Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          69dyVj58cMEH1ZaqOlrkDDFi2Y98MEqREpEETfw1Nnk=
Subject key identifier:   9B:4C:21:4A:DA:1F:B5:41:2A:11:CF:91:86:48:68:D4:A2:C1:E4:4A
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019F1943EAB261E39B61757BE0F34DB5F3C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0AAE
Signing time:             Tue 30 Jun 2026 16:01:49 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:49 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:49 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: 5fscumQVi/df4eJvilgffUR5F6QPSde3vsfT0XdVU6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:ea:b2:61:e3:9b:61:75:7b:e0:f3:4d:b5:f3:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Jun 30 16:01:49 2026 GMT
            Not After : Jul  1 16:01:49 2026 GMT
        Subject: CN=9b4c214ada1fb5412a11cf91864868d4a2c1e44a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:27:ce:59:97:c4:67:a5:7c:0c:51:c0:3a:6f:
                    a2:71:d0:e3:98:36:1e:3d:37:e1:d2:62:b7:fa:61:
                    cc:0a:c2:91:e9:2e:21:1f:11:a2:76:95:4b:37:da:
                    0b:8f:e2:a8:4a:30:d1:16:49:37:31:c1:aa:bf:61:
                    f1:93:2b:4c:b6:c8:98:28:c0:0f:0c:0a:7f:92:2c:
                    0b:ce:1d:72:99:95:ab:41:a6:01:44:d8:40:ef:93:
                    b1:98:72:fe:cf:35:21:ea:18:0b:c3:3e:a4:1f:e3:
                    60:b8:76:76:9c:15:54:1a:4e:3e:9c:6f:44:dd:98:
                    39:ec:17:2f:27:65:c5:29:37:4b:51:c7:fb:3f:c8:
                    e0:6b:70:85:49:4f:cb:f8:09:4e:2c:c3:41:55:2a:
                    18:c5:4c:dc:96:ec:39:56:1c:86:41:16:bc:a3:43:
                    47:1c:3e:3e:ea:6d:07:c4:2f:5c:8b:25:19:2a:af:
                    64:5b:09:ef:f5:ef:60:03:39:4d:92:ea:ac:ce:77:
                    37:8d:d7:2a:f1:b7:c8:ad:ec:72:dd:b8:aa:c9:b0:
                    34:0c:84:b8:39:cc:e9:b2:60:80:61:fb:91:51:d3:
                    fb:e4:d8:3b:d7:20:c9:43:fa:2d:96:3f:1f:9b:9b:
                    09:02:f4:c6:3a:bc:a3:5c:a1:57:f3:43:bd:53:a6:
                    31:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:4C:21:4A:DA:1F:B5:41:2A:11:CF:91:86:48:68:D4:A2:C1:E4:4A
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:71:be:a5:4f:33:a6:3d:58:35:0e:47:5e:7d:5b:3b:9a:7b:
         99:54:e7:75:7c:f9:94:d3:f2:b7:9b:64:fa:09:e2:ea:05:ae:
         32:f8:c2:f4:42:f3:65:ee:cd:10:09:86:26:ba:10:e7:6d:6d:
         7c:63:53:f3:1a:7d:f7:42:04:41:8f:bf:da:4e:91:1c:06:42:
         61:23:34:e7:f9:26:2d:d0:6c:14:5a:d1:ab:d8:7a:8e:91:9a:
         b3:53:71:03:5c:b2:bb:dc:6e:cb:ea:8e:8c:13:d6:24:22:fd:
         85:f6:5c:13:11:66:06:51:21:03:32:b7:0c:c1:a8:8c:85:a8:
         0c:fa:8a:53:a9:86:29:8b:53:f9:83:bc:fc:0a:72:4a:6c:ca:
         98:bd:4f:4f:df:ce:9b:18:a4:f1:10:ef:d1:8d:4b:c1:6e:f0:
         cf:d9:61:1b:97:38:5a:58:71:c3:f7:1e:ac:84:76:1a:1c:0c:
         4e:28:83:76:b0:49:e8:a4:f4:00:d8:19:84:c4:9c:7b:9f:69:
         3a:cd:af:96:c2:b0:7e:4e:18:cc:3c:cd:73:7d:c7:3d:2f:da:
         04:9c:0e:21:a4:72:f8:9a:4b:18:5b:91:18:5b:64:f8:61:9a:
         50:36:d0:b1:f0:23:e5:b4:cb:b3:57:d0:7d:f9:56:2a:a2:63:
         b2:99:18:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ+qyYeObYXV74PNNtfPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwNjMwMTYwMTQ5WhcNMjYwNzAxMTYwMTQ5WjAzMTEwLwYDVQQD
Eyg5YjRjMjE0YWRhMWZiNTQxMmExMWNmOTE4NjQ4NjhkNGEyYzFlNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyfOWZfEZ6V8DFHAOm+icdDjmDYe
PTfh0mK3+mHMCsKR6S4hHxGidpVLN9oLj+KoSjDRFkk3McGqv2HxkytMtsiYKMAP
DAp/kiwLzh1ymZWrQaYBRNhA75OxmHL+zzUh6hgLwz6kH+NguHZ2nBVUGk4+nG9E
3Zg57BcvJ2XFKTdLUcf7P8jga3CFSU/L+AlOLMNBVSoYxUzcluw5VhyGQRa8o0NH
HD4+6m0HxC9ciyUZKq9kWwnv9e9gAzlNkuqsznc3jdcq8bfIrexy3biqybA0DIS4
OczpsmCAYfuRUdP75Ng71yDJQ/otlj8fm5sJAvTGOryjXKFX80O9U6YxwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtMIUraH7VBKhHPkYZIaNSiweRKMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanG+pU8z
pj1YNQ5HXn1bO5p7mVTndXz5lNPyt5tk+gni6gWuMvjC9ELzZe7NEAmGJroQ521t
fGNT8xp990IEQY+/2k6RHAZCYSM05/kmLdBsFFrRq9h6jpGas1NxA1yyu9xuy+qO
jBPWJCL9hfZcExFmBlEhAzK3DMGojIWoDPqKU6mGKYtT+YO8/ApySmzKmL1PT9/O
mxik8RDv0Y1LwW7wz9lhG5c4Wlhxw/cerIR2GhwMTiiDdrBJ6KT0ANgZhMSce59p
Os2vlsKwfk4YzDzNc33HPS/aBJwOIaRy+JpLGFuRGFtk+GGaUDbQsfAj5bTLs1fQ
fflWKqJjspkY0A==
-----END CERTIFICATE-----