Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          y9Va3YhDE2l4vaQQjDnww4ko5SvNHloWawUnFzEgH/8=
Subject key identifier:   39:15:0E:BA:D1:26:F1:C8:9B:B7:46:26:DA:65:B7:1B:20:61:9A:2D
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019E1C46686AEDB173CDF71726651E5D52F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          10A6
Signing time:             Tue 12 May 2026 13:00:36 +0000
Manifest this update:     Tue 12 May 2026 13:00:36 +0000
Manifest next update:     Wed 13 May 2026 13:00:36 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: 7Xwms2En9IEqTsff9v48XJNbtf3rv/wHJx/Z7oNhxgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:68:6a:ed:b1:73:cd:f7:17:26:65:1e:5d:52:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: May 12 13:00:36 2026 GMT
            Not After : May 13 13:00:36 2026 GMT
        Subject: CN=39150ebad126f1c89bb74626da65b71b20619a2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:5c:17:97:5a:d3:42:90:3c:75:6f:2c:43:9a:
                    cf:1a:ef:09:b4:99:b2:ea:e4:46:80:8b:23:62:5e:
                    31:1d:81:dd:b5:c8:64:50:b9:ad:94:71:19:26:4d:
                    04:b0:1a:01:fd:c1:a1:cb:1b:15:87:a5:fc:cf:5a:
                    61:2a:00:7d:88:96:5a:4f:b5:92:5c:34:56:bb:f1:
                    49:5e:3b:dc:48:3d:10:71:4c:17:f8:89:a8:8f:d2:
                    23:83:8a:56:9e:30:57:87:c7:9b:19:71:44:42:98:
                    93:26:22:5b:7c:b7:0e:56:aa:11:90:d9:e7:e0:45:
                    55:7b:61:90:fe:df:4e:55:39:1a:22:b1:60:e8:74:
                    1c:bf:a0:e7:c0:18:ab:65:e9:2c:f8:fc:12:5e:6a:
                    7a:4d:96:94:4a:6c:08:4a:8a:b6:9f:6b:cd:9d:50:
                    0b:af:2c:73:99:c8:82:32:79:64:3c:93:65:da:e4:
                    7e:81:7b:2b:7a:03:bb:df:01:f7:a5:23:f0:74:5a:
                    06:25:73:0d:8b:57:9f:24:30:11:d9:c9:34:9e:e0:
                    4f:f3:10:02:38:73:7e:20:6c:57:92:20:5c:8e:61:
                    2d:98:23:90:43:4e:69:75:ca:ec:f3:45:bd:13:11:
                    d4:dd:79:7f:08:05:a4:67:e6:60:8a:32:98:3c:0c:
                    a2:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:15:0E:BA:D1:26:F1:C8:9B:B7:46:26:DA:65:B7:1B:20:61:9A:2D
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:03:36:83:43:b0:c2:08:95:8e:0d:e6:03:1e:b3:59:7f:8e:
         63:4c:ee:b5:a9:3a:09:7c:47:ff:c2:9a:d7:5c:bb:2f:18:d3:
         6f:b1:3b:71:55:34:28:76:ea:d1:d6:09:05:ff:ee:ed:28:36:
         da:bb:13:9a:37:97:8d:be:5d:6c:56:7e:46:68:39:8a:61:41:
         3b:0a:34:32:b6:04:44:04:6b:92:21:10:c7:07:74:d5:16:c8:
         91:f4:5e:4d:51:73:15:75:a1:5e:b6:70:46:fc:51:f5:ce:ae:
         d4:2e:b4:74:12:85:c3:95:17:83:25:f9:85:bf:73:70:09:29:
         37:ad:12:cc:9a:fa:d5:57:3d:2f:84:a4:64:a8:9b:cc:b6:15:
         4a:3f:df:17:6d:e4:01:35:03:0e:bf:b8:de:32:e2:af:32:88:
         1d:c2:4a:04:7b:61:a7:fd:65:99:6c:71:da:a9:bd:a0:e5:ab:
         ad:31:a6:14:72:d7:7d:d6:cd:ef:6b:1b:2d:13:ae:c8:b6:78:
         97:ac:00:1c:b5:d7:ff:32:23:01:a5:a6:fa:07:83:75:49:d3:
         eb:4f:76:24:00:f9:13:2e:ad:b0:84:85:6b:cc:a6:34:3b:6b:
         f1:88:8b:16:8c:f5:1a:ec:68:62:ff:5e:62:1f:bd:4d:69:62:
         55:24:6a:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRmhq7bFzzfcXJmUeXVL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwNTEyMTMwMDM2WhcNMjYwNTEzMTMwMDM2WjAzMTEwLwYDVQQD
EygzOTE1MGViYWQxMjZmMWM4OWJiNzQ2MjZkYTY1YjcxYjIwNjE5YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVwXl1rTQpA8dW8sQ5rPGu8JtJmy
6uRGgIsjYl4xHYHdtchkULmtlHEZJk0EsBoB/cGhyxsVh6X8z1phKgB9iJZaT7WS
XDRWu/FJXjvcSD0QcUwX+Imoj9Ijg4pWnjBXh8ebGXFEQpiTJiJbfLcOVqoRkNnn
4EVVe2GQ/t9OVTkaIrFg6HQcv6DnwBirZeks+PwSXmp6TZaUSmwISoq2n2vNnVAL
ryxzmciCMnlkPJNl2uR+gXsregO73wH3pSPwdFoGJXMNi1efJDAR2ck0nuBP8xAC
OHN+IGxXkiBcjmEtmCOQQ05pdcrs80W9ExHU3Xl/CAWkZ+ZgijKYPAyisQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkVDrrRJvHIm7dGJtpltxsgYZotMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwM2g0Ow
wgiVjg3mAx6zWX+OY0zutak6CXxH/8Ka11y7LxjTb7E7cVU0KHbq0dYJBf/u7Sg2
2rsTmjeXjb5dbFZ+Rmg5imFBOwo0MrYERARrkiEQxwd01RbIkfReTVFzFXWhXrZw
RvxR9c6u1C60dBKFw5UXgyX5hb9zcAkpN60SzJr61Vc9L4SkZKibzLYVSj/fF23k
ATUDDr+43jLirzKIHcJKBHthp/1lmWxx2qm9oOWrrTGmFHLXfdbN72sbLROuyLZ4
l6wAHLXX/zIjAaWm+geDdUnT6092JAD5Ey6tsISFa8ymNDtr8YiLFoz1GuxoYv9e
Yh+9TWliVSRqxg==
-----END CERTIFICATE-----