Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          aV/+NA7F/DCRWWE1dEmLQOLqyPzvIcldjucAsRPgKjQ=
Subject key identifier:   CA:14:90:A7:4F:4F:1A:EB:CF:04:31:7D:AD:B5:71:E6:92:F7:F9:58
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019F17F97095CB96855B51C3E5CBD70E521A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1984
Signing time:             Tue 30 Jun 2026 10:00:50 +0000
Manifest this update:     Tue 30 Jun 2026 10:00:50 +0000
Manifest next update:     Wed 01 Jul 2026 10:00:50 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: sVlOPcbPwSRLGEfafqwKKh0BZ/8wEvKz3CE0lf/mPXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:70:95:cb:96:85:5b:51:c3:e5:cb:d7:0e:52:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Jun 30 10:00:50 2026 GMT
            Not After : Jul  1 10:00:50 2026 GMT
        Subject: CN=ca1490a74f4f1aebcf04317dadb571e692f7f958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:49:17:38:be:40:b4:64:1f:ca:b2:08:e0:89:
                    ee:9f:85:43:c7:dd:dd:d5:ff:bf:6b:93:eb:1e:49:
                    bc:a6:14:eb:74:10:ca:68:db:f6:d6:b2:05:b4:91:
                    aa:4e:c0:86:5e:ea:2d:b8:0d:56:a1:0e:99:9c:08:
                    86:bf:73:30:eb:78:a5:69:d7:70:ea:7d:c8:ec:54:
                    f1:b9:6d:a8:ee:ce:89:5c:ac:89:d2:9f:fc:f2:cc:
                    4d:01:3c:f8:c0:c1:fe:0b:87:e5:65:bf:00:d6:37:
                    39:ab:1d:21:e3:13:40:fe:7b:fd:92:c8:2a:fc:a4:
                    e7:d7:78:c4:39:72:c3:08:68:fb:95:4f:2f:c2:3e:
                    66:4e:cc:af:c6:b1:9b:48:ba:4e:c1:76:1a:03:ea:
                    10:d1:86:b7:97:12:33:72:3d:df:31:98:8e:f1:4a:
                    be:55:c1:10:90:58:c8:52:2a:2a:01:6a:a7:5d:53:
                    29:2b:69:21:d1:5f:fd:70:03:ea:a0:4d:3f:5c:44:
                    f9:b3:e6:4b:6d:b8:a6:50:07:c5:f6:22:fc:7d:c6:
                    85:37:d3:b7:e2:a5:4c:3f:44:20:e3:0d:f7:ad:98:
                    c8:38:f6:47:03:87:37:10:b7:1d:57:11:07:f0:ba:
                    16:4d:ed:7f:f0:c6:8a:ee:05:e8:5d:f9:8c:06:62:
                    c2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:14:90:A7:4F:4F:1A:EB:CF:04:31:7D:AD:B5:71:E6:92:F7:F9:58
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:65:09:10:14:92:ba:f8:bf:6c:34:3b:b8:37:a3:a4:f3:1f:
         0f:f0:57:81:98:46:7c:50:e7:1b:ea:cf:b0:f0:4e:e2:0a:7f:
         00:0d:82:cc:7d:50:6f:b7:e8:54:a6:5d:a9:d8:0b:0a:8e:0f:
         92:52:e4:e0:a9:b7:70:41:69:61:46:66:79:39:d6:97:8e:26:
         f2:5c:f8:21:3a:af:9e:d5:a7:e1:3a:43:06:45:51:10:b4:f2:
         1d:45:3f:e8:27:15:12:4a:aa:e2:90:53:99:ef:69:55:31:04:
         3e:cd:79:bb:26:1d:73:f8:6b:71:6a:fc:f3:dd:6a:8c:39:fe:
         f5:52:ba:ad:b0:27:8e:a7:e9:06:5f:21:44:3b:ba:e3:13:14:
         22:c7:e0:42:69:70:56:b4:71:b9:f5:63:ff:cf:1b:2e:b4:2c:
         17:19:48:84:51:1a:87:d4:7b:3d:79:d4:81:7c:9b:d4:9d:61:
         d9:80:83:33:a3:04:55:2c:7d:05:77:f6:b3:04:38:1d:13:36:
         75:cc:b6:21:e4:e5:09:b9:78:6b:b9:c2:c8:52:3d:74:d9:98:
         9c:2d:34:74:f2:3d:4b:8a:81:69:9f:a0:63:32:80:d8:77:ff:
         d3:dc:ad:63:60:58:6b:94:9f:b2:58:e2:dd:24:4d:af:b2:b7:
         a7:60:e3:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+XCVy5aFW1HD5cvXDlIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjYwNjMwMTAwMDUwWhcNMjYwNzAxMTAwMDUwWjAzMTEwLwYDVQQD
EyhjYTE0OTBhNzRmNGYxYWViY2YwNDMxN2RhZGI1NzFlNjkyZjdmOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEkXOL5AtGQfyrII4Inun4VDx93d
1f+/a5PrHkm8phTrdBDKaNv21rIFtJGqTsCGXuotuA1WoQ6ZnAiGv3Mw63iladdw
6n3I7FTxuW2o7s6JXKyJ0p/88sxNATz4wMH+C4flZb8A1jc5qx0h4xNA/nv9ksgq
/KTn13jEOXLDCGj7lU8vwj5mTsyvxrGbSLpOwXYaA+oQ0Ya3lxIzcj3fMZiO8Uq+
VcEQkFjIUioqAWqnXVMpK2kh0V/9cAPqoE0/XET5s+ZLbbimUAfF9iL8fcaFN9O3
4qVMP0Qg4w33rZjIOPZHA4c3ELcdVxEH8LoWTe1/8MaK7gXoXfmMBmLCnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoUkKdPTxrrzwQxfa21ceaS9/lYMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGUJEBSS
uvi/bDQ7uDejpPMfD/BXgZhGfFDnG+rPsPBO4gp/AA2CzH1Qb7foVKZdqdgLCo4P
klLk4Km3cEFpYUZmeTnWl44m8lz4ITqvntWn4TpDBkVRELTyHUU/6CcVEkqq4pBT
me9pVTEEPs15uyYdc/hrcWr8891qjDn+9VK6rbAnjqfpBl8hRDu64xMUIsfgQmlw
VrRxufVj/88bLrQsFxlIhFEah9R7PXnUgXyb1J1h2YCDM6MEVSx9BXf2swQ4HRM2
dcy2IeTlCbl4a7nCyFI9dNmYnC00dPI9S4qBaZ+gYzKA2Hf/09ytY2BYa5Sfslji
3SRNr7K3p2DjfQ==
-----END CERTIFICATE-----