Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          l+z71z3CrjVgXARW2471m69sqpzHX8AtOe6KTFl2ZuY=
Subject key identifier:   AF:70:F5:52:62:EF:66:5B:59:C0:C7:70:93:86:D6:C0:DF:F7:4B:87
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019EBE7EF9FEAEBB1767E38AFA5E0F9137D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          13C8
Signing time:             Sat 13 Jun 2026 01:00:53 +0000
Manifest this update:     Sat 13 Jun 2026 01:00:53 +0000
Manifest next update:     Sun 14 Jun 2026 01:00:53 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: 6689pffdxX1FjjCl0Le4ohEy0NG9t8PPSETEWofSKR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7e:f9:fe:ae:bb:17:67:e3:8a:fa:5e:0f:91:37:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Jun 13 01:00:53 2026 GMT
            Not After : Jun 14 01:00:53 2026 GMT
        Subject: CN=af70f55262ef665b59c0c7709386d6c0dff74b87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ed:09:81:5b:b1:63:cf:16:53:9a:6f:2e:42:
                    e3:a2:21:73:7c:00:85:7f:3f:50:10:bc:0c:60:18:
                    31:59:04:fb:44:91:1d:65:d0:27:77:5b:67:de:0c:
                    d0:e4:bc:8f:47:98:10:9e:53:e9:8d:69:b1:bd:37:
                    ab:c9:e2:e7:86:20:db:a9:35:b3:20:45:19:76:d2:
                    13:80:85:95:82:7a:8e:e2:2f:0d:4a:48:63:9e:e8:
                    d8:73:1d:48:e3:01:59:95:ec:8c:ea:a7:a1:13:7c:
                    bc:ac:e0:90:4d:bd:42:02:9e:0c:cf:c4:0f:ce:82:
                    80:9a:2d:d6:fd:76:60:e0:f4:e9:89:0c:5f:e5:ee:
                    6c:fd:e5:f1:34:24:18:41:d7:4a:43:7e:bf:be:1b:
                    45:a3:42:a3:5b:66:8c:05:14:9f:43:c1:af:c1:2b:
                    13:40:5f:8a:e5:8f:41:06:00:96:e1:ab:9f:c5:40:
                    cf:64:9b:42:6b:6f:27:58:41:77:12:8f:a5:c7:c6:
                    c6:00:af:46:4a:f6:e3:bf:17:f7:4a:84:33:7c:1c:
                    de:22:f3:b7:f1:72:95:f0:7f:56:24:46:03:97:9f:
                    5d:2b:48:85:e5:55:0e:79:a9:7b:f7:18:60:cb:00:
                    6a:b4:53:21:80:ea:74:18:cf:c8:dc:24:95:14:8c:
                    5f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:70:F5:52:62:EF:66:5B:59:C0:C7:70:93:86:D6:C0:DF:F7:4B:87
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:6a:7e:c9:9d:5a:13:36:01:57:e9:2a:37:44:dd:c1:f8:58:
         97:23:f8:0f:99:be:33:64:5c:a4:72:2d:ff:84:1b:4f:9b:9e:
         8f:c9:0e:9a:7d:c8:db:80:d8:b1:05:01:88:4d:7a:cd:e1:4f:
         3b:c3:10:d3:72:3e:07:14:a4:08:23:61:0b:e7:e8:5a:25:e0:
         7f:0e:f6:ae:09:9b:9f:c9:37:f2:c4:27:83:ae:fb:5c:23:2b:
         3f:20:88:b5:e2:43:06:80:fb:a9:a9:39:45:45:ee:21:62:75:
         a7:90:f1:bc:39:1c:e5:24:a4:17:81:d0:42:c9:9b:cb:0c:7e:
         c2:19:b7:83:f0:b4:f7:52:ec:2e:0b:1f:ad:d9:1a:c3:4e:4c:
         93:e4:a7:ec:93:74:fc:d1:54:68:b1:4c:6e:05:21:2d:31:11:
         fd:a4:ba:6d:bc:80:ca:7f:8c:dd:64:05:96:6a:10:7f:59:4f:
         0c:a7:b8:f6:6f:55:6c:f9:22:4c:04:4b:ab:84:27:1b:f8:bc:
         aa:9e:4b:21:3c:25:30:82:64:30:1c:12:52:e2:ea:7f:5f:e1:
         7f:ab:c8:9a:ce:a5:e8:3f:31:22:0f:20:47:50:2b:42:30:07:
         91:b8:86:e8:9b:eb:ca:12:06:2e:dd:47:7d:5e:5f:e2:8e:33:
         00:35:24:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+fvn+rrsXZ+OK+l4PkTfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwNjEzMDEwMDUzWhcNMjYwNjE0MDEwMDUzWjAzMTEwLwYDVQQD
EyhhZjcwZjU1MjYyZWY2NjViNTljMGM3NzA5Mzg2ZDZjMGRmZjc0Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1e0JgVuxY88WU5pvLkLjoiFzfACF
fz9QELwMYBgxWQT7RJEdZdAnd1tn3gzQ5LyPR5gQnlPpjWmxvTeryeLnhiDbqTWz
IEUZdtITgIWVgnqO4i8NSkhjnujYcx1I4wFZleyM6qehE3y8rOCQTb1CAp4Mz8QP
zoKAmi3W/XZg4PTpiQxf5e5s/eXxNCQYQddKQ36/vhtFo0KjW2aMBRSfQ8GvwSsT
QF+K5Y9BBgCW4aufxUDPZJtCa28nWEF3Eo+lx8bGAK9GSvbjvxf3SoQzfBzeIvO3
8XKV8H9WJEYDl59dK0iF5VUOeal79xhgywBqtFMhgOp0GM/I3CSVFIxfMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9w9VJi72ZbWcDHcJOG1sDf90uHMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwmp+yZ1a
EzYBV+kqN0TdwfhYlyP4D5m+M2RcpHIt/4QbT5uej8kOmn3I24DYsQUBiE16zeFP
O8MQ03I+BxSkCCNhC+foWiXgfw72rgmbn8k38sQng677XCMrPyCIteJDBoD7qak5
RUXuIWJ1p5DxvDkc5SSkF4HQQsmbywx+whm3g/C091LsLgsfrdkaw05Mk+Sn7JN0
/NFUaLFMbgUhLTER/aS6bbyAyn+M3WQFlmoQf1lPDKe49m9VbPkiTARLq4QnG/i8
qp5LITwlMIJkMBwSUuLqf1/hf6vIms6l6D8xIg8gR1ArQjAHkbiG6JvryhIGLt1H
fV5f4o4zADUk+w==
-----END CERTIFICATE-----