Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          D9HtxwxP6I7YUK8UjQ7jspnqE4AODvCdzON2OLorDa8=
Subject key identifier:   14:ED:E1:76:77:C6:6E:6E:D3:2C:85:59:8E:47:8B:DF:29:D3:33:C4
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       019E1D905A196B70181226FBBA384B7089D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          088A
Signing time:             Tue 12 May 2026 19:00:59 +0000
Manifest this update:     Tue 12 May 2026 19:00:59 +0000
Manifest next update:     Wed 13 May 2026 19:00:59 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: HOdDgLSN+aYlkyShAbuDaHf0MiU7cr/pPhde6gPy4cU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:90:5a:19:6b:70:18:12:26:fb:ba:38:4b:70:89:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: May 12 19:00:59 2026 GMT
            Not After : May 13 19:00:59 2026 GMT
        Subject: CN=14ede17677c66e6ed32c85598e478bdf29d333c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d1:e0:b1:0d:7b:52:21:79:2b:30:e3:12:9f:
                    2b:2e:65:ac:49:ca:ad:9d:b7:f9:24:41:07:3f:bd:
                    b8:64:b6:de:e9:c4:bf:20:08:57:8e:c4:5e:3a:6a:
                    90:f6:f8:a5:0e:73:f2:b9:7d:f6:44:a9:55:f3:8b:
                    fa:29:0c:92:27:d4:a1:5e:47:e6:cc:b8:7c:46:cf:
                    89:c9:a3:15:29:26:d2:8e:c0:6a:8f:a1:1e:ec:5a:
                    d5:dd:22:bb:fd:e5:dd:19:bb:1f:80:3e:ed:bd:e9:
                    82:0f:79:76:81:c8:54:2d:2d:c1:67:b2:74:f3:78:
                    38:14:79:b1:23:a0:c7:a8:b2:1a:7f:95:69:b7:70:
                    a7:c7:51:dd:0b:d9:d8:9f:65:46:b3:66:d3:d8:52:
                    e8:fb:c0:dc:92:81:02:32:bb:90:44:96:f1:bb:39:
                    a1:9c:eb:c8:17:da:2e:b7:95:f4:83:34:b3:37:e8:
                    1e:fa:1d:5e:82:9f:bd:a2:89:a3:1f:66:42:a8:51:
                    13:a0:a3:b3:69:88:e5:cc:36:79:5e:e1:b9:b1:b9:
                    de:4d:bc:f7:95:3b:b8:06:f3:16:42:2d:9b:34:73:
                    89:17:73:c9:82:77:88:24:b1:65:85:bc:3b:a1:51:
                    87:30:d8:17:08:f6:61:77:47:5e:49:86:38:67:d7:
                    20:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:ED:E1:76:77:C6:6E:6E:D3:2C:85:59:8E:47:8B:DF:29:D3:33:C4
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:61:bb:e4:88:57:94:45:6c:03:3a:10:93:ee:71:7c:9d:2b:
         64:12:a5:3d:d0:f4:a9:c9:11:a4:f0:20:99:f8:82:25:29:98:
         2b:ae:6e:bd:18:02:5f:df:b2:2d:f8:07:97:83:97:c8:b2:77:
         a0:a4:63:db:94:57:72:e2:72:21:a6:ab:a0:c2:f7:0c:68:20:
         30:b7:d8:67:fc:44:18:eb:88:79:31:3a:0c:60:dc:02:51:4d:
         07:79:7f:2b:91:29:7d:e6:db:68:fb:b3:c7:28:88:3f:54:68:
         b2:8f:b5:40:61:84:1e:06:2f:0c:29:3f:a4:f1:2d:23:04:89:
         ca:07:5a:7c:3e:86:f9:e6:3f:fd:fb:af:83:04:25:84:47:2f:
         41:e3:14:ad:26:13:14:46:61:0e:33:13:60:f0:ce:a8:22:2c:
         73:bf:5f:31:06:13:cc:82:af:b7:4f:72:74:07:9c:df:49:c1:
         bc:7f:91:af:03:11:5a:9e:88:a8:c5:44:d9:13:01:9e:f2:50:
         ac:c7:e9:5a:70:82:80:e1:a9:ea:88:82:8f:96:8d:1c:2f:eb:
         a7:27:d4:c7:1c:cb:0d:a4:dc:5b:5d:94:ce:7a:a2:fc:4e:13:
         31:c1:c2:7e:c5:b6:fb:29:49:cb:ab:57:d5:89:86:2f:23:74:
         fe:b0:e1:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkFoZa3AYEib7ujhLcInVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjYwNTEyMTkwMDU5WhcNMjYwNTEzMTkwMDU5WjAzMTEwLwYDVQQD
EygxNGVkZTE3Njc3YzY2ZTZlZDMyYzg1NTk4ZTQ3OGJkZjI5ZDMzM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9HgsQ17UiF5KzDjEp8rLmWsScqt
nbf5JEEHP724ZLbe6cS/IAhXjsReOmqQ9vilDnPyuX32RKlV84v6KQySJ9ShXkfm
zLh8Rs+JyaMVKSbSjsBqj6Ee7FrV3SK7/eXdGbsfgD7tvemCD3l2gchULS3BZ7J0
83g4FHmxI6DHqLIaf5Vpt3Cnx1HdC9nYn2VGs2bT2FLo+8DckoECMruQRJbxuzmh
nOvIF9out5X0gzSzN+ge+h1egp+9oomjH2ZCqFEToKOzaYjlzDZ5XuG5sbneTbz3
lTu4BvMWQi2bNHOJF3PJgneIJLFlhbw7oVGHMNgXCPZhd0deSYY4Z9cgUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTt4XZ3xm5u0yyFWY5Hi98p0zPEMB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2G75IhX
lEVsAzoQk+5xfJ0rZBKlPdD0qckRpPAgmfiCJSmYK65uvRgCX9+yLfgHl4OXyLJ3
oKRj25RXcuJyIaaroML3DGggMLfYZ/xEGOuIeTE6DGDcAlFNB3l/K5EpfebbaPuz
xyiIP1Roso+1QGGEHgYvDCk/pPEtIwSJygdafD6G+eY//fuvgwQlhEcvQeMUrSYT
FEZhDjMTYPDOqCIsc79fMQYTzIKvt09ydAec30nBvH+RrwMRWp6IqMVE2RMBnvJQ
rMfpWnCCgOGp6oiCj5aNHC/rpyfUxxzLDaTcW12Uznqi/E4TMcHCfsW2+ylJy6tX
1YmGLyN0/rDhXw==
-----END CERTIFICATE-----