Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          VgqQXRFlSsAht5U/T8aYT8rPo8fleM1itlAx2SJLMmk=
Subject key identifier:   36:11:C3:EB:C8:51:24:64:72:B8:E0:49:8D:B4:FA:79:F8:CB:F5:58
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019E303B7560A401EAF69D6A6CA6E2A4C3DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          087C
Signing time:             Sat 16 May 2026 10:01:03 +0000
Manifest this update:     Sat 16 May 2026 10:01:03 +0000
Manifest next update:     Sun 17 May 2026 10:01:03 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: yx9duL+LYnYvbqn/RhSPaFQvEfy00m2hZnZm4UFYs44=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 10:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:3b:75:60:a4:01:ea:f6:9d:6a:6c:a6:e2:a4:c3:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: May 16 10:01:03 2026 GMT
            Not After : May 17 10:01:03 2026 GMT
        Subject: CN=3611c3ebc851246472b8e0498db4fa79f8cbf558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:4d:7d:e4:46:04:f3:cf:20:83:cb:44:da:89:
                    ba:69:01:7e:00:1f:91:14:4c:b5:b6:08:2b:5d:8c:
                    03:2e:b3:14:19:5c:22:ea:b8:1d:bb:09:c3:76:17:
                    06:60:05:2b:d1:b7:d5:58:f6:65:b2:1f:99:f4:b8:
                    43:ef:bc:4f:d9:c3:66:95:80:63:63:21:d5:42:54:
                    bb:3b:0a:1b:90:83:f2:cc:e9:56:f6:47:1a:3a:5b:
                    ad:d9:a0:26:df:b1:84:de:f0:0f:89:c3:b4:49:eb:
                    b8:55:f0:df:cc:70:19:0f:5e:8e:be:67:3a:d9:de:
                    5e:0b:07:f2:2d:97:e4:ec:7c:ff:74:68:f9:de:04:
                    25:72:c3:ac:31:6e:39:66:68:17:e2:51:c0:fa:cd:
                    99:90:4a:52:dc:0b:c8:1a:90:92:3c:aa:09:0b:96:
                    94:95:a1:d6:84:d0:b6:b9:1c:2a:ff:4e:69:58:01:
                    65:e1:38:d3:eb:02:02:c6:5e:1f:3e:bd:10:07:e6:
                    17:53:57:e9:99:3a:25:2d:08:90:2d:01:96:84:3f:
                    b7:1b:df:f5:03:28:a7:b4:97:6e:08:f5:18:b4:3a:
                    08:64:2e:b0:15:2e:e9:e7:b3:d5:98:3d:2f:36:7e:
                    8f:26:13:17:7e:67:d5:3e:3d:64:a5:f4:41:b9:97:
                    11:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:11:C3:EB:C8:51:24:64:72:B8:E0:49:8D:B4:FA:79:F8:CB:F5:58
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:36:3c:34:bd:70:a7:f6:41:8e:20:9f:cc:0e:07:ea:e5:97:
         fb:0a:19:c9:f6:92:0c:ab:aa:e7:b6:3c:a1:20:e7:99:53:67:
         02:27:77:05:a9:e8:d8:74:67:53:fc:03:70:a0:e5:b7:c3:0f:
         31:41:8f:04:9b:12:ba:7f:14:05:0a:3a:46:59:dd:a7:3b:01:
         5c:54:ea:3e:ff:15:4a:05:16:4f:25:47:49:67:7c:77:e3:61:
         eb:98:e7:eb:2f:ea:e1:d7:d7:82:0b:95:cb:8b:55:95:ed:88:
         4b:57:8b:d6:67:67:3f:44:c4:b8:76:38:e5:4a:f3:f1:ea:5a:
         23:ec:0d:c0:8e:72:2d:69:76:0d:e7:94:5f:34:ae:8c:81:b1:
         61:72:de:83:0b:1f:f5:36:d1:e7:b1:29:47:fc:1e:5a:fe:2e:
         08:11:b6:46:7d:92:4f:2c:d4:88:a4:31:8e:62:9a:f8:59:50:
         c0:13:a7:71:39:c8:de:44:fc:97:33:3d:54:5e:6d:15:bd:de:
         a0:57:49:a3:53:05:7b:6f:70:3a:e3:cf:ff:a4:fc:3b:10:39:
         9a:f5:b9:49:cb:07:7d:39:18:e1:1b:b4:f1:0f:b4:19:18:8b:
         43:69:fd:96:c3:cf:3d:ae:63:9b:54:09:4a:24:2d:30:3d:32:
         37:64:3e:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO3VgpAHq9p1qbKbipMPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjYwNTE2MTAwMTAzWhcNMjYwNTE3MTAwMTAzWjAzMTEwLwYDVQQD
EygzNjExYzNlYmM4NTEyNDY0NzJiOGUwNDk4ZGI0ZmE3OWY4Y2JmNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE195EYE888gg8tE2om6aQF+AB+R
FEy1tggrXYwDLrMUGVwi6rgduwnDdhcGYAUr0bfVWPZlsh+Z9LhD77xP2cNmlYBj
YyHVQlS7OwobkIPyzOlW9kcaOlut2aAm37GE3vAPicO0Seu4VfDfzHAZD16Ovmc6
2d5eCwfyLZfk7Hz/dGj53gQlcsOsMW45ZmgX4lHA+s2ZkEpS3AvIGpCSPKoJC5aU
laHWhNC2uRwq/05pWAFl4TjT6wICxl4fPr0QB+YXU1fpmTolLQiQLQGWhD+3G9/1
AyintJduCPUYtDoIZC6wFS7p57PVmD0vNn6PJhMXfmfVPj1kpfRBuZcRHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYRw+vIUSRkcrjgSY20+nn4y/VYMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATzY8NL1w
p/ZBjiCfzA4H6uWX+woZyfaSDKuq57Y8oSDnmVNnAid3Bano2HRnU/wDcKDlt8MP
MUGPBJsSun8UBQo6RlndpzsBXFTqPv8VSgUWTyVHSWd8d+Nh65jn6y/q4dfXgguV
y4tVle2IS1eL1mdnP0TEuHY45Urz8epaI+wNwI5yLWl2DeeUXzSujIGxYXLegwsf
9TbR57EpR/weWv4uCBG2Rn2STyzUiKQxjmKa+FlQwBOncTnI3kT8lzM9VF5tFb3e
oFdJo1MFe29wOuPP/6T8OxA5mvW5ScsHfTkY4Ru08Q+0GRiLQ2n9lsPPPa5jm1QJ
SiQtMD0yN2Q++A==
-----END CERTIFICATE-----