Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          nGE9d3nSZWX9URDU2B6yiA/Uh1tIfuP9G7PUG3rJ5VQ=
Subject key identifier:   40:EE:52:98:B2:F3:1D:AC:D7:57:98:19:2B:2B:75:AB:66:50:C0:C9
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019E2F970EA4150515A967DA16BF637D4163
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0E99
Signing time:             Sat 16 May 2026 07:01:29 +0000
Manifest this update:     Sat 16 May 2026 07:01:29 +0000
Manifest next update:     Sun 17 May 2026 07:01:29 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: V3b6tPnrxfTbRNYfkZGrmG4BH51I5/wYH8dbqicZ1AE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:0e:a4:15:05:15:a9:67:da:16:bf:63:7d:41:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: May 16 07:01:29 2026 GMT
            Not After : May 17 07:01:29 2026 GMT
        Subject: CN=40ee5298b2f31dacd75798192b2b75ab6650c0c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:93:5a:05:e4:58:6c:2e:1e:3f:b0:08:72:2c:
                    89:e2:9d:40:86:8e:8a:78:1a:c5:0a:4b:af:0f:22:
                    57:ea:b6:7d:c3:70:a1:9f:ee:0c:da:a1:30:21:69:
                    66:82:63:cb:e4:99:48:cc:dc:7d:44:56:e1:19:c8:
                    bc:ce:83:2f:3b:f2:51:fb:01:86:8b:17:e2:27:fe:
                    b3:81:19:e5:a1:61:f4:08:45:bb:8c:dc:e4:db:b6:
                    98:92:8d:af:6f:84:40:5e:07:9c:0c:f1:76:0c:6e:
                    4b:1c:32:49:38:cd:b1:eb:8d:10:2c:f8:e8:91:62:
                    a1:02:fd:08:6a:a0:89:31:20:6f:17:3c:ba:7c:56:
                    df:a8:4a:6c:22:ff:44:80:0e:d2:1c:e5:ed:95:95:
                    84:0c:a3:b8:2c:61:dd:67:c0:d3:61:14:ff:04:34:
                    10:4c:b3:97:1f:56:72:08:ba:10:f0:3e:c4:08:2a:
                    bf:61:17:d2:35:82:fc:db:aa:c2:5d:e9:53:8a:20:
                    24:b5:7f:88:a5:c6:49:fa:78:b9:72:54:a4:58:6a:
                    29:ee:30:61:72:fa:dd:03:79:3a:a5:af:a1:75:be:
                    cf:b2:48:fa:24:27:11:cd:8d:f4:24:c7:84:8d:30:
                    1e:12:68:e9:0c:2a:fb:9e:cd:c4:31:67:8a:0a:d2:
                    73:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:EE:52:98:B2:F3:1D:AC:D7:57:98:19:2B:2B:75:AB:66:50:C0:C9
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:60:66:c9:c4:53:35:ab:96:62:27:ef:91:c0:fc:af:85:d1:
         3e:eb:b5:48:da:3e:3a:fe:34:66:79:a0:70:5e:eb:79:07:31:
         96:fe:08:64:8c:ad:d3:16:87:4f:79:ff:68:0a:bd:c1:94:62:
         79:68:88:05:aa:8c:cb:6c:a1:34:8d:ce:1f:23:18:cc:6a:dd:
         49:45:31:8c:68:5b:87:99:e8:78:63:bd:85:89:7e:b3:84:19:
         3d:a0:1c:85:9f:ea:fe:7d:c4:a8:04:01:44:07:1b:fe:8c:8a:
         a1:c1:28:dd:46:d3:bc:30:db:af:85:10:67:db:3a:ce:32:97:
         ad:95:9a:45:da:04:de:07:36:1c:cb:f3:28:a2:be:ba:4c:36:
         cc:e5:d7:99:92:31:c5:74:ed:d7:d2:10:c6:8d:e6:bd:ab:7b:
         3b:69:57:63:c7:e6:2e:25:5d:06:46:13:d4:89:69:d5:2d:cd:
         ea:fc:43:28:f1:5b:95:94:d1:73:6d:b1:2f:0d:92:a8:e6:e0:
         3c:85:a9:46:64:3d:c7:34:b4:9d:94:a1:cd:77:d9:67:df:2a:
         aa:7e:fe:fa:4a:ad:a3:5d:39:f3:c2:0e:2f:e4:96:d0:ff:43:
         37:56:76:42:2f:88:73:0c:20:07:1e:4c:13:66:be:5e:94:4c:
         17:d5:49:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlw6kFQUVqWfaFr9jfUFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjYwNTE2MDcwMTI5WhcNMjYwNTE3MDcwMTI5WjAzMTEwLwYDVQQD
Eyg0MGVlNTI5OGIyZjMxZGFjZDc1Nzk4MTkyYjJiNzVhYjY2NTBjMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5NaBeRYbC4eP7AIciyJ4p1Aho6K
eBrFCkuvDyJX6rZ9w3Chn+4M2qEwIWlmgmPL5JlIzNx9RFbhGci8zoMvO/JR+wGG
ixfiJ/6zgRnloWH0CEW7jNzk27aYko2vb4RAXgecDPF2DG5LHDJJOM2x640QLPjo
kWKhAv0IaqCJMSBvFzy6fFbfqEpsIv9EgA7SHOXtlZWEDKO4LGHdZ8DTYRT/BDQQ
TLOXH1ZyCLoQ8D7ECCq/YRfSNYL826rCXelTiiAktX+IpcZJ+ni5clSkWGop7jBh
cvrdA3k6pa+hdb7Pskj6JCcRzY30JMeEjTAeEmjpDCr7ns3EMWeKCtJzkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDuUpiy8x2s11eYGSsrdatmUMDJMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABGBmycRT
NauWYifvkcD8r4XRPuu1SNo+Ov40ZnmgcF7reQcxlv4IZIyt0xaHT3n/aAq9wZRi
eWiIBaqMy2yhNI3OHyMYzGrdSUUxjGhbh5noeGO9hYl+s4QZPaAchZ/q/n3EqAQB
RAcb/oyKocEo3UbTvDDbr4UQZ9s6zjKXrZWaRdoE3gc2HMvzKKK+ukw2zOXXmZIx
xXTt19IQxo3mvat7O2lXY8fmLiVdBkYT1Ilp1S3N6vxDKPFblZTRc22xLw2SqObg
PIWpRmQ9xzS0nZShzXfZZ98qqn7++kqto10588IOL+SW0P9DN1Z2Qi+IcwwgBx5M
E2a+XpRMF9VJCg==
-----END CERTIFICATE-----