Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          fuX1MC8GBd/3E2ZUPBktDRiWtBktoxhZHMUVSwJLbzc=
Subject key identifier:   47:1E:67:73:31:83:57:19:11:18:46:25:55:C3:EC:FD:2B:46:1D:D1
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019E300588844EB96C85F19C9F12BE0F380E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          1646
Signing time:             Sat 16 May 2026 09:02:09 +0000
Manifest this update:     Sat 16 May 2026 09:02:09 +0000
Manifest next update:     Sun 17 May 2026 09:02:09 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: jcpIa+5sorY3lZIeXImI/g+IBmfAAdADwbrmm0mVUG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:05:88:84:4e:b9:6c:85:f1:9c:9f:12:be:0f:38:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: May 16 09:02:09 2026 GMT
            Not After : May 17 09:02:09 2026 GMT
        Subject: CN=471e6773318357191118462555c3ecfd2b461dd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:59:8a:c3:a2:21:c9:da:6d:31:ef:91:ca:d4:
                    c0:75:7c:ef:7b:31:2f:80:a7:86:54:24:3b:66:d8:
                    2c:df:5a:e9:78:3d:e0:98:70:fa:ae:4c:c8:b8:66:
                    bf:eb:2d:c7:f4:ec:81:40:88:17:49:1a:6d:54:96:
                    ae:31:d4:f6:c1:71:90:4f:2d:76:27:54:83:03:99:
                    f2:83:2a:bb:6e:8e:8b:1a:4e:df:5c:a2:e6:5a:d8:
                    a7:30:b4:dd:02:ad:98:fd:2d:bb:86:86:f2:00:fa:
                    14:2f:58:81:4c:c2:ee:b9:5c:8a:d1:28:3b:ed:e5:
                    6c:04:96:1c:62:b6:39:43:52:87:82:23:76:fd:22:
                    82:ab:68:fc:e7:f0:da:10:61:86:79:b6:61:00:5f:
                    51:57:a1:c3:38:a6:fa:c8:4b:ee:1d:eb:6a:32:ce:
                    27:cf:68:5f:2e:7d:37:de:80:a1:ac:1b:a5:36:8c:
                    1f:b4:6e:af:c7:b1:6e:f7:29:7d:cb:eb:6f:52:99:
                    70:4a:5c:51:b8:4f:cb:6c:4d:fa:0e:bc:77:46:cd:
                    45:9a:a1:e5:f6:1b:df:bd:f0:e3:e2:fd:5d:f5:e5:
                    ed:a8:7e:86:20:a5:02:21:b3:34:17:e7:e1:d5:d5:
                    1e:b3:c0:d2:e1:cc:3e:ba:dc:b2:e0:63:d4:3b:9e:
                    ca:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:1E:67:73:31:83:57:19:11:18:46:25:55:C3:EC:FD:2B:46:1D:D1
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:e5:1a:98:20:e8:11:6e:37:4a:4f:93:78:1c:9b:87:68:c3:
         43:55:a9:5d:ea:6a:05:3f:4a:f7:15:21:88:d1:32:f4:04:12:
         a6:cb:12:82:08:56:48:2b:13:cf:d2:04:fe:f4:c0:b1:c6:8a:
         dc:34:7b:0c:8a:53:a0:5d:cb:a8:e7:38:0d:9e:c1:14:bd:83:
         8c:91:eb:30:2e:50:eb:b9:f8:e9:99:d3:53:8e:47:60:24:0c:
         f2:4f:7c:0b:2b:76:8a:ac:1c:0f:54:a5:86:0a:df:ea:3a:bc:
         31:eb:fc:82:87:b3:6e:2a:9f:1d:3b:e5:e8:44:4c:8c:f9:ef:
         65:6b:7f:03:f3:9c:10:70:20:ba:ea:fe:90:96:46:70:39:2b:
         e6:42:c5:2d:a6:55:d5:9f:2a:b1:11:35:72:f8:e5:fc:66:17:
         e8:c0:1c:70:a7:ee:c7:08:5e:94:46:3e:a8:5f:a6:ad:20:40:
         8c:e7:11:79:fd:8c:c7:78:78:36:12:bd:c3:f7:cd:30:c0:b2:
         ae:d3:08:78:82:46:d2:9c:a2:23:77:52:d3:65:9f:fa:f9:5f:
         1c:74:d0:b4:88:41:2f:87:22:c0:63:e4:d5:04:66:91:d6:fd:
         72:4a:4a:3d:cc:cb:b7:51:1e:eb:a9:30:73:99:a1:3d:d9:21:
         f7:6c:40:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBYiETrlshfGcnxK+DzgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjYwNTE2MDkwMjA5WhcNMjYwNTE3MDkwMjA5WjAzMTEwLwYDVQQD
Eyg0NzFlNjc3MzMxODM1NzE5MTExODQ2MjU1NWMzZWNmZDJiNDYxZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVmKw6IhydptMe+RytTAdXzvezEv
gKeGVCQ7Ztgs31rpeD3gmHD6rkzIuGa/6y3H9OyBQIgXSRptVJauMdT2wXGQTy12
J1SDA5nygyq7bo6LGk7fXKLmWtinMLTdAq2Y/S27hobyAPoUL1iBTMLuuVyK0Sg7
7eVsBJYcYrY5Q1KHgiN2/SKCq2j85/DaEGGGebZhAF9RV6HDOKb6yEvuHetqMs4n
z2hfLn033oChrBulNowftG6vx7Fu9yl9y+tvUplwSlxRuE/LbE36Drx3Rs1FmqHl
9hvfvfDj4v1d9eXtqH6GIKUCIbM0F+fh1dUes8DS4cw+utyy4GPUO57KEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEceZ3Mxg1cZERhGJVXD7P0rRh3RMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjOUamCDo
EW43Sk+TeBybh2jDQ1WpXepqBT9K9xUhiNEy9AQSpssSgghWSCsTz9IE/vTAscaK
3DR7DIpToF3LqOc4DZ7BFL2DjJHrMC5Q67n46ZnTU45HYCQM8k98Cyt2iqwcD1Sl
hgrf6jq8Mev8goezbiqfHTvl6ERMjPnvZWt/A/OcEHAguur+kJZGcDkr5kLFLaZV
1Z8qsRE1cvjl/GYX6MAccKfuxwhelEY+qF+mrSBAjOcRef2Mx3h4NhK9w/fNMMCy
rtMIeIJG0pyiI3dS02Wf+vlfHHTQtIhBL4ciwGPk1QRmkdb9ckpKPczLt1Ee66kw
c5mhPdkh92xAfg==
-----END CERTIFICATE-----