Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          RsUFwl3nlppd7nf2B6xCm/FUBk/5817gQrUu9SjxUBo=
Subject key identifier:   6C:51:44:F0:37:A3:80:56:47:3F:36:88:6A:B8:33:72:61:60:DC:EA
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       019E1C469B4CDDF2F2ACD0B6DC58C5C0393C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          11BA
Signing time:             Tue 12 May 2026 13:00:49 +0000
Manifest this update:     Tue 12 May 2026 13:00:49 +0000
Manifest next update:     Wed 13 May 2026 13:00:49 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: ZREuq/fc1O775r2d+Tk4/XF0zagXC+RBRC+0Ly3sdi8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:9b:4c:dd:f2:f2:ac:d0:b6:dc:58:c5:c0:39:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: May 12 13:00:49 2026 GMT
            Not After : May 13 13:00:49 2026 GMT
        Subject: CN=6c5144f037a38056473f36886ab833726160dcea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:73:5e:71:99:dc:30:97:35:92:d2:04:7a:21:
                    bd:3a:22:ee:09:02:5d:7d:f6:bd:8e:92:f2:7e:a0:
                    94:38:0c:7f:d2:d2:ff:87:e5:39:3f:07:0f:30:46:
                    ff:b0:5b:b5:70:42:e2:a7:d5:ce:8c:65:3e:08:5a:
                    53:e8:60:e3:57:97:f9:3a:06:f5:50:f9:a1:ca:b5:
                    ff:57:75:5b:ab:bd:58:42:a0:1c:17:35:51:b5:0f:
                    d6:0d:60:ee:58:a0:9c:fe:0d:31:4c:06:42:77:e4:
                    ba:e8:fc:0a:c7:3f:7d:51:fd:7d:a6:b8:e5:5a:d3:
                    c7:10:c1:2b:e8:6c:71:ee:db:21:4c:28:0a:3e:00:
                    d2:fd:9d:ab:2c:ba:7c:72:10:19:2f:9a:9f:88:78:
                    e8:83:a7:4b:df:64:c8:54:04:f3:d5:b3:f5:f1:f4:
                    ed:46:69:39:14:8e:e4:cf:0b:d4:8a:95:5f:fc:24:
                    c8:02:d2:a7:91:39:2a:be:81:7c:6c:b8:3b:18:da:
                    1c:5b:78:7d:36:55:2a:c8:f4:8b:2c:95:ef:c8:b2:
                    f0:f8:70:00:1c:80:69:d7:4d:1b:b2:70:be:b0:fa:
                    5c:9d:34:2f:f6:12:08:17:01:8e:4f:1b:08:16:e7:
                    d0:f4:ea:f0:6f:f7:8d:e0:53:31:60:1c:4c:53:52:
                    6c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:51:44:F0:37:A3:80:56:47:3F:36:88:6A:B8:33:72:61:60:DC:EA
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:cb:72:46:e3:b7:87:25:07:a2:2d:36:0a:57:f8:c4:80:6c:
         5e:90:9d:16:16:33:5e:ac:e4:6f:0c:25:15:e1:9d:b4:9d:09:
         d8:f9:13:cd:07:72:92:85:54:0f:93:ea:2c:09:b8:10:09:d3:
         2f:d3:26:ab:e5:10:10:88:46:24:c8:22:43:0c:a2:78:db:c2:
         d5:f4:24:2f:79:30:23:09:88:01:d2:10:ae:ef:90:24:63:fa:
         9b:69:94:a9:d0:6c:0b:a5:bf:82:e2:f6:6d:f1:4b:35:53:6b:
         72:64:8a:45:ab:88:73:7f:ca:67:6f:56:32:a9:76:97:0e:d1:
         7f:86:29:a6:5d:3a:69:13:92:85:23:53:b7:4a:99:48:a9:7c:
         ef:2b:1b:c5:07:ee:9b:f2:1b:dc:a3:58:ef:aa:af:47:c3:c3:
         6c:b5:2b:aa:c2:82:2c:05:2b:86:a4:c0:43:c6:20:3d:91:63:
         55:48:94:35:d0:ef:d4:90:86:33:2c:5b:ae:84:5f:7a:e1:a8:
         86:0b:ca:78:de:b3:0e:06:18:cd:91:60:4d:2f:ca:cd:88:f0:
         74:a8:ec:4f:9d:43:d9:0a:f4:17:b0:df:b0:43:99:37:5d:3e:
         c6:11:26:57:ba:a4:87:09:38:40:4b:1f:dc:1e:53:5f:c1:f9:
         fb:c8:1c:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRptM3fLyrNC23FjFwDk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjYwNTEyMTMwMDQ5WhcNMjYwNTEzMTMwMDQ5WjAzMTEwLwYDVQQD
Eyg2YzUxNDRmMDM3YTM4MDU2NDczZjM2ODg2YWI4MzM3MjYxNjBkY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3NecZncMJc1ktIEeiG9OiLuCQJd
ffa9jpLyfqCUOAx/0tL/h+U5PwcPMEb/sFu1cELip9XOjGU+CFpT6GDjV5f5Ogb1
UPmhyrX/V3Vbq71YQqAcFzVRtQ/WDWDuWKCc/g0xTAZCd+S66PwKxz99Uf19prjl
WtPHEMEr6Gxx7tshTCgKPgDS/Z2rLLp8chAZL5qfiHjog6dL32TIVATz1bP18fTt
Rmk5FI7kzwvUipVf/CTIAtKnkTkqvoF8bLg7GNocW3h9NlUqyPSLLJXvyLLw+HAA
HIBp100bsnC+sPpcnTQv9hIIFwGOTxsIFufQ9Orwb/eN4FMxYBxMU1JsZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxRRPA3o4BWRz82iGq4M3JhYNzqMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8tyRuO3
hyUHoi02Clf4xIBsXpCdFhYzXqzkbwwlFeGdtJ0J2PkTzQdykoVUD5PqLAm4EAnT
L9Mmq+UQEIhGJMgiQwyieNvC1fQkL3kwIwmIAdIQru+QJGP6m2mUqdBsC6W/guL2
bfFLNVNrcmSKRauIc3/KZ29WMql2lw7Rf4Yppl06aROShSNTt0qZSKl87ysbxQfu
m/Ib3KNY76qvR8PDbLUrqsKCLAUrhqTAQ8YgPZFjVUiUNdDv1JCGMyxbroRfeuGo
hgvKeN6zDgYYzZFgTS/KzYjwdKjsT51D2Qr0F7DfsEOZN10+xhEmV7qkhwk4QEsf
3B5TX8H5+8gcbA==
-----END CERTIFICATE-----