Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
File:                     3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json)
Hash identifier:          ytkJWzId84yQeBUnA0nix++3lYeyrXrQvD97pN0ewh4=
Subject key identifier:   97:38:34:8D:D1:C4:A4:F0:53:83:5B:95:C4:26:6C:C0:68:99:53:3C
Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
Certificate issuer:       /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Certificate serial:       019E31174C306939CBFBFEB751E6342DEB71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
Manifest number:          0861
Signing time:             Sat 16 May 2026 14:01:10 +0000
Manifest this update:     Sat 16 May 2026 14:01:10 +0000
Manifest next update:     Sun 17 May 2026 14:01:10 +0000
Files and hashes:         1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: u9ei6htxZldWcQMl7rQZuZZ/nO06lPEQ/HWXVDAgukg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:17:4c:30:69:39:cb:fb:fe:b7:51:e6:34:2d:eb:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
        Validity
            Not Before: May 16 14:01:10 2026 GMT
            Not After : May 17 14:01:10 2026 GMT
        Subject: CN=9738348dd1c4a4f053835b95c4266cc06899533c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1e:e7:8f:51:93:f6:8a:ef:32:14:82:e0:1b:
                    7c:bb:60:14:23:41:0a:67:6b:f8:96:05:23:5f:c0:
                    c3:46:4d:1b:5c:35:1e:24:eb:37:9c:8d:7b:9b:5d:
                    f8:a8:f7:39:54:3f:c6:32:e6:c7:d6:53:a3:25:4b:
                    a5:a6:6f:0c:d8:91:3f:00:a5:f9:89:88:76:57:b2:
                    d8:55:33:4f:81:98:af:86:dc:b3:b2:81:89:58:25:
                    6e:1a:27:61:a6:b6:bc:80:16:a2:c2:59:1a:5f:9e:
                    e0:d7:10:7b:a6:10:c3:a5:86:c3:9c:d7:ce:f5:6e:
                    83:0e:e1:5a:71:42:29:75:07:9e:c4:11:99:d1:f4:
                    32:7f:98:e9:16:29:70:87:e1:36:89:16:7e:5e:0d:
                    48:4d:ce:0e:13:b3:19:ac:de:d1:86:62:6c:4c:3e:
                    b0:a9:af:e8:8b:6d:4a:f9:a8:36:9a:46:91:7d:f1:
                    89:15:16:4b:ca:5d:ff:62:05:04:b3:3d:ed:ca:bb:
                    12:dd:42:de:63:ea:13:95:6f:cc:1a:63:b5:d3:b4:
                    24:ec:8d:cc:06:7d:24:d7:d5:dd:54:3c:94:34:42:
                    0e:5e:b1:c5:9c:da:7a:e9:10:a3:56:7a:ef:3c:6d:
                    3d:76:6a:9a:e4:b2:b7:ba:d2:a3:d7:88:ae:8c:fa:
                    27:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:38:34:8D:D1:C4:A4:F0:53:83:5B:95:C4:26:6C:C0:68:99:53:3C
            X509v3 Authority Key Identifier:
                keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:2b:f9:e6:c3:ba:d9:25:79:7e:16:28:88:ad:46:07:09:a9:
         83:f9:4f:ea:f2:08:42:ea:8d:a2:2e:42:15:62:cd:09:8e:2c:
         a9:3a:fc:0f:6c:1f:3e:7e:49:39:f6:ce:fa:21:0e:c1:09:80:
         62:3e:59:57:1c:56:82:6a:22:15:63:2a:5b:fd:18:7c:19:11:
         83:6a:24:35:0d:25:18:cc:57:ec:34:af:22:59:02:3c:45:22:
         e3:73:90:38:13:96:82:04:67:8f:cb:c3:63:94:b3:0f:37:de:
         9a:cb:d9:e9:0c:9d:db:8c:71:a6:a0:7d:4e:c8:ee:25:5f:35:
         47:c1:60:67:38:78:a6:2f:0b:6a:c2:87:1b:c6:77:ae:0b:40:
         a2:e7:05:e7:43:9f:ac:61:35:0d:58:9a:25:47:5e:28:3c:ec:
         1f:18:03:10:bd:7d:a1:f7:b1:93:eb:ff:e8:ad:30:3d:5b:fe:
         49:82:85:cb:f5:92:9f:6b:b8:a0:70:18:51:3f:1e:90:e9:2f:
         52:6c:8d:32:8f:86:f5:cf:67:cb:18:e3:fe:73:14:eb:c7:57:
         6a:03:ab:b8:d4:3f:3f:65:6e:21:40:93:04:09:c6:6d:48:e9:
         8d:45:f1:e8:ac:b7:dd:3a:ac:32:6f:cd:1b:23:49:88:a4:6f:
         c3:8b:07:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xF0wwaTnL+/63UeY0LetxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi
ZDkxYTQwHhcNMjYwNTE2MTQwMTEwWhcNMjYwNTE3MTQwMTEwWjAzMTEwLwYDVQQD
Eyg5NzM4MzQ4ZGQxYzRhNGYwNTM4MzViOTVjNDI2NmNjMDY4OTk1MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox7nj1GT9orvMhSC4Bt8u2AUI0EK
Z2v4lgUjX8DDRk0bXDUeJOs3nI17m134qPc5VD/GMubH1lOjJUulpm8M2JE/AKX5
iYh2V7LYVTNPgZivhtyzsoGJWCVuGidhpra8gBaiwlkaX57g1xB7phDDpYbDnNfO
9W6DDuFacUIpdQeexBGZ0fQyf5jpFilwh+E2iRZ+Xg1ITc4OE7MZrN7RhmJsTD6w
qa/oi21K+ag2mkaRffGJFRZLyl3/YgUEsz3tyrsS3ULeY+oTlW/MGmO107Qk7I3M
Bn0k19XdVDyUNEIOXrHFnNp66RCjVnrvPG09dmqa5LK3utKj14iujPonUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJc4NI3RxKTwU4NblcQmbMBomVM8MB8GA1UdIwQY
MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt
MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx
LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqiv55sO6
2SV5fhYoiK1GBwmpg/lP6vIIQuqNoi5CFWLNCY4sqTr8D2wfPn5JOfbO+iEOwQmA
Yj5ZVxxWgmoiFWMqW/0YfBkRg2okNQ0lGMxX7DSvIlkCPEUi43OQOBOWggRnj8vD
Y5SzDzfemsvZ6Qyd24xxpqB9TsjuJV81R8FgZzh4pi8LasKHG8Z3rgtAoucF50Of
rGE1DViaJUdeKDzsHxgDEL19ofexk+v/6K0wPVv+SYKFy/WSn2u4oHAYUT8ekOkv
UmyNMo+G9c9nyxjj/nMU68dXagOruNQ/P2VuIUCTBAnGbUjpjUXx6Ky33TqsMm/N
GyNJiKRvw4sH1A==
-----END CERTIFICATE-----