Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          MHoKWFKIJwRajwo+kG6c8RjOr0oAh0Z12OPVJB1+uwc=
Subject key identifier:   73:BB:37:4C:CD:15:DE:0E:C1:2B:ED:6E:A9:2F:05:7A:18:38:AA:04
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       019D27A8AA809B363A3205D30E66DF84CE85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 01:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:58 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: xRivFd7VY7XZUHtB4/zoYPIOVJlomdTgaCxGlboUH2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:aa:80:9b:36:3a:32:05:d3:0e:66:df:84:ce:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Mar 26 01:00:58 2026 GMT
            Not After : Mar 27 01:00:58 2026 GMT
        Subject: CN=73bb374ccd15de0ec12bed6ea92f057a1838aa04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:04:ed:73:20:17:1f:32:e6:54:02:9d:85:c3:
                    67:e5:18:b4:25:ef:da:37:0d:14:95:5b:22:60:f1:
                    ea:90:ad:6d:85:e4:cc:47:a3:79:e9:23:78:5d:4c:
                    e6:35:10:a7:92:6c:d3:48:e7:a0:fe:67:10:ca:94:
                    ff:59:9e:a3:74:9c:c3:7b:a8:74:b7:a8:bc:83:ad:
                    dc:6b:db:de:52:ba:05:b2:80:60:36:68:2f:06:3a:
                    58:9b:26:16:18:da:f0:47:fa:f0:64:8f:27:f6:95:
                    7e:32:25:16:68:a5:87:47:cd:2b:0a:b7:9c:67:81:
                    f1:68:ef:1d:35:7b:e7:7b:7b:82:9a:e5:14:60:d4:
                    fb:d6:9b:f6:4c:a3:a0:2f:e6:2b:77:c1:06:b8:f3:
                    4e:2b:3a:5e:48:c5:e1:46:21:d3:69:9c:23:03:6c:
                    24:90:f3:e5:7c:17:c2:32:86:54:9a:0d:67:81:45:
                    81:5a:c8:03:70:90:bc:5c:c5:60:1f:d9:67:76:22:
                    2b:7f:fb:bd:e9:1b:95:39:bc:5d:39:8e:9c:99:3f:
                    c5:82:fc:4f:e9:7e:2b:3b:8a:5f:f8:e2:92:c4:de:
                    24:87:f4:02:e5:51:0e:a4:70:a5:b2:d0:0c:07:38:
                    94:34:c8:2e:16:34:25:2d:47:26:93:5a:65:ff:e7:
                    6a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:BB:37:4C:CD:15:DE:0E:C1:2B:ED:6E:A9:2F:05:7A:18:38:AA:04
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:07:cc:3a:d8:67:01:18:2e:0c:cc:2c:b6:b3:28:c7:7a:82:
         1c:64:76:e1:ac:e1:3e:a2:fb:75:45:4f:3a:b3:2b:a3:d0:f1:
         61:0c:e8:d8:82:b3:6a:e4:51:56:a6:7f:fa:99:db:cf:d5:46:
         78:7e:94:c1:6f:e5:6b:69:4c:13:70:41:05:0f:16:19:e6:c4:
         0b:9d:d5:85:f4:16:fd:7b:f0:e5:b3:54:ae:bc:c1:4e:04:8f:
         98:45:22:78:30:98:00:36:86:a6:41:e4:dd:f7:6d:a9:c2:c1:
         f6:32:73:60:35:4e:74:c5:30:af:4f:ac:07:9e:9a:a7:ee:b8:
         12:c8:a2:4b:40:d3:31:7b:6b:78:16:77:b3:be:43:61:72:aa:
         ee:f0:f5:2a:b2:30:b4:79:70:4f:2b:eb:87:33:96:5f:f6:e5:
         dc:26:d7:9c:6c:be:c6:c2:4e:9c:63:67:79:26:4b:69:a6:97:
         53:d5:3e:1c:06:9a:e1:e9:7e:f7:67:39:0e:d5:4c:d7:cc:5b:
         cd:95:4a:22:c1:58:77:2b:a1:f4:7a:f6:19:75:29:1c:bf:e0:
         9d:df:2c:8c:cf:47:e7:32:8b:4d:73:af:6a:a0:da:f2:bf:ae:
         61:03:94:53:c0:2a:4a:98:23:45:6a:a2:28:9a:f1:fe:5b:03:
         08:a2:f5:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqKqAmzY6MgXTDmbfhM6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjYwMzI2MDEwMDU4WhcNMjYwMzI3MDEwMDU4WjAzMTEwLwYDVQQD
Eyg3M2JiMzc0Y2NkMTVkZTBlYzEyYmVkNmVhOTJmMDU3YTE4MzhhYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQTtcyAXHzLmVAKdhcNn5Ri0Je/a
Nw0UlVsiYPHqkK1theTMR6N56SN4XUzmNRCnkmzTSOeg/mcQypT/WZ6jdJzDe6h0
t6i8g63ca9veUroFsoBgNmgvBjpYmyYWGNrwR/rwZI8n9pV+MiUWaKWHR80rCrec
Z4HxaO8dNXvne3uCmuUUYNT71pv2TKOgL+Yrd8EGuPNOKzpeSMXhRiHTaZwjA2wk
kPPlfBfCMoZUmg1ngUWBWsgDcJC8XMVgH9lndiIrf/u96RuVObxdOY6cmT/FgvxP
6X4rO4pf+OKSxN4kh/QC5VEOpHClstAMBziUNMguFjQlLUcmk1pl/+dqKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO7N0zNFd4OwSvtbqkvBXoYOKoEMB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaAfMOthn
ARguDMwstrMox3qCHGR24azhPqL7dUVPOrMro9DxYQzo2IKzauRRVqZ/+pnbz9VG
eH6UwW/la2lME3BBBQ8WGebEC53VhfQW/Xvw5bNUrrzBTgSPmEUieDCYADaGpkHk
3fdtqcLB9jJzYDVOdMUwr0+sB56ap+64EsiiS0DTMXtreBZ3s75DYXKq7vD1KrIw
tHlwTyvrhzOWX/bl3CbXnGy+xsJOnGNneSZLaaaXU9U+HAaa4el+92c5DtVM18xb
zZVKIsFYdyuh9Hr2GXUpHL/gnd8sjM9H5zKLTXOvaqDa8r+uYQOUU8AqSpgjRWqi
KJrx/lsDCKL1zA==
-----END CERTIFICATE-----