Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          djfHJLvRIgrJRSa/RCAmdaRr8v24LOfbCFRU7neVZMc=
Subject key identifier:   2E:F7:26:0A:33:66:C1:0D:59:F7:17:55:24:79:7B:B8:33:C2:79:12
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       019E1EA2D7D21C482E0519E344B018583AFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          1069
Signing time:             Wed 13 May 2026 00:00:48 +0000
Manifest this update:     Wed 13 May 2026 00:00:48 +0000
Manifest next update:     Thu 14 May 2026 00:00:48 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: j3FXH7fKFiGkj3gM1NBsAnFpVu9eFDi50dinpkC1ang=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a2:d7:d2:1c:48:2e:05:19:e3:44:b0:18:58:3a:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: May 13 00:00:48 2026 GMT
            Not After : May 14 00:00:48 2026 GMT
        Subject: CN=2ef7260a3366c10d59f7175524797bb833c27912
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:d3:31:fd:3c:1d:5c:4d:47:c6:42:0f:01:43:
                    0a:86:fb:af:38:f0:f1:3c:b1:46:7c:5b:21:91:33:
                    22:0f:aa:59:41:a1:34:cb:ff:e7:ba:85:cd:f6:76:
                    20:8d:4b:5e:b5:ec:36:cb:16:a2:2c:74:44:40:6f:
                    76:7c:ba:67:f8:d7:6a:83:44:50:7d:7a:6f:b4:a9:
                    70:c3:dc:7e:1c:8a:38:96:2e:05:03:71:05:31:c5:
                    ce:a6:59:bd:46:58:6e:a1:cb:eb:f4:a3:46:e5:0e:
                    86:b3:9b:bd:7c:57:c5:a5:d2:b1:c8:80:6a:76:fc:
                    18:90:af:33:5a:6e:1f:08:fe:e3:fe:6e:58:6f:5e:
                    0f:71:bb:80:66:16:04:6b:4f:55:65:68:1a:53:63:
                    10:8f:37:66:17:f0:fa:6a:ce:ef:d7:66:0d:10:f0:
                    47:33:2d:78:07:b5:8b:3f:06:aa:11:47:16:a4:ea:
                    75:1a:f2:0e:f7:c0:ed:39:ac:f7:77:0e:2f:be:23:
                    3c:10:81:b5:60:d4:9a:11:70:df:47:1c:04:c0:4a:
                    17:c3:21:b2:d1:18:60:c3:93:5c:5d:2e:f0:06:d1:
                    1d:27:86:ba:3d:fe:cc:a1:32:a3:c8:05:01:86:13:
                    f2:28:64:79:33:ee:46:eb:b9:73:48:2e:8d:0e:10:
                    cd:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:F7:26:0A:33:66:C1:0D:59:F7:17:55:24:79:7B:B8:33:C2:79:12
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:b3:bc:4c:0d:a0:f7:b0:8a:1e:39:80:7d:3f:87:ac:88:83:
         d6:78:c2:ee:ec:80:8e:d0:b2:6b:6b:3b:45:1d:64:3b:eb:12:
         ed:96:8c:fd:67:e7:c3:b7:2c:da:4e:6f:18:6e:f0:4b:16:77:
         08:a0:76:2a:d2:57:75:35:3b:45:73:9d:72:f0:a9:51:17:04:
         44:17:05:99:b1:5c:a8:9a:c1:88:9a:6a:fa:06:3e:c8:88:85:
         3e:18:aa:65:de:22:cd:4a:df:60:71:4f:e1:bf:60:5e:c1:76:
         14:45:02:ac:df:73:88:83:4f:0c:3b:d8:69:d0:1c:eb:a7:88:
         36:6a:48:b6:ec:88:4e:ce:86:19:64:04:14:c0:7a:02:ad:e2:
         c1:13:92:92:93:7c:0e:d6:87:c2:56:62:3a:46:44:38:e2:dc:
         3a:2e:1a:6b:c5:d6:f7:d3:f2:8d:3f:61:be:6c:62:e3:ca:b3:
         94:27:14:d5:ac:e3:7b:12:61:e5:e6:c8:97:20:a4:9d:72:ca:
         d4:f9:4e:35:ea:4c:0e:16:41:a7:23:39:32:8e:a2:8e:95:f0:
         ad:d5:ab:96:18:c2:4a:2a:81:34:bc:ba:b6:73:73:f6:c4:3e:
         c7:e1:81:94:db:f5:44:c7:7f:38:2d:41:eb:c4:8c:78:c5:d0:
         8b:3e:3e:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eotfSHEguBRnjRLAYWDr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjYwNTEzMDAwMDQ4WhcNMjYwNTE0MDAwMDQ4WjAzMTEwLwYDVQQD
EygyZWY3MjYwYTMzNjZjMTBkNTlmNzE3NTUyNDc5N2JiODMzYzI3OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tMx/TwdXE1HxkIPAUMKhvuvOPDx
PLFGfFshkTMiD6pZQaE0y//nuoXN9nYgjUtetew2yxaiLHREQG92fLpn+Ndqg0RQ
fXpvtKlww9x+HIo4li4FA3EFMcXOplm9Rlhuocvr9KNG5Q6Gs5u9fFfFpdKxyIBq
dvwYkK8zWm4fCP7j/m5Yb14PcbuAZhYEa09VZWgaU2MQjzdmF/D6as7v12YNEPBH
My14B7WLPwaqEUcWpOp1GvIO98DtOaz3dw4vviM8EIG1YNSaEXDfRxwEwEoXwyGy
0Rhgw5NcXS7wBtEdJ4a6Pf7MoTKjyAUBhhPyKGR5M+5G67lzSC6NDhDNVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC73JgozZsENWfcXVSR5e7gzwnkSMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw7O8TA2g
97CKHjmAfT+HrIiD1njC7uyAjtCya2s7RR1kO+sS7ZaM/Wfnw7cs2k5vGG7wSxZ3
CKB2KtJXdTU7RXOdcvCpURcERBcFmbFcqJrBiJpq+gY+yIiFPhiqZd4izUrfYHFP
4b9gXsF2FEUCrN9ziINPDDvYadAc66eINmpItuyITs6GGWQEFMB6Aq3iwROSkpN8
DtaHwlZiOkZEOOLcOi4aa8XW99PyjT9hvmxi48qzlCcU1azjexJh5ebIlyCknXLK
1PlONepMDhZBpyM5Mo6ijpXwrdWrlhjCSiqBNLy6tnNz9sQ+x+GBlNv1RMd/OC1B
68SMeMXQiz4+aQ==
-----END CERTIFICATE-----