Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          YNRFqT9BpLHD8FUtGT1MlXzQ5G+gAEkL1qKcKy93yPw=
Subject key identifier:   A7:9F:F2:C7:86:CC:D1:5D:5F:B0:E7:12:23:F7:21:01:97:E8:ED:88
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       019E3004F9F1F0427D221FF5EDA04D13CDEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          161D
Signing time:             Sat 16 May 2026 09:01:32 +0000
Manifest this update:     Sat 16 May 2026 09:01:32 +0000
Manifest next update:     Sun 17 May 2026 09:01:32 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: +R1vau3HwZqYZlBemh2O92zsfka2X3TZI4L3wKIKl8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:04:f9:f1:f0:42:7d:22:1f:f5:ed:a0:4d:13:cd:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: May 16 09:01:32 2026 GMT
            Not After : May 17 09:01:32 2026 GMT
        Subject: CN=a79ff2c786ccd15d5fb0e71223f7210197e8ed88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4f:76:47:f2:5a:d8:b7:5e:fa:a6:2a:36:c0:
                    e9:c7:d0:12:cc:0c:08:f4:48:63:68:63:61:f2:b6:
                    ce:8b:8a:02:1d:64:7c:fa:4b:70:b6:29:b5:38:b2:
                    ee:6c:15:30:38:0c:13:f2:06:17:9a:c9:40:f9:d7:
                    0d:06:1a:e5:2b:72:4a:38:96:6c:3e:01:c5:1c:73:
                    11:57:05:89:19:55:f6:f7:2d:d6:27:9d:43:a9:32:
                    5c:64:e2:fd:86:6c:d5:91:56:d8:44:0d:ac:e3:59:
                    a5:aa:3e:01:24:0b:42:a3:46:ed:1d:31:8a:1b:14:
                    57:d3:e3:09:4c:69:41:00:2c:98:9e:f8:ae:4d:ae:
                    03:cf:2e:a5:42:80:df:00:23:e3:f2:21:51:38:d8:
                    ad:41:16:ed:01:6f:87:7e:71:96:1f:4a:e4:a4:7e:
                    90:18:da:98:dc:f0:bc:03:61:3b:2e:10:58:08:02:
                    70:87:b1:49:1b:11:e8:73:04:66:8b:e9:52:80:66:
                    15:03:99:53:aa:c3:18:6d:5a:ae:1b:c3:bf:00:71:
                    30:35:fa:aa:74:b6:86:cc:69:be:fa:59:52:44:95:
                    95:2d:39:5c:f4:45:50:bb:13:ad:95:0f:9b:63:bd:
                    fc:a0:93:77:58:69:10:cf:8e:87:3f:43:94:65:87:
                    3e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:9F:F2:C7:86:CC:D1:5D:5F:B0:E7:12:23:F7:21:01:97:E8:ED:88
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:ec:25:1b:38:9e:5a:b6:b4:35:b3:99:02:07:ab:e0:73:f6:
         27:fe:04:ed:6f:42:4b:1b:ab:ca:1b:2c:03:40:45:ee:bd:a4:
         55:a3:23:7b:b3:c8:9a:66:9b:d4:5f:4d:71:75:58:88:cc:17:
         1e:04:d1:a4:de:2e:54:77:8d:0e:88:01:99:64:82:bf:46:eb:
         55:5d:46:10:76:ec:0a:a6:46:23:1e:03:b5:61:2a:af:6f:97:
         97:d4:6e:48:28:68:a2:d0:d1:b5:a6:bd:b7:03:c3:cf:ef:90:
         93:d2:e9:bf:96:86:99:0a:65:e2:9c:92:ce:7c:0a:0a:9a:d6:
         24:8d:5a:48:27:cf:05:dd:59:df:4b:ff:f2:72:56:7e:90:39:
         ba:c6:c6:f8:81:c0:33:d8:fe:11:5e:50:9a:21:e5:8e:cb:79:
         78:e7:34:21:f3:55:f2:cc:43:c9:0c:c7:8d:81:60:71:30:e6:
         c4:6b:4b:6c:d6:b1:d3:e9:e8:16:d3:1f:6b:76:97:c3:cc:f9:
         8d:5a:09:68:02:fb:14:73:46:06:96:4e:84:d7:aa:9e:86:6e:
         66:b2:9b:88:12:33:80:a3:72:ca:3f:99:8e:38:f0:e3:56:cb:
         af:4d:00:b5:45:5c:ac:a3:07:86:3d:e4:83:88:52:c4:a0:e9:
         33:4c:26:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBPnx8EJ9Ih/17aBNE83sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjYwNTE2MDkwMTMyWhcNMjYwNTE3MDkwMTMyWjAzMTEwLwYDVQQD
EyhhNzlmZjJjNzg2Y2NkMTVkNWZiMGU3MTIyM2Y3MjEwMTk3ZThlZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk92R/Ja2Lde+qYqNsDpx9ASzAwI
9EhjaGNh8rbOi4oCHWR8+ktwtim1OLLubBUwOAwT8gYXmslA+dcNBhrlK3JKOJZs
PgHFHHMRVwWJGVX29y3WJ51DqTJcZOL9hmzVkVbYRA2s41mlqj4BJAtCo0btHTGK
GxRX0+MJTGlBACyYnviuTa4Dzy6lQoDfACPj8iFRONitQRbtAW+HfnGWH0rkpH6Q
GNqY3PC8A2E7LhBYCAJwh7FJGxHocwRmi+lSgGYVA5lTqsMYbVquG8O/AHEwNfqq
dLaGzGm++llSRJWVLTlc9EVQuxOtlQ+bY738oJN3WGkQz46HP0OUZYc+WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKef8seGzNFdX7DnEiP3IQGX6O2IMB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFewlGzie
Wra0NbOZAger4HP2J/4E7W9CSxuryhssA0BF7r2kVaMje7PImmab1F9NcXVYiMwX
HgTRpN4uVHeNDogBmWSCv0brVV1GEHbsCqZGIx4DtWEqr2+Xl9RuSChootDRtaa9
twPDz++Qk9Lpv5aGmQpl4pySznwKCprWJI1aSCfPBd1Z30v/8nJWfpA5usbG+IHA
M9j+EV5QmiHljst5eOc0IfNV8sxDyQzHjYFgcTDmxGtLbNax0+noFtMfa3aXw8z5
jVoJaAL7FHNGBpZOhNeqnoZuZrKbiBIzgKNyyj+Zjjjw41bLr00AtUVcrKMHhj3k
g4hSxKDpM0wmkw==
-----END CERTIFICATE-----