Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          zQy819PjUDNZmPSVhK8BaN2sZ3XNC9QpucVRSnWAv2I=
Subject key identifier:   86:02:D6:B1:2F:2A:D5:66:55:4B:A7:E5:46:AD:FC:40:3D:3E:A1:D5
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019E314E3538DF6A70E392602ADAAC9B3421
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          149F
Signing time:             Sat 16 May 2026 15:01:09 +0000
Manifest this update:     Sat 16 May 2026 15:01:09 +0000
Manifest next update:     Sun 17 May 2026 15:01:09 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: PGVVV46mQWgzwdox+f4twWoXEXs41MZ1/gRJrhR396I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:4e:35:38:df:6a:70:e3:92:60:2a:da:ac:9b:34:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: May 16 15:01:09 2026 GMT
            Not After : May 17 15:01:09 2026 GMT
        Subject: CN=8602d6b12f2ad566554ba7e546adfc403d3ea1d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:bc:ad:ab:89:43:f3:42:ea:e1:c5:09:e9:97:
                    b5:a7:6a:d2:36:0e:33:fa:67:d7:ef:60:0f:c9:cb:
                    9c:a0:86:99:9c:5d:ad:e8:5a:fe:68:ce:5c:27:54:
                    e1:08:34:76:ca:4e:81:ef:6b:41:28:bd:ce:10:5b:
                    c5:0f:48:9d:98:ed:45:c3:b2:de:79:60:d2:30:5b:
                    38:fc:3e:c3:a5:6a:21:46:72:59:73:3d:a9:83:20:
                    e8:46:02:13:4b:c1:3b:8f:d9:92:b9:94:ad:67:52:
                    f6:df:38:26:b1:f6:0f:c6:dd:98:30:16:4c:e5:9c:
                    a3:13:38:b2:40:94:07:0d:98:25:ed:89:7c:23:cf:
                    8e:74:d6:d7:b5:6b:3f:08:27:4e:c8:d4:5b:ad:5c:
                    05:06:23:52:ce:bc:2e:07:61:be:c0:77:1b:3e:b5:
                    7e:ae:54:e0:0d:d2:9f:6c:02:01:3b:6c:8d:ef:b3:
                    59:b7:75:95:68:bd:41:b4:ca:37:fc:2a:63:de:6f:
                    ba:83:e9:00:04:28:6d:ac:d2:ed:7f:cd:d0:df:b0:
                    a9:76:71:b1:a6:d6:7c:23:7d:59:fa:3a:ba:3f:f5:
                    89:83:cd:94:d5:1b:fb:e0:26:58:0d:4b:9b:f7:dd:
                    7e:4d:fa:12:6c:0a:41:6a:ff:89:cf:bb:29:8b:8f:
                    b0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:02:D6:B1:2F:2A:D5:66:55:4B:A7:E5:46:AD:FC:40:3D:3E:A1:D5
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:d2:a0:70:2e:35:44:b1:a7:89:d8:40:d7:09:73:7f:e1:0b:
         94:a0:b9:84:af:cd:25:e5:b1:61:e5:aa:48:20:6b:86:23:36:
         9e:ea:1d:dd:7e:a6:d2:a1:86:7d:60:d6:ef:17:a1:2c:39:65:
         ca:52:24:4a:32:ac:75:c2:c9:dc:f2:7b:a4:2f:6c:f5:85:b4:
         57:b5:c7:dc:c6:29:72:52:80:75:43:68:1d:64:d1:49:28:c0:
         5e:63:ac:6d:05:b1:06:e9:b1:71:22:48:cc:63:39:29:57:bd:
         1c:fa:25:07:da:98:2e:23:8e:bf:00:4e:3b:89:85:6e:a2:76:
         c8:08:f3:83:7f:e1:93:e5:51:6b:4c:0b:c1:e1:5d:10:fe:de:
         22:9f:73:d1:80:b5:8a:c6:81:c0:4d:fe:61:05:0e:59:8a:b3:
         ac:db:e9:35:08:31:bf:a9:44:f4:65:10:ca:3a:e8:87:6d:ad:
         ef:98:60:ab:f8:9c:0b:25:e9:d3:d2:c3:55:56:ac:73:2a:f7:
         37:ee:c1:43:80:7f:da:c6:eb:cc:4a:19:cc:5f:82:a5:bc:87:
         2c:c9:3e:43:27:2f:e2:d1:85:ef:72:d0:50:af:49:6f:65:f1:
         e2:9a:cb:a8:ee:a1:71:18:9c:03:19:0f:df:a7:ca:36:a8:46:
         9f:89:19:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xTjU432pw45JgKtqsmzQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwNTE2MTUwMTA5WhcNMjYwNTE3MTUwMTA5WjAzMTEwLwYDVQQD
Eyg4NjAyZDZiMTJmMmFkNTY2NTU0YmE3ZTU0NmFkZmM0MDNkM2VhMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrytq4lD80Lq4cUJ6Ze1p2rSNg4z
+mfX72APycucoIaZnF2t6Fr+aM5cJ1ThCDR2yk6B72tBKL3OEFvFD0idmO1Fw7Le
eWDSMFs4/D7DpWohRnJZcz2pgyDoRgITS8E7j9mSuZStZ1L23zgmsfYPxt2YMBZM
5ZyjEziyQJQHDZgl7Yl8I8+OdNbXtWs/CCdOyNRbrVwFBiNSzrwuB2G+wHcbPrV+
rlTgDdKfbAIBO2yN77NZt3WVaL1BtMo3/Cpj3m+6g+kABChtrNLtf83Q37CpdnGx
ptZ8I31Z+jq6P/WJg82U1Rv74CZYDUub991+TfoSbApBav+Jz7spi4+wuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYC1rEvKtVmVUun5Uat/EA9PqHVMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtKgcC41
RLGnidhA1wlzf+ELlKC5hK/NJeWxYeWqSCBrhiM2nuod3X6m0qGGfWDW7xehLDll
ylIkSjKsdcLJ3PJ7pC9s9YW0V7XH3MYpclKAdUNoHWTRSSjAXmOsbQWxBumxcSJI
zGM5KVe9HPolB9qYLiOOvwBOO4mFbqJ2yAjzg3/hk+VRa0wLweFdEP7eIp9z0YC1
isaBwE3+YQUOWYqzrNvpNQgxv6lE9GUQyjroh22t75hgq/icCyXp09LDVVascyr3
N+7BQ4B/2sbrzEoZzF+CpbyHLMk+Qycv4tGF73LQUK9Jb2Xx4prLqO6hcRicAxkP
36fKNqhGn4kZLA==
-----END CERTIFICATE-----