Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          PPdypokdxdvv9ndqoTsfUj+cUQ1TGZj3sd5b5P7gC5A=
Subject key identifier:   E1:4F:92:CE:C9:C0:7E:55:A2:E7:47:71:80:A2:85:3A:98:07:8F:D7
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019E2F97249563A7EC424C3CD45A90E635E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0A35
Signing time:             Sat 16 May 2026 07:01:34 +0000
Manifest this update:     Sat 16 May 2026 07:01:34 +0000
Manifest next update:     Sun 17 May 2026 07:01:34 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: 7ZHyo89RfPYAYSz5wGi2YTcy/Kte4EVnyKDgPz+eK4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:24:95:63:a7:ec:42:4c:3c:d4:5a:90:e6:35:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: May 16 07:01:34 2026 GMT
            Not After : May 17 07:01:34 2026 GMT
        Subject: CN=e14f92cec9c07e55a2e7477180a2853a98078fd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a8:54:a4:26:5e:9b:6e:56:14:f2:7d:b3:19:
                    61:3b:c1:eb:bb:b3:15:9b:66:67:a4:8f:30:a2:62:
                    03:da:40:fb:8b:8a:fd:62:5a:35:c6:ef:3f:a5:c0:
                    0f:80:0e:ce:2d:29:06:3b:f8:d5:8a:56:0f:40:63:
                    69:1a:e2:a0:eb:db:c6:d7:4e:1a:3a:25:e7:17:e7:
                    38:b3:97:2d:1c:06:e6:7d:ff:cb:eb:2f:30:64:10:
                    77:d5:41:3b:e8:8f:24:a1:0c:46:40:08:eb:ec:9c:
                    f2:24:81:e1:4e:18:97:1c:f4:4e:16:c5:7b:49:a9:
                    57:01:25:4e:3b:a6:ff:ce:75:c1:63:ce:7d:c4:52:
                    95:de:ef:01:b4:b7:f5:a2:bd:5b:3b:53:cb:33:05:
                    91:3e:e8:18:cc:c6:0b:9d:bc:54:d9:b0:dd:5f:92:
                    6d:d3:7d:3b:b8:ac:7f:05:32:a3:23:f3:c3:9d:af:
                    d2:57:ad:a0:72:cd:51:28:b4:8d:56:dd:76:ba:de:
                    70:72:8a:e3:d2:ec:33:ec:8e:bf:21:b0:d2:26:24:
                    ef:4c:cc:e8:7e:37:47:ef:9b:93:13:5a:e7:c5:65:
                    7b:d6:b1:9e:0a:d3:6b:01:bc:12:6a:68:65:5b:c0:
                    bc:9a:70:46:c8:44:a3:c0:ff:4e:a2:5d:31:fd:0e:
                    73:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:4F:92:CE:C9:C0:7E:55:A2:E7:47:71:80:A2:85:3A:98:07:8F:D7
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ec:b8:cb:6e:eb:65:7c:7a:2d:83:9b:4f:d6:c5:c5:61:ee:
         0d:35:06:69:a3:c0:0d:17:42:cb:92:e4:5e:4b:14:58:f7:2d:
         7f:6f:94:3a:02:1d:76:b1:9e:b2:f8:3a:d1:65:57:3e:e7:8e:
         a1:59:ce:08:4e:43:03:e7:1a:19:2d:6a:2c:1d:db:b9:b0:00:
         09:0f:b1:f1:57:55:69:21:01:04:ce:09:13:55:c4:3e:df:b1:
         7a:c2:f5:2c:22:0e:9d:66:c3:83:5e:c5:3f:50:dd:44:fc:fd:
         f0:67:10:6d:a0:a6:93:1d:b4:33:16:f6:1e:1b:6b:92:1e:de:
         5d:ff:7c:a1:00:65:3a:9e:48:55:d8:77:53:c3:9b:60:e5:0c:
         fc:c2:44:1a:d7:f7:68:e4:5b:94:0b:a0:e4:64:91:ba:59:69:
         81:8f:08:ae:3f:15:91:83:aa:0b:a6:6e:8f:e6:52:ef:b5:d9:
         37:10:49:9b:78:e5:4d:09:a7:66:6a:4a:80:12:52:63:a3:8c:
         ea:d6:da:19:7b:b9:f0:9c:3a:fe:47:e4:04:e2:12:e1:6c:2c:
         c6:a3:65:d2:8a:a3:09:fc:08:23:70:92:6b:49:6e:54:ef:fa:
         ee:1f:d7:08:31:8b:4f:b6:f0:ce:48:7c:a4:3e:83:69:cb:76:
         4f:60:51:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlySVY6fsQkw81FqQ5jXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwNTE2MDcwMTM0WhcNMjYwNTE3MDcwMTM0WjAzMTEwLwYDVQQD
EyhlMTRmOTJjZWM5YzA3ZTU1YTJlNzQ3NzE4MGEyODUzYTk4MDc4ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKhUpCZem25WFPJ9sxlhO8Hru7MV
m2ZnpI8womID2kD7i4r9Ylo1xu8/pcAPgA7OLSkGO/jVilYPQGNpGuKg69vG104a
OiXnF+c4s5ctHAbmff/L6y8wZBB31UE76I8koQxGQAjr7JzyJIHhThiXHPROFsV7
SalXASVOO6b/znXBY859xFKV3u8BtLf1or1bO1PLMwWRPugYzMYLnbxU2bDdX5Jt
0307uKx/BTKjI/PDna/SV62gcs1RKLSNVt12ut5wcorj0uwz7I6/IbDSJiTvTMzo
fjdH75uTE1rnxWV71rGeCtNrAbwSamhlW8C8mnBGyESjwP9Ool0x/Q5z3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFPks7JwH5VoudHcYCihTqYB4/XMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkey4y27r
ZXx6LYObT9bFxWHuDTUGaaPADRdCy5LkXksUWPctf2+UOgIddrGesvg60WVXPueO
oVnOCE5DA+caGS1qLB3bubAACQ+x8VdVaSEBBM4JE1XEPt+xesL1LCIOnWbDg17F
P1DdRPz98GcQbaCmkx20Mxb2Hhtrkh7eXf98oQBlOp5IVdh3U8ObYOUM/MJEGtf3
aORblAug5GSRullpgY8Irj8VkYOqC6Zuj+ZS77XZNxBJm3jlTQmnZmpKgBJSY6OM
6tbaGXu58Jw6/kfkBOIS4WwsxqNl0oqjCfwII3CSa0luVO/67h/XCDGLT7bwzkh8
pD6Dact2T2BRCg==
-----END CERTIFICATE-----