Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File:                     3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier:          PypPlK3sVZEBJRT5J50FAptaUIqwRWViM4/hu1hjEL0=
Subject key identifier:   E8:4C:2E:66:ED:B7:94:54:64:D7:7B:3E:01:04:47:F2:B9:8C:56:F0
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer:       /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial:       019E3004918106CAB42D54343CF260016B13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number:          18A0
Signing time:             Sat 16 May 2026 09:01:06 +0000
Manifest this update:     Sat 16 May 2026 09:01:06 +0000
Manifest next update:     Sun 17 May 2026 09:01:06 +0000
Files and hashes:         1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: 5/J/3d0Q6MFcS854viUL7tk96eYd5YBzI8U5Gxi1dXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:04:91:81:06:ca:b4:2d:54:34:3c:f2:60:01:6b:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
        Validity
            Not Before: May 16 09:01:06 2026 GMT
            Not After : May 17 09:01:06 2026 GMT
        Subject: CN=e84c2e66edb7945464d77b3e010447f2b98c56f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c0:6f:2d:35:37:56:94:56:85:25:19:62:86:
                    01:38:10:f0:f5:69:ab:ed:f3:8b:66:9a:d6:23:69:
                    e5:47:63:93:cd:59:9a:c8:7f:8d:1d:40:13:db:61:
                    37:7b:11:9e:ba:33:64:c5:38:2e:af:6e:5f:4f:7e:
                    6d:99:6a:2d:f0:64:14:fc:15:f7:3b:50:a3:ed:75:
                    56:5d:cf:2b:63:59:66:bd:36:0d:ba:8a:c9:e7:c3:
                    c9:2c:f4:ec:68:d8:df:52:80:3f:fe:03:ad:6e:19:
                    b0:e7:d8:1f:b8:7d:97:f8:52:3a:15:35:6c:9c:0b:
                    d7:dd:97:07:d4:c5:47:c6:38:4d:cf:cc:08:b5:23:
                    63:f0:51:3d:e7:ec:c1:ba:08:d5:49:5a:db:38:d6:
                    ca:7b:62:2e:28:13:1a:13:8e:f0:35:6c:ab:b0:a4:
                    4f:6c:7b:17:3a:e9:7e:de:30:ae:ec:0d:5b:e2:23:
                    32:ae:fe:62:e5:89:0a:d1:f4:62:97:22:2f:e1:10:
                    f6:cf:0e:29:d5:ae:bb:9e:96:d8:84:fe:37:db:01:
                    25:52:3c:2e:a5:19:da:b1:dc:c2:40:73:be:a9:43:
                    56:9e:6f:3c:8e:85:42:8d:27:d5:72:8f:b2:69:c9:
                    87:cd:0e:bc:99:af:2a:ef:c3:7a:19:62:9a:3d:25:
                    9e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:4C:2E:66:ED:B7:94:54:64:D7:7B:3E:01:04:47:F2:B9:8C:56:F0
            X509v3 Authority Key Identifier:
                keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:ce:ec:fe:ae:58:74:d8:4d:0a:ba:43:24:f8:90:5f:2f:06:
         38:15:fe:f5:f1:ee:d6:fe:42:be:73:d0:2f:e7:33:eb:cb:cb:
         b0:a6:b5:23:14:9f:1f:36:f8:57:19:21:cd:98:c5:06:6b:15:
         51:0e:bf:5e:b0:d1:f3:41:25:6e:ad:e1:ea:c9:72:77:0a:31:
         d9:9e:4a:66:c4:8a:23:70:79:dd:83:5a:30:53:db:b6:36:c2:
         df:54:4f:80:d9:6d:46:b1:ec:d9:79:1f:ba:90:4f:1d:09:2f:
         6c:71:1c:f1:9e:50:c3:6d:e6:b6:de:a4:15:67:40:c5:16:e1:
         08:23:43:cc:7b:ef:00:c7:fb:27:03:a1:64:d6:62:85:62:88:
         cb:7c:66:e1:8d:82:d1:82:ea:30:d8:d7:fe:f0:52:ca:20:bb:
         02:eb:ef:c2:15:6e:56:aa:8e:6a:cd:c5:2c:66:81:0f:0b:7e:
         65:fe:28:18:29:ae:b7:0b:22:10:2f:11:26:cf:19:d0:6e:73:
         8a:6e:f4:8d:86:56:64:02:79:4c:2c:e3:b6:45:35:c6:74:78:
         04:47:22:6c:fb:24:55:64:1c:cb:18:6e:7a:c7:36:8d:3c:3d:
         1b:3a:2a:36:e6:8b:a2:d7:25:69:f1:98:55:4e:3e:aa:be:ec:
         d6:d4:72:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBJGBBsq0LVQ0PPJgAWsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjYwNTE2MDkwMTA2WhcNMjYwNTE3MDkwMTA2WjAzMTEwLwYDVQQD
EyhlODRjMmU2NmVkYjc5NDU0NjRkNzdiM2UwMTA0NDdmMmI5OGM1NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMBvLTU3VpRWhSUZYoYBOBDw9Wmr
7fOLZprWI2nlR2OTzVmayH+NHUAT22E3exGeujNkxTgur25fT35tmWot8GQU/BX3
O1Cj7XVWXc8rY1lmvTYNuorJ58PJLPTsaNjfUoA//gOtbhmw59gfuH2X+FI6FTVs
nAvX3ZcH1MVHxjhNz8wItSNj8FE95+zBugjVSVrbONbKe2IuKBMaE47wNWyrsKRP
bHsXOul+3jCu7A1b4iMyrv5i5YkK0fRilyIv4RD2zw4p1a67npbYhP432wElUjwu
pRnasdzCQHO+qUNWnm88joVCjSfVco+yacmHzQ68ma8q78N6GWKaPSWeWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhMLmbtt5RUZNd7PgEER/K5jFbwMB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWs7s/q5Y
dNhNCrpDJPiQXy8GOBX+9fHu1v5CvnPQL+cz68vLsKa1IxSfHzb4VxkhzZjFBmsV
UQ6/XrDR80Elbq3h6slydwox2Z5KZsSKI3B53YNaMFPbtjbC31RPgNltRrHs2Xkf
upBPHQkvbHEc8Z5Qw23mtt6kFWdAxRbhCCNDzHvvAMf7JwOhZNZihWKIy3xm4Y2C
0YLqMNjX/vBSyiC7AuvvwhVuVqqOas3FLGaBDwt+Zf4oGCmutwsiEC8RJs8Z0G5z
im70jYZWZAJ5TCzjtkU1xnR4BEcibPskVWQcyxhuesc2jTw9GzoqNuaLotclafGY
VU4+qr7s1tRyFA==
-----END CERTIFICATE-----