Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          ZAE5SC2eHRT5VF/NLuFmAZDD9gFMoRJ9VXXjIl4UciQ=
Subject key identifier:   F7:6A:8E:68:76:68:EB:08:84:38:69:DF:C0:1B:23:AF:AD:C1:BB:6F
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019E1C4702D44361BDD8E5D62D740AFFAEED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0996
Signing time:             Tue 12 May 2026 13:01:16 +0000
Manifest this update:     Tue 12 May 2026 13:01:16 +0000
Manifest next update:     Wed 13 May 2026 13:01:16 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: faBC7yPm4uBUC9LT5lAy+AknV5ogUCo5CxU5bLdm74s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:02:d4:43:61:bd:d8:e5:d6:2d:74:0a:ff:ae:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: May 12 13:01:16 2026 GMT
            Not After : May 13 13:01:16 2026 GMT
        Subject: CN=f76a8e687668eb08843869dfc01b23afadc1bb6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:93:99:79:c5:4f:23:5c:39:fa:4d:4b:03:35:
                    c8:d1:95:ea:74:d9:9c:06:19:63:82:d4:61:67:fa:
                    c6:de:ef:47:1c:08:e1:2f:3f:b7:21:ad:fd:f1:50:
                    aa:fd:6c:54:e4:a4:1c:26:b2:65:ec:7a:3c:73:cb:
                    a8:59:94:c9:9c:45:bc:90:6a:25:e8:00:b6:c9:82:
                    d2:7d:f6:e7:7d:ae:47:53:15:6b:1a:a3:f0:da:c8:
                    a4:49:7a:a7:95:69:f7:6c:fc:79:6e:29:a0:95:f5:
                    a4:f4:75:56:39:b9:d4:48:18:3e:22:d3:05:81:7f:
                    0d:d5:cc:1e:20:e8:44:4b:b4:25:c3:f2:3b:a8:46:
                    54:73:ca:f9:7f:86:3f:81:04:12:4b:46:93:7c:95:
                    ea:f8:93:9a:25:ae:7e:fd:14:5e:f9:d4:1e:ad:04:
                    85:35:4c:45:b6:c3:72:59:47:f0:62:d5:ec:38:97:
                    34:66:d9:e3:89:11:fa:52:62:99:1d:ee:bb:66:e8:
                    46:a8:e7:a0:05:3a:2c:47:88:d4:50:c4:f1:0a:14:
                    48:88:74:1d:0d:8a:0d:ff:0f:a4:6d:11:c4:32:67:
                    b0:80:8b:cc:f5:10:39:c4:ca:ac:a2:3c:71:e0:16:
                    37:8d:f7:fc:78:ec:a9:d2:4d:25:0a:99:28:8a:f1:
                    fc:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:6A:8E:68:76:68:EB:08:84:38:69:DF:C0:1B:23:AF:AD:C1:BB:6F
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:40:f8:a3:5c:71:38:5c:af:4a:55:1e:d8:1a:b5:67:f4:d3:
         5c:95:28:8f:cc:8c:68:1f:25:ce:17:08:3e:fd:75:d9:68:cb:
         05:c1:cb:e8:de:bc:b7:bc:06:82:04:b1:f8:64:b1:b1:8b:ed:
         60:d3:e6:ba:82:2c:81:83:8a:82:fb:ea:90:ba:86:9d:89:1d:
         92:7a:69:3c:0a:e8:56:69:14:bd:ba:2e:d1:e8:54:e1:76:d9:
         7e:84:6a:fc:09:10:88:f8:39:c5:6a:3b:fe:49:ac:57:00:69:
         b5:54:da:68:1a:b0:48:eb:f7:43:fa:f8:f6:e9:7c:16:d4:23:
         73:8c:48:8b:f9:1c:84:85:b5:d3:70:57:cf:4d:b7:61:c4:4c:
         a5:59:33:2f:22:a5:56:b2:a0:97:9c:7e:00:b1:5c:85:f9:26:
         84:72:ac:8b:c0:b2:c8:30:ad:63:68:e4:9b:64:2e:2c:c8:96:
         b6:fc:4f:cf:a7:01:4a:64:dc:98:a6:31:79:90:7a:d8:29:94:
         84:0d:2f:6b:e7:7e:c1:dc:ea:5d:91:08:26:5b:3a:67:35:aa:
         48:ac:a6:0c:2b:13:08:7e:bc:e3:0c:64:fb:a3:25:57:54:8e:
         76:db:d8:b3:cf:b7:f6:a5:16:9d:c1:75:05:7a:cf:94:76:fd:
         2e:69:1a:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRwLUQ2G92OXWLXQK/67tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjYwNTEyMTMwMTE2WhcNMjYwNTEzMTMwMTE2WjAzMTEwLwYDVQQD
EyhmNzZhOGU2ODc2NjhlYjA4ODQzODY5ZGZjMDFiMjNhZmFkYzFiYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5OZecVPI1w5+k1LAzXI0ZXqdNmc
BhljgtRhZ/rG3u9HHAjhLz+3Ia398VCq/WxU5KQcJrJl7Ho8c8uoWZTJnEW8kGol
6AC2yYLSffbnfa5HUxVrGqPw2sikSXqnlWn3bPx5bimglfWk9HVWObnUSBg+ItMF
gX8N1cweIOhES7Qlw/I7qEZUc8r5f4Y/gQQSS0aTfJXq+JOaJa5+/RRe+dQerQSF
NUxFtsNyWUfwYtXsOJc0ZtnjiRH6UmKZHe67ZuhGqOegBTosR4jUUMTxChRIiHQd
DYoN/w+kbRHEMmewgIvM9RA5xMqsojxx4BY3jff8eOyp0k0lCpkoivH8SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdqjmh2aOsIhDhp38AbI6+twbtvMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAikD4o1xx
OFyvSlUe2Bq1Z/TTXJUoj8yMaB8lzhcIPv112WjLBcHL6N68t7wGggSx+GSxsYvt
YNPmuoIsgYOKgvvqkLqGnYkdknppPAroVmkUvbou0ehU4XbZfoRq/AkQiPg5xWo7
/kmsVwBptVTaaBqwSOv3Q/r49ul8FtQjc4xIi/kchIW103BXz023YcRMpVkzLyKl
VrKgl5x+ALFchfkmhHKsi8CyyDCtY2jkm2QuLMiWtvxPz6cBSmTcmKYxeZB62CmU
hA0va+d+wdzqXZEIJls6ZzWqSKymDCsTCH684wxk+6MlV1SOdtvYs8+39qUWncF1
BXrPlHb9LmkaeQ==
-----END CERTIFICATE-----