Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          hSgDIypJ0zSbGbkavy9vpH3CZ2ClP9zL+bKpbIXLx6I=
Subject key identifier:   EB:64:E1:69:6E:E5:C4:3B:55:80:01:C1:B1:81:74:6D:28:75:F2:7A
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019D3A548B92FBE10FB8BCFB71A513267C8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          12FF
Signing time:             Sun 29 Mar 2026 16:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:52 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: X5kWuZpBvB84L5Hzn12OYUNCkp+mQsG+FMsuepzj+vg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:8b:92:fb:e1:0f:b8:bc:fb:71:a5:13:26:7c:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Mar 29 16:01:52 2026 GMT
            Not After : Mar 30 16:01:52 2026 GMT
        Subject: CN=eb64e1696ee5c43b558001c1b181746d2875f27a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f7:a4:91:10:ca:fb:ba:bc:c2:70:17:19:67:
                    08:2b:2d:51:ff:0c:04:4e:28:ce:98:19:84:ac:38:
                    3d:17:a5:ec:00:c7:4a:52:9e:8c:c5:57:39:6f:9e:
                    8a:ac:2d:bf:e6:5b:59:ca:12:e0:e2:18:e9:2a:29:
                    f3:18:5a:86:66:0c:d9:86:6b:44:96:31:b0:52:b1:
                    ee:e4:31:cb:fe:8a:0f:50:8f:d1:92:ef:0b:57:75:
                    de:8f:76:52:41:07:68:08:e2:d5:44:d8:2e:d7:25:
                    ac:10:07:7f:77:ef:cb:0a:6d:11:5f:6f:ca:74:20:
                    e9:48:17:d7:ca:5a:62:fd:2b:6b:a5:00:24:07:39:
                    93:e3:ce:be:f5:62:c1:3e:a5:06:b5:90:82:0d:c8:
                    e6:a9:58:bb:9d:d0:1a:61:66:e3:14:de:4b:4c:0a:
                    f4:7b:44:53:25:da:b7:9d:9b:a3:c6:b8:a0:cd:68:
                    d5:7e:9c:d5:8b:85:cb:ab:81:72:9a:d1:53:a5:b9:
                    e5:1d:12:02:74:ce:ef:60:48:95:d9:49:6e:b7:36:
                    8c:a8:e5:1a:f1:3c:a2:92:ef:da:40:7c:3b:da:86:
                    16:eb:d8:1f:f2:10:49:3d:4f:59:f1:ef:cd:8f:5f:
                    a6:f1:7d:04:04:56:d4:bd:da:7c:5a:ec:b8:04:ee:
                    fe:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:64:E1:69:6E:E5:C4:3B:55:80:01:C1:B1:81:74:6D:28:75:F2:7A
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:9f:ec:6a:a8:32:6a:89:d0:19:bb:4f:c5:97:47:21:29:67:
         88:c9:64:c0:34:2a:a8:bf:91:84:54:28:ac:1b:71:a0:15:cd:
         e6:f9:25:1b:79:21:11:e9:9a:e3:58:48:ba:4d:29:54:24:87:
         11:20:cc:07:0b:d6:98:6a:9a:f0:c1:f9:86:5f:11:2f:8d:6f:
         7e:c9:68:8a:37:53:94:0f:72:04:d7:43:ee:f9:de:41:d7:cd:
         b6:c3:27:41:bc:73:12:87:9f:77:93:e2:1f:da:e5:d3:61:49:
         57:b9:c4:7f:ce:57:e8:00:4d:99:3e:6a:4d:25:2e:a1:93:b3:
         43:f2:0b:f5:36:29:4b:ca:d3:0f:cb:e4:ea:be:39:29:a3:d2:
         1b:e2:cc:de:82:fa:7f:71:46:69:15:71:b3:bb:67:92:f5:48:
         38:19:f0:89:3d:58:d3:e5:4b:3a:a9:65:6c:44:6d:c4:cc:ac:
         40:0e:0d:74:f1:fc:ed:10:7f:17:55:b0:d1:16:78:dc:79:02:
         41:39:d7:33:d2:2f:cd:87:f4:e0:09:72:75:6e:69:53:85:f1:
         ef:dc:e8:14:4c:87:f7:d0:a9:98:6e:f3:e3:80:7e:95:53:fd:
         32:7e:cc:be:a9:9d:a3:5e:04:f1:6d:fb:08:82:fe:67:c2:9c:
         c5:94:3f:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VIuS++EPuLz7caUTJnyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwMzI5MTYwMTUyWhcNMjYwMzMwMTYwMTUyWjAzMTEwLwYDVQQD
EyhlYjY0ZTE2OTZlZTVjNDNiNTU4MDAxYzFiMTgxNzQ2ZDI4NzVmMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvekkRDK+7q8wnAXGWcIKy1R/wwE
TijOmBmErDg9F6XsAMdKUp6MxVc5b56KrC2/5ltZyhLg4hjpKinzGFqGZgzZhmtE
ljGwUrHu5DHL/ooPUI/Rku8LV3Xej3ZSQQdoCOLVRNgu1yWsEAd/d+/LCm0RX2/K
dCDpSBfXylpi/StrpQAkBzmT486+9WLBPqUGtZCCDcjmqVi7ndAaYWbjFN5LTAr0
e0RTJdq3nZujxrigzWjVfpzVi4XLq4FymtFTpbnlHRICdM7vYEiV2UlutzaMqOUa
8Tyiku/aQHw72oYW69gf8hBJPU9Z8e/Nj1+m8X0EBFbUvdp8Wuy4BO7+GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtk4Wlu5cQ7VYABwbGBdG0odfJ6MB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5/saqgy
aonQGbtPxZdHISlniMlkwDQqqL+RhFQorBtxoBXN5vklG3khEema41hIuk0pVCSH
ESDMBwvWmGqa8MH5hl8RL41vfsloijdTlA9yBNdD7vneQdfNtsMnQbxzEoefd5Pi
H9rl02FJV7nEf85X6ABNmT5qTSUuoZOzQ/IL9TYpS8rTD8vk6r45KaPSG+LM3oL6
f3FGaRVxs7tnkvVIOBnwiT1Y0+VLOqllbERtxMysQA4NdPH87RB/F1Ww0RZ43HkC
QTnXM9IvzYf04AlydW5pU4Xx79zoFEyH99CpmG7z44B+lVP9Mn7Mvqmdo14E8W37
CIL+Z8KcxZQ/Og==
-----END CERTIFICATE-----