Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
File:                     DZHf1FaDQonB_QOg_vG1Kl79HZE.mft (raw, json)
Hash identifier:          DvmrK1NZHt9TOw0MxG0duFzb70ERv+v5OuNq++/XkQE=
Subject key identifier:   82:04:E0:9F:93:17:D6:26:B0:40:26:04:59:0B:5E:2B:8B:91:01:BC
Authority key identifier: 0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91
Certificate issuer:       /CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
Certificate serial:       019F183094BF1EEAF88CB0AB5340EC470096
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
Manifest number:          11EF
Signing time:             Tue 30 Jun 2026 11:01:04 +0000
Manifest this update:     Tue 30 Jun 2026 11:01:04 +0000
Manifest next update:     Wed 01 Jul 2026 11:01:04 +0000
Files and hashes:         1: DZHf1FaDQonB_QOg_vG1Kl79HZE.crl (hash: gGdniH3HWaI55eOmqU4xT38I0qjZFMcf9eVDIP4YVg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 11:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:30:94:bf:1e:ea:f8:8c:b0:ab:53:40:ec:47:00:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
        Validity
            Not Before: Jun 30 11:01:04 2026 GMT
            Not After : Jul  1 11:01:04 2026 GMT
        Subject: CN=8204e09f9317d626b0402604590b5e2b8b9101bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ec:6c:ab:13:1f:f4:3f:96:80:bf:af:1d:17:
                    b1:81:e6:40:09:8e:b6:2e:62:38:4a:6c:76:7e:1a:
                    82:ce:ef:6f:90:32:55:13:50:86:5b:fc:31:f6:95:
                    15:fc:d3:a2:71:fd:9e:6d:14:98:38:a2:a4:c8:1e:
                    e8:88:c8:29:c4:a3:62:69:10:1a:81:df:74:e0:6c:
                    62:6b:e6:c2:5e:72:29:09:9d:35:5e:4b:c1:26:f9:
                    30:03:75:d7:70:eb:b7:43:05:61:25:25:53:1b:8e:
                    ea:f8:58:12:71:1c:a0:57:6f:05:88:73:14:76:3b:
                    e5:05:2c:2e:e4:57:00:ab:a6:04:84:0a:e5:66:f1:
                    8e:69:3f:b8:2b:12:41:e0:52:56:88:bf:b5:a5:6b:
                    a0:9d:a2:88:12:8c:a9:b4:cd:10:70:b3:93:11:45:
                    36:64:40:2e:27:cc:c2:ac:e4:e2:54:53:a1:f8:d8:
                    82:a4:70:67:7b:bc:52:1c:9e:6e:f2:18:98:29:dd:
                    06:a8:56:f1:48:5f:07:c2:59:77:29:df:06:1d:e5:
                    c6:63:5e:c5:8b:f8:c0:1a:60:be:34:23:f9:05:26:
                    fb:3c:e2:26:73:3c:53:78:ea:98:aa:39:82:e8:8d:
                    bd:46:d5:e9:d9:aa:8a:b7:fd:b5:88:e4:5e:99:90:
                    e5:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:04:E0:9F:93:17:D6:26:B0:40:26:04:59:0B:5E:2B:8B:91:01:BC
            X509v3 Authority Key Identifier:
                keyid:0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:48:d3:f7:1a:fc:b3:50:ff:03:6b:e0:87:21:d0:52:cd:16:
         90:5a:19:b5:49:f6:29:d1:5f:9f:86:d1:86:3f:be:ce:60:ad:
         d9:0e:c5:fd:52:70:ee:53:ea:0a:89:2f:3c:b7:93:cf:6e:27:
         fd:34:b5:46:d5:65:1a:4f:d3:3e:91:c0:c3:0d:13:36:7d:0b:
         45:ba:c2:e4:a7:90:6e:88:32:f2:1d:eb:2a:15:e5:26:22:67:
         85:e1:c2:6e:eb:a2:82:f0:bc:5d:e4:a6:45:36:52:ec:d2:ba:
         d6:03:70:60:f2:7b:fd:db:25:43:94:41:23:a5:43:c1:75:6b:
         46:7e:1b:74:71:ea:2c:ee:04:5b:59:5e:2b:5f:5e:01:66:19:
         ff:45:7f:66:a2:24:80:be:58:39:f9:de:4d:40:46:50:a4:ea:
         e7:63:fb:09:71:63:e5:8e:24:fd:24:44:46:ba:86:9c:17:38:
         4b:ab:d3:3c:a4:11:26:c1:e2:0b:b3:97:14:10:c2:0b:94:21:
         d5:bb:35:75:a2:d0:f6:42:11:2e:d4:08:fa:90:e6:e2:19:cf:
         95:58:10:c7:f5:65:b2:ee:77:13:ce:1d:be:65:c5:4d:ca:01:
         61:57:84:0b:8e:16:3d:a1:96:fd:7e:c7:cb:19:fe:d4:56:81:
         55:b7:3c:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YMJS/Hur4jLCrU0DsRwCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTFkZmQ0NTY4MzQyODljMWZkMDNhMGZlZjFiNTJhNWVm
ZDFkOTEwHhcNMjYwNjMwMTEwMTA0WhcNMjYwNzAxMTEwMTA0WjAzMTEwLwYDVQQD
Eyg4MjA0ZTA5ZjkzMTdkNjI2YjA0MDI2MDQ1OTBiNWUyYjhiOTEwMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuxsqxMf9D+WgL+vHRexgeZACY62
LmI4Smx2fhqCzu9vkDJVE1CGW/wx9pUV/NOicf2ebRSYOKKkyB7oiMgpxKNiaRAa
gd904Gxia+bCXnIpCZ01XkvBJvkwA3XXcOu3QwVhJSVTG47q+FgScRygV28FiHMU
djvlBSwu5FcAq6YEhArlZvGOaT+4KxJB4FJWiL+1pWugnaKIEoyptM0QcLOTEUU2
ZEAuJ8zCrOTiVFOh+NiCpHBne7xSHJ5u8hiYKd0GqFbxSF8Hwll3Kd8GHeXGY17F
i/jAGmC+NCP5BSb7POImczxTeOqYqjmC6I29RtXp2aqKt/21iORemZDlTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIE4J+TF9YmsEAmBFkLXiuLkQG8MB8GA1UdIwQY
MBaAFA2R39RWg0KJwf0DoP7xtSpe/R2RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDct
OGJjY2UzMDNiOTE5LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDctOGJjY2UzMDNiOTE5
LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfUjT9xr8
s1D/A2vghyHQUs0WkFoZtUn2KdFfn4bRhj++zmCt2Q7F/VJw7lPqCokvPLeTz24n
/TS1RtVlGk/TPpHAww0TNn0LRbrC5KeQbogy8h3rKhXlJiJnheHCbuuigvC8XeSm
RTZS7NK61gNwYPJ7/dslQ5RBI6VDwXVrRn4bdHHqLO4EW1leK19eAWYZ/0V/ZqIk
gL5YOfneTUBGUKTq52P7CXFj5Y4k/SRERrqGnBc4S6vTPKQRJsHiC7OXFBDCC5Qh
1bs1daLQ9kIRLtQI+pDm4hnPlVgQx/Vlsu53E84dvmXFTcoBYVeEC44WPaGW/X7H
yxn+1FaBVbc8eg==
-----END CERTIFICATE-----