Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          EgOowIKPwC/dt7cNbDBOonlByghaKe6IFAGuul2x+JM=
Subject key identifier:   3A:CB:6D:C9:78:02:6E:1B:06:85:BA:25:02:71:59:AF:E8:70:91:D2
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       019E30E0AD2AC992E72D6D02E7F2C40B875E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          190E
Signing time:             Sat 16 May 2026 13:01:31 +0000
Manifest this update:     Sat 16 May 2026 13:01:31 +0000
Manifest next update:     Sun 17 May 2026 13:01:31 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: FkCB464KU6Nc1tIvlEc+wVolT7iRRdiQkBlRMsbEghQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:e0:ad:2a:c9:92:e7:2d:6d:02:e7:f2:c4:0b:87:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: May 16 13:01:31 2026 GMT
            Not After : May 17 13:01:31 2026 GMT
        Subject: CN=3acb6dc978026e1b0685ba25027159afe87091d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f9:1c:5d:ef:38:e6:50:21:ef:5d:fb:f1:55:
                    de:69:73:a3:ed:10:48:15:37:9e:06:af:af:40:a3:
                    a3:b6:30:15:64:0f:4d:95:0f:77:7d:cc:02:78:bc:
                    06:0e:8f:ee:3b:30:e5:f7:42:84:4e:8f:34:a0:58:
                    91:37:95:55:ff:c4:11:f5:a5:41:8e:ff:76:ed:3f:
                    79:8f:09:60:7f:6c:80:ee:f8:8a:19:48:20:08:f4:
                    21:89:fb:b4:09:c7:2b:f5:fb:6b:1b:0a:d9:f7:0d:
                    48:ca:7f:90:33:8d:ec:a0:61:b0:fa:38:ad:0e:aa:
                    16:f1:58:06:65:f0:bd:12:b6:03:de:10:29:ec:a6:
                    b6:ca:fc:f8:4e:12:c6:0c:08:80:a3:bf:02:1b:87:
                    ff:98:d0:5e:12:2f:94:a3:aa:32:5f:44:2a:7c:a7:
                    1e:07:f1:fc:c1:8e:95:2f:59:6a:30:81:34:5b:30:
                    cb:e1:2b:61:2a:2f:4c:88:7d:bd:99:a1:ef:b3:b0:
                    a5:7d:eb:50:8a:15:6e:54:2b:88:45:ad:77:19:d9:
                    55:1d:51:79:89:3b:33:db:78:66:55:c1:2c:82:cf:
                    6d:7f:7b:05:fc:f7:0e:03:f2:f7:0f:b6:b0:65:49:
                    e6:cd:bb:af:1f:0e:96:4a:c4:58:41:60:7e:0d:93:
                    f1:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:CB:6D:C9:78:02:6E:1B:06:85:BA:25:02:71:59:AF:E8:70:91:D2
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:a7:55:45:dc:67:be:e5:53:09:c8:42:1a:9d:d4:bb:52:2f:
         01:31:47:cd:b7:cc:c0:70:62:99:53:c3:1f:ac:2b:61:e1:2c:
         04:94:34:86:71:3f:e9:5e:f8:31:76:bc:6a:21:79:39:23:e5:
         8f:9e:c7:eb:13:b9:95:90:f9:0d:7b:59:59:6f:f5:48:36:b7:
         bc:25:e5:bf:2f:af:f6:ac:e3:ab:c1:50:a1:dc:13:3f:8f:44:
         8c:b1:71:ae:d3:82:b3:0f:78:13:54:c2:35:d2:b4:3c:8e:c0:
         20:8a:83:ba:42:69:ff:8c:28:2a:50:a4:d1:38:1f:8d:52:91:
         75:10:62:d8:dd:2d:90:f0:c5:d6:92:49:40:df:3f:ae:31:f9:
         fe:13:7b:af:18:9f:7b:40:ac:4d:2e:34:de:46:ae:7c:1c:be:
         8b:fa:91:24:a5:9b:50:58:26:fd:32:ad:7e:3f:9a:11:c0:59:
         48:91:8e:2c:98:90:5e:8c:9d:58:5c:77:02:49:28:1e:40:e2:
         e7:e0:31:58:41:d4:e2:f9:b5:bb:85:02:2c:6e:82:3e:75:32:
         ff:fd:fb:cb:fd:fd:74:7e:da:26:c6:e8:ff:cb:de:d6:f2:8f:
         b7:f8:0c:8b:b7:4e:18:3d:01:07:f9:11:f4:5f:8e:23:ef:a7:
         e9:42:a3:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4K0qyZLnLW0C5/LEC4deMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjYwNTE2MTMwMTMxWhcNMjYwNTE3MTMwMTMxWjAzMTEwLwYDVQQD
EygzYWNiNmRjOTc4MDI2ZTFiMDY4NWJhMjUwMjcxNTlhZmU4NzA5MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvkcXe845lAh71378VXeaXOj7RBI
FTeeBq+vQKOjtjAVZA9NlQ93fcwCeLwGDo/uOzDl90KETo80oFiRN5VV/8QR9aVB
jv927T95jwlgf2yA7viKGUggCPQhifu0Cccr9ftrGwrZ9w1Iyn+QM43soGGw+jit
DqoW8VgGZfC9ErYD3hAp7Ka2yvz4ThLGDAiAo78CG4f/mNBeEi+Uo6oyX0QqfKce
B/H8wY6VL1lqMIE0WzDL4SthKi9MiH29maHvs7ClfetQihVuVCuIRa13GdlVHVF5
iTsz23hmVcEsgs9tf3sF/PcOA/L3D7awZUnmzbuvHw6WSsRYQWB+DZPxtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrLbcl4Am4bBoW6JQJxWa/ocJHSMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKdVRdxn
vuVTCchCGp3Uu1IvATFHzbfMwHBimVPDH6wrYeEsBJQ0hnE/6V74MXa8aiF5OSPl
j57H6xO5lZD5DXtZWW/1SDa3vCXlvy+v9qzjq8FQodwTP49EjLFxrtOCsw94E1TC
NdK0PI7AIIqDukJp/4woKlCk0TgfjVKRdRBi2N0tkPDF1pJJQN8/rjH5/hN7rxif
e0CsTS403kaufBy+i/qRJKWbUFgm/TKtfj+aEcBZSJGOLJiQXoydWFx3AkkoHkDi
5+AxWEHU4vm1u4UCLG6CPnUy//37y/39dH7aJsbo/8ve1vKPt/gMi7dOGD0BB/kR
9F+OI++n6UKjPA==
-----END CERTIFICATE-----