Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
File:                     3Feh-cEhycK2-U04p1-_3MVN8Fs.mft (raw, json)
Hash identifier:          8xZ4UZ2N5olP/h92TQUOHDf6nSLT9nmObWxR+CUCM7c=
Subject key identifier:   D8:DA:0C:E4:4C:7A:F5:21:01:E5:20:33:33:5F:E5:B5:BD:05:39:F6
Authority key identifier: DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B
Certificate issuer:       /CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
Certificate serial:       019F17C314B0A9DB09ED9BEE5145BCB8C38D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
Manifest number:          0DFD
Signing time:             Tue 30 Jun 2026 09:01:28 +0000
Manifest this update:     Tue 30 Jun 2026 09:01:28 +0000
Manifest next update:     Wed 01 Jul 2026 09:01:28 +0000
Files and hashes:         1: 3Feh-cEhycK2-U04p1-_3MVN8Fs.crl (hash: jSCXNwW9Un/mpdeV/5h8i1ij3iy/3qS/EFsG3lIjgB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c3:14:b0:a9:db:09:ed:9b:ee:51:45:bc:b8:c3:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
        Validity
            Not Before: Jun 30 09:01:28 2026 GMT
            Not After : Jul  1 09:01:28 2026 GMT
        Subject: CN=d8da0ce44c7af52101e52033335fe5b5bd0539f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:84:34:0c:6d:51:25:3d:95:6f:a2:2c:22:43:
                    a2:24:bc:12:d7:20:91:4b:f1:98:f9:d5:4e:f3:28:
                    0d:f3:7a:47:61:e7:68:f1:ca:03:0e:26:86:09:a6:
                    29:ba:b4:10:6e:9d:87:3c:9a:e3:10:0c:61:fa:2e:
                    af:32:95:9f:5f:bc:c4:62:6d:31:a4:e4:bf:de:3a:
                    79:6a:2c:6a:91:e7:7c:0c:fd:9c:ba:02:62:6d:1c:
                    2c:22:1a:d7:11:eb:b6:83:4e:68:b3:e6:db:64:d6:
                    9c:c5:71:17:5b:6d:22:df:fe:85:45:f1:82:e0:bf:
                    a4:70:37:70:9d:68:18:70:1e:7b:bf:1a:eb:c1:0c:
                    3c:ec:06:1b:16:62:15:bf:19:05:5d:cc:c4:d9:ab:
                    2e:21:8c:28:2d:ec:be:fb:a7:5a:60:d2:2a:13:bb:
                    a6:8f:75:2f:27:a2:9c:4c:80:c4:a9:a8:30:18:7f:
                    39:6b:83:29:7c:1f:db:bb:d1:82:22:7a:3d:b9:86:
                    e1:ee:9f:d1:7b:87:84:f4:eb:26:8a:17:a8:d3:ce:
                    9b:75:74:b8:58:52:8e:4d:36:c2:69:7d:ff:62:52:
                    08:bd:3a:f8:07:f1:ef:c4:b7:c3:94:fe:37:09:75:
                    37:02:18:92:b8:14:59:1e:e5:8e:b1:f3:3f:1e:57:
                    fa:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:DA:0C:E4:4C:7A:F5:21:01:E5:20:33:33:5F:E5:B5:BD:05:39:F6
            X509v3 Authority Key Identifier:
                keyid:DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:a9:24:36:a7:fa:04:c0:87:f4:f9:25:f1:b0:2c:69:86:f4:
         6b:cc:52:a2:48:7b:33:51:9d:f0:a0:8e:ad:f3:c8:c5:5e:8f:
         b5:8f:f6:7a:7c:5e:0f:80:14:da:0a:c5:d9:64:13:36:c7:a3:
         7b:f9:a5:be:e8:b6:dd:7f:81:13:70:89:4e:ef:cb:65:52:06:
         e4:79:2d:2f:b8:39:5b:60:97:40:18:46:71:f8:11:f9:5e:5e:
         0e:65:66:16:36:f6:bb:ae:c1:31:74:a6:a5:f8:55:f7:2f:67:
         6a:1b:ba:18:df:5e:6b:63:08:59:47:4f:66:34:99:d6:54:39:
         e4:8d:21:47:eb:34:a5:b2:32:69:71:91:bc:d1:8d:5b:85:b5:
         c1:26:cb:ed:51:4d:74:42:43:b4:a2:bf:2a:9a:0e:66:55:4b:
         03:4c:69:3f:81:f1:23:80:d4:9c:07:4b:48:1f:7f:66:ab:86:
         45:6d:7d:c0:85:79:50:95:96:5d:79:e2:71:d6:53:c8:92:77:
         c6:77:f7:a1:5b:04:d8:ac:a5:ff:9c:66:26:30:10:3c:74:54:
         6f:d7:dd:1e:2f:ae:f5:23:3f:22:f1:79:1b:9b:b9:3e:ca:59:
         88:a3:95:3a:8e:df:af:bc:c9:ae:9d:13:3e:42:74:96:c1:65:
         bb:51:bf:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwxSwqdsJ7ZvuUUW8uMONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNTdhMWY5YzEyMWM5YzJiNmY5NGQzOGE3NWZiZmRjYzU0
ZGYwNWIwHhcNMjYwNjMwMDkwMTI4WhcNMjYwNzAxMDkwMTI4WjAzMTEwLwYDVQQD
EyhkOGRhMGNlNDRjN2FmNTIxMDFlNTIwMzMzMzVmZTViNWJkMDUzOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIQ0DG1RJT2Vb6IsIkOiJLwS1yCR
S/GY+dVO8ygN83pHYedo8coDDiaGCaYpurQQbp2HPJrjEAxh+i6vMpWfX7zEYm0x
pOS/3jp5aixqked8DP2cugJibRwsIhrXEeu2g05os+bbZNacxXEXW20i3/6FRfGC
4L+kcDdwnWgYcB57vxrrwQw87AYbFmIVvxkFXczE2asuIYwoLey++6daYNIqE7um
j3UvJ6KcTIDEqagwGH85a4MpfB/bu9GCIno9uYbh7p/Re4eE9Osmiheo086bdXS4
WFKOTTbCaX3/YlIIvTr4B/HvxLfDlP43CXU3AhiSuBRZHuWOsfM/Hlf6OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjaDORMevUhAeUgMzNf5bW9BTn2MB8GA1UdIwQY
MBaAFNxXofnBIcnCtvlNOKdfv9zFTfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUt
ZGQxMTNjNjk4ZDEyLzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUtZGQxMTNjNjk4ZDEy
LzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ6kkNqf6
BMCH9Pkl8bAsaYb0a8xSokh7M1Gd8KCOrfPIxV6PtY/2enxeD4AU2grF2WQTNsej
e/mlvui23X+BE3CJTu/LZVIG5HktL7g5W2CXQBhGcfgR+V5eDmVmFjb2u67BMXSm
pfhV9y9nahu6GN9ea2MIWUdPZjSZ1lQ55I0hR+s0pbIyaXGRvNGNW4W1wSbL7VFN
dEJDtKK/KpoOZlVLA0xpP4HxI4DUnAdLSB9/ZquGRW19wIV5UJWWXXnicdZTyJJ3
xnf3oVsE2Kyl/5xmJjAQPHRUb9fdHi+u9SM/IvF5G5u5PspZiKOVOo7fr7zJrp0T
PkJ0lsFlu1G/dQ==
-----END CERTIFICATE-----