Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          FeW8UrKu3QBGb1O3ivdPEejm2zB+9qeiipmb4pD4eWs=
Subject key identifier:   3E:91:94:51:1E:4B:3B:FB:89:C8:FB:58:DA:29:08:25:A8:C7:3D:7E
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019E1EA2CB820CA4E2A3D821ECC90BF58BDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1903
Signing time:             Wed 13 May 2026 00:00:45 +0000
Manifest this update:     Wed 13 May 2026 00:00:45 +0000
Manifest next update:     Thu 14 May 2026 00:00:45 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: PSgtTwM5tE35OErh0v+7hoq/wKC7WdWw3seuaWLRRvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a2:cb:82:0c:a4:e2:a3:d8:21:ec:c9:0b:f5:8b:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: May 13 00:00:45 2026 GMT
            Not After : May 14 00:00:45 2026 GMT
        Subject: CN=3e9194511e4b3bfb89c8fb58da290825a8c73d7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:35:4f:24:82:07:f4:76:7e:33:a0:f0:41:03:
                    24:eb:9b:3c:b9:0b:24:3c:e4:06:cc:0a:a2:1f:01:
                    f1:99:d2:7b:2f:43:f3:02:89:3f:2f:d4:4f:69:e2:
                    75:08:dc:a2:2e:f5:97:77:d2:f7:06:c9:23:30:4e:
                    c8:08:b4:d9:8d:6d:7a:6f:90:43:d4:90:b4:f5:47:
                    22:61:b6:65:19:4c:e5:cf:3e:be:5c:58:6b:4f:cb:
                    e1:74:e2:b7:8c:00:8a:d2:f7:81:c6:06:a1:d7:e0:
                    e7:64:4f:8f:89:58:2d:8f:07:4a:80:e1:75:50:4b:
                    1d:ed:4a:a9:a4:2a:95:d7:e2:60:25:e3:e0:16:22:
                    18:3c:c6:55:10:f6:46:ff:eb:ba:51:91:55:15:c7:
                    ed:e9:26:75:a9:c8:01:e1:1e:c4:92:ac:ab:52:71:
                    eb:35:f3:14:0f:a1:88:2a:86:9f:23:0f:ad:c5:69:
                    3b:ae:12:80:91:23:fa:9e:cf:6b:a4:ef:1b:c9:28:
                    e4:d1:83:a3:af:b6:8c:99:49:2c:ec:10:74:68:19:
                    9c:6c:56:3f:f7:72:df:d2:49:63:6f:f4:e4:5c:ba:
                    40:e0:cd:a8:15:8e:60:b3:d9:2c:50:92:7d:f4:13:
                    b5:89:d6:66:10:65:98:ff:2f:88:b6:b3:cb:aa:63:
                    b4:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:91:94:51:1E:4B:3B:FB:89:C8:FB:58:DA:29:08:25:A8:C7:3D:7E
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:8a:9a:59:08:07:36:fe:ae:8b:80:bb:9b:47:14:3e:85:6b:
         8b:49:2e:c7:fa:31:0f:20:24:0b:ca:01:d4:70:ba:06:a7:4b:
         60:54:33:06:01:6b:dc:e0:4b:17:21:52:c4:7a:58:bf:1e:55:
         21:5a:96:96:59:b3:a5:95:16:f6:d1:79:08:d1:f4:15:12:d7:
         66:36:ee:cd:27:f8:04:7e:c1:ca:63:bb:12:91:38:89:0f:b1:
         61:3d:c0:de:65:60:17:08:3c:40:56:34:b7:00:bf:60:36:d5:
         45:db:1f:af:74:6a:7b:64:12:78:de:f2:9a:76:1d:07:e4:dc:
         d5:c4:cf:2e:e7:84:58:a4:0e:72:2d:e2:b7:bb:d2:fd:c4:02:
         1e:77:e3:c2:01:f2:10:04:86:87:e2:f1:0b:b2:0a:6a:b2:fe:
         bd:5d:74:95:6a:04:b3:cd:9b:ae:af:1a:fd:ce:cd:d6:2a:62:
         39:e6:71:f2:a8:62:87:67:2a:09:ed:e7:cc:da:52:b9:37:92:
         60:85:da:08:b4:4a:ee:ae:ba:2e:a1:60:94:6e:d1:bc:43:9b:
         87:92:f9:9a:db:a1:9d:17:2f:5b:cf:28:7a:1b:8c:c7:7d:1a:
         52:d8:f1:a3:6f:43:c7:d4:94:62:86:b8:8d:bc:0f:08:42:45:
         c2:37:e8:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eosuCDKTio9gh7MkL9YveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjYwNTEzMDAwMDQ1WhcNMjYwNTE0MDAwMDQ1WjAzMTEwLwYDVQQD
EygzZTkxOTQ1MTFlNGIzYmZiODljOGZiNThkYTI5MDgyNWE4YzczZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTVPJIIH9HZ+M6DwQQMk65s8uQsk
POQGzAqiHwHxmdJ7L0PzAok/L9RPaeJ1CNyiLvWXd9L3BskjME7ICLTZjW16b5BD
1JC09UciYbZlGUzlzz6+XFhrT8vhdOK3jACK0veBxgah1+DnZE+PiVgtjwdKgOF1
UEsd7UqppCqV1+JgJePgFiIYPMZVEPZG/+u6UZFVFcft6SZ1qcgB4R7EkqyrUnHr
NfMUD6GIKoafIw+txWk7rhKAkSP6ns9rpO8bySjk0YOjr7aMmUks7BB0aBmcbFY/
93Lf0kljb/TkXLpA4M2oFY5gs9ksUJJ99BO1idZmEGWY/y+ItrPLqmO0WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6RlFEeSzv7icj7WNopCCWoxz1+MB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkoqaWQgH
Nv6ui4C7m0cUPoVri0kux/oxDyAkC8oB1HC6BqdLYFQzBgFr3OBLFyFSxHpYvx5V
IVqWllmzpZUW9tF5CNH0FRLXZjbuzSf4BH7BymO7EpE4iQ+xYT3A3mVgFwg8QFY0
twC/YDbVRdsfr3Rqe2QSeN7ymnYdB+Tc1cTPLueEWKQOci3it7vS/cQCHnfjwgHy
EASGh+LxC7IKarL+vV10lWoEs82brq8a/c7N1ipiOeZx8qhih2cqCe3nzNpSuTeS
YIXaCLRK7q66LqFglG7RvEObh5L5mtuhnRcvW88oehuMx30aUtjxo29Dx9SUYoa4
jbwPCEJFwjfoKg==
-----END CERTIFICATE-----