Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          Jq2Z7gAqP1lVQRmH+mj2Ta5Tp8nkxaT4SGmXxNaEG68=
Subject key identifier:   58:AD:91:5F:7C:A0:B9:70:3D:31:E3:FB:80:97:B2:C3:E8:88:D1:B7
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       019E1CEBC73983895BB338634A45D1A11B93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1902
Signing time:             Tue 12 May 2026 16:01:14 +0000
Manifest this update:     Tue 12 May 2026 16:01:14 +0000
Manifest next update:     Wed 13 May 2026 16:01:14 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: /MW0tEEKFO220BmKFuxac147DF4aAqOPfq6/9cSxYF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:eb:c7:39:83:89:5b:b3:38:63:4a:45:d1:a1:1b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: May 12 16:01:14 2026 GMT
            Not After : May 13 16:01:14 2026 GMT
        Subject: CN=58ad915f7ca0b9703d31e3fb8097b2c3e888d1b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:35:3f:03:18:fc:71:1b:7c:ad:49:2d:22:4a:
                    c8:88:1b:a4:d1:28:8d:87:7c:81:8c:f3:32:8d:ef:
                    78:83:5b:ed:f1:e0:0a:bd:da:13:7e:c0:a5:a9:7e:
                    d1:dc:10:a3:5e:0a:4b:5f:00:ae:87:78:da:5b:ef:
                    ee:f0:04:8b:68:06:3b:98:9e:2b:f3:37:b0:ab:36:
                    d8:f2:7c:d0:1d:7c:90:9a:16:fa:54:8e:c1:8c:25:
                    9c:82:3a:46:25:8f:8f:7a:ad:46:b6:2b:db:b9:a4:
                    0b:7c:d7:1c:d1:fa:9b:04:3f:8f:3c:c4:8a:20:42:
                    f6:d1:91:4d:1d:a6:6e:a3:3d:f2:bf:dd:f5:bb:5b:
                    5b:26:05:1a:78:b6:23:95:67:e3:19:8e:58:cc:18:
                    a2:66:f4:40:bf:5f:6e:cc:44:d6:b6:06:72:21:36:
                    98:fa:58:1c:07:b1:7e:06:93:a3:f9:a0:fe:bc:f2:
                    00:9a:f9:6c:70:bd:3e:c1:16:00:2b:f3:2c:f3:d1:
                    7d:94:be:62:33:e2:ba:36:f9:82:e4:b2:db:bf:54:
                    3e:80:cf:51:6a:bf:36:e3:d9:13:3e:f5:d6:78:d9:
                    5b:eb:09:82:fc:86:44:75:a7:d8:5a:0b:ba:16:32:
                    f5:d8:1c:6c:bc:d2:ad:b5:ab:4f:89:e0:bf:17:42:
                    af:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:AD:91:5F:7C:A0:B9:70:3D:31:E3:FB:80:97:B2:C3:E8:88:D1:B7
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d8:a4:ac:4b:84:54:48:a6:9f:4b:4c:37:15:a4:d9:bf:f5:
         8a:07:f0:27:69:71:16:01:e6:c4:28:b4:12:f0:e5:25:89:35:
         cf:d4:1b:40:4c:f3:fc:f3:5e:57:fb:7f:19:20:46:34:25:91:
         a7:15:17:00:c0:51:4c:88:95:38:94:e8:7e:a9:0c:c1:69:1f:
         fe:95:dd:8c:e7:54:a1:31:ea:36:5c:c5:54:15:45:76:c1:4e:
         c5:0d:cb:05:fc:dc:d3:60:60:bd:a5:d1:fe:32:7e:6d:af:79:
         a5:1c:16:f3:1a:e5:88:66:7c:70:50:49:85:f7:ab:60:d0:c1:
         9e:40:b9:76:77:e8:7c:ba:72:3f:30:80:b3:41:28:85:15:d1:
         3f:3e:ac:45:40:df:7b:67:d7:c0:8e:d3:23:60:a9:35:26:eb:
         04:ca:da:a1:77:3e:58:5e:21:b0:cd:22:4f:d4:e6:72:31:1e:
         2b:14:d6:9f:4d:8b:ba:9c:c1:a8:19:59:6b:e6:3d:55:7c:d9:
         10:d7:66:66:92:27:3c:f5:1b:84:1c:d5:59:fd:70:1e:33:e5:
         f5:49:25:57:00:85:39:f6:1b:5c:11:1a:cc:b5:f0:92:b4:a8:
         a9:98:51:aa:2f:d3:82:86:2c:88:06:d0:28:d2:12:c7:d8:b9:
         7b:88:ab:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c68c5g4lbszhjSkXRoRuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjYwNTEyMTYwMTE0WhcNMjYwNTEzMTYwMTE0WjAzMTEwLwYDVQQD
Eyg1OGFkOTE1ZjdjYTBiOTcwM2QzMWUzZmI4MDk3YjJjM2U4ODhkMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DU/Axj8cRt8rUktIkrIiBuk0SiN
h3yBjPMyje94g1vt8eAKvdoTfsClqX7R3BCjXgpLXwCuh3jaW+/u8ASLaAY7mJ4r
8zewqzbY8nzQHXyQmhb6VI7BjCWcgjpGJY+Peq1GtivbuaQLfNcc0fqbBD+PPMSK
IEL20ZFNHaZuoz3yv931u1tbJgUaeLYjlWfjGY5YzBiiZvRAv19uzETWtgZyITaY
+lgcB7F+BpOj+aD+vPIAmvlscL0+wRYAK/Ms89F9lL5iM+K6NvmC5LLbv1Q+gM9R
ar8249kTPvXWeNlb6wmC/IZEdafYWgu6FjL12BxsvNKttatPieC/F0KvYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFitkV98oLlwPTHj+4CXssPoiNG3MB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNikrEuE
VEimn0tMNxWk2b/1igfwJ2lxFgHmxCi0EvDlJYk1z9QbQEzz/PNeV/t/GSBGNCWR
pxUXAMBRTIiVOJTofqkMwWkf/pXdjOdUoTHqNlzFVBVFdsFOxQ3LBfzc02BgvaXR
/jJ+ba95pRwW8xrliGZ8cFBJhferYNDBnkC5dnfofLpyPzCAs0EohRXRPz6sRUDf
e2fXwI7TI2CpNSbrBMraoXc+WF4hsM0iT9TmcjEeKxTWn02LupzBqBlZa+Y9VXzZ
ENdmZpInPPUbhBzVWf1wHjPl9UklVwCFOfYbXBEazLXwkrSoqZhRqi/TgoYsiAbQ
KNISx9i5e4irPg==
-----END CERTIFICATE-----