm5vFrCfP06YvZ1ys
7SE9JWqLusDR3nPOtMbKSBXMgiiItE9x7eUZ6J2NPCMWNQrPkRGjbPU14i3wk5q1
C9bbZd7TvOo+Tv+9X2FtQKZ71LfpHfKbyFCncHZshqw3oF792wEqa7AL58xnx3AH
IVh2vuW4bZ9TC4K9xUw1ztY996H294CDLFlXs4GfjKdrO1/f4wiIB40W1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJNHSkEnI6z8tdWyUpFdMH2l6QeMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPxFt/Ain
WtU/P6o+sTVvmOU7GdEsAZQhz9pdTqDlD+c1OeTudMLeniW3zEjz+I5TC9OYNmom
AdJZtYE4a1Y7GN7RRXpP4xW8d2RlGX/4WEO9TEf07m0Xb2XuSd4JGMkX5bFxw4He
LLbj6FFKwLb9vxeoxRwv1vQQMkIfMvUP4pnW+ntqYN+lLcQN8lV8NqEKSdnhcbJB
AAi3KRopQGFcIDw1qSc2n+WsL8pjsmUuhXNS0k2Ou04WtRIpxxUmzomeco+NOces
lXNUe136gucZLrExZA7MFN2Nr4ZKkWp6KX2Sds3BucX3oZdoEEnxzW1i0s49bKND
CGZf/N7Sv5mbOg==
-----END CERTIFICATE-----