Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          PQqqZegN9Vz8vb4TjSeYzjB1CvRyKP740RVOCOCTmas=
Subject key identifier:   8D:66:40:84:C3:04:1F:EE:02:F9:53:97:45:FF:4E:36:75:8C:4A:09
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       019E1D59866492FF6A2BE4165F51CC527FC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          046C
Signing time:             Tue 12 May 2026 18:01:06 +0000
Manifest this update:     Tue 12 May 2026 18:01:06 +0000
Manifest next update:     Wed 13 May 2026 18:01:06 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: 19PCoJI2mGIJ2rn3mk+sYxe89u93s5Xs1HyaFXC5Kpg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:59:86:64:92:ff:6a:2b:e4:16:5f:51:cc:52:7f:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: May 12 18:01:06 2026 GMT
            Not After : May 13 18:01:06 2026 GMT
        Subject: CN=8d664084c3041fee02f9539745ff4e36758c4a09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:66:51:d0:23:31:57:8d:e9:dd:18:4c:76:06:
                    55:bc:7e:55:fd:78:1e:5f:a1:d3:92:ab:c8:18:71:
                    13:ed:41:8f:85:0e:58:63:26:34:a3:d7:33:99:41:
                    38:c7:1a:b9:83:b6:5f:02:99:0f:c4:4d:61:f6:e0:
                    bc:d9:dc:f8:e8:11:24:f3:73:3e:37:ff:8a:39:33:
                    44:e7:3b:b1:10:e0:8b:a2:98:fc:87:6c:f9:d2:d3:
                    2e:87:b2:6e:d6:34:e0:3d:6d:1f:01:b2:3a:13:48:
                    fe:bc:ec:24:f7:84:43:56:04:73:ab:2a:15:b5:cb:
                    cc:94:05:ec:3d:40:f6:30:e9:0e:41:9d:94:08:cb:
                    88:b1:5b:47:c4:8d:83:34:67:08:70:b9:57:2e:10:
                    07:1b:c4:6d:6b:c4:42:80:10:5e:35:3f:96:d6:f9:
                    65:34:5d:a5:93:b4:fe:9e:67:13:f6:b7:6d:f2:6f:
                    4c:f9:ee:69:99:c4:53:a9:ad:ee:8a:b1:0b:6c:e4:
                    72:59:bb:5c:ab:96:98:cf:47:c1:95:bc:7e:ac:19:
                    7e:52:a1:f6:59:ce:fb:7d:0b:8b:16:89:fb:90:9c:
                    ba:5e:c2:68:d1:bf:b5:cd:7d:55:7e:c1:4e:76:1f:
                    c3:c5:25:23:a3:70:78:cc:08:79:17:b1:cf:bc:91:
                    1d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:66:40:84:C3:04:1F:EE:02:F9:53:97:45:FF:4E:36:75:8C:4A:09
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:9e:a2:cb:73:f0:db:6d:76:d7:4c:fa:35:7d:0a:14:68:39:
         b0:2f:9b:1d:92:74:49:14:7c:ac:11:86:df:16:e0:39:4e:19:
         2f:c3:81:57:00:29:4b:40:99:6b:0d:b4:66:3e:87:b2:17:fa:
         58:53:72:89:68:a0:40:1d:ce:85:88:3d:2f:cb:8f:c3:57:de:
         db:1a:8e:54:59:ae:ae:40:b8:de:ae:15:9b:2e:fd:6b:4f:20:
         14:47:73:64:01:4c:aa:fc:58:30:c9:d2:46:6b:26:16:e7:4f:
         df:1c:55:c3:34:cb:10:a5:79:0c:ee:f5:e6:eb:c5:b9:cc:35:
         88:88:1d:ca:c2:03:a4:4a:b2:57:c1:99:5c:eb:6b:4a:12:c5:
         b6:82:c3:3c:1d:6e:4a:4b:0a:c1:d1:61:e1:61:d2:ad:1f:6c:
         bc:1e:47:0a:35:fa:10:35:2e:a3:c6:a4:3e:20:c1:bd:27:07:
         30:25:73:ab:2a:9f:53:cc:a8:2d:8d:c0:d7:ad:81:de:56:00:
         e1:2c:3a:08:d2:6e:c6:97:76:95:4b:64:da:a1:85:9b:a5:ba:
         84:0d:77:e2:d4:c9:1d:80:1f:5f:31:19:9c:78:61:b8:fb:55:
         a6:2b:cf:42:d2:7f:3f:ab:5a:a2:57:ba:2f:92:cf:8f:bb:25:
         b8:03:6c:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dWYZkkv9qK+QWX1HMUn/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjYwNTEyMTgwMTA2WhcNMjYwNTEzMTgwMTA2WjAzMTEwLwYDVQQD
Eyg4ZDY2NDA4NGMzMDQxZmVlMDJmOTUzOTc0NWZmNGUzNjc1OGM0YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mZR0CMxV43p3RhMdgZVvH5V/Xge
X6HTkqvIGHET7UGPhQ5YYyY0o9czmUE4xxq5g7ZfApkPxE1h9uC82dz46BEk83M+
N/+KOTNE5zuxEOCLopj8h2z50tMuh7Ju1jTgPW0fAbI6E0j+vOwk94RDVgRzqyoV
tcvMlAXsPUD2MOkOQZ2UCMuIsVtHxI2DNGcIcLlXLhAHG8Rta8RCgBBeNT+W1vll
NF2lk7T+nmcT9rdt8m9M+e5pmcRTqa3uirELbORyWbtcq5aYz0fBlbx+rBl+UqH2
Wc77fQuLFon7kJy6XsJo0b+1zX1VfsFOdh/DxSUjo3B4zAh5F7HPvJEdRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1mQITDBB/uAvlTl0X/TjZ1jEoJMB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJ6iy3Pw
221210z6NX0KFGg5sC+bHZJ0SRR8rBGG3xbgOU4ZL8OBVwApS0CZaw20Zj6Hshf6
WFNyiWigQB3OhYg9L8uPw1fe2xqOVFmurkC43q4Vmy79a08gFEdzZAFMqvxYMMnS
RmsmFudP3xxVwzTLEKV5DO715uvFucw1iIgdysIDpEqyV8GZXOtrShLFtoLDPB1u
SksKwdFh4WHSrR9svB5HCjX6EDUuo8akPiDBvScHMCVzqyqfU8yoLY3A162B3lYA
4Sw6CNJuxpd2lUtk2qGFm6W6hA134tTJHYAfXzEZnHhhuPtVpivPQtJ/P6taole6
L5LPj7sluANs9Q==
-----END CERTIFICATE-----