Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft
File:                     3liIYKFLOUpzUSmEKu-tGnBKMoc.mft (raw, json)
Hash identifier:          5NeSR7fT13uG/gMP/UvLexYiEWmkW4EdNWBMbxKWCwo=
Subject key identifier:   CA:53:B5:5A:2E:04:F8:1B:53:60:D3:46:6D:EA:DC:F7:AA:D5:F3:7E
Authority key identifier: DE:58:88:60:A1:4B:39:4A:73:51:29:84:2A:EF:AD:1A:70:4A:32:87
Certificate issuer:       /CN=de588860a14b394a735129842aefad1a704a3287
Certificate serial:       019E1D90E6687EE4425FF2575324E1106FD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3liIYKFLOUpzUSmEKu-tGnBKMoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft
Manifest number:          021F
Signing time:             Tue 12 May 2026 19:01:35 +0000
Manifest this update:     Tue 12 May 2026 19:01:35 +0000
Manifest next update:     Wed 13 May 2026 19:01:35 +0000
Files and hashes:         1: 3liIYKFLOUpzUSmEKu-tGnBKMoc.crl (hash: 5ziwBsQ8Uq3gBTmgGWR89mcdqD52HDmUaKbW6al4sfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3liIYKFLOUpzUSmEKu-tGnBKMoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 19:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:90:e6:68:7e:e4:42:5f:f2:57:53:24:e1:10:6f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de588860a14b394a735129842aefad1a704a3287
        Validity
            Not Before: May 12 19:01:35 2026 GMT
            Not After : May 13 19:01:35 2026 GMT
        Subject: CN=ca53b55a2e04f81b5360d3466deadcf7aad5f37e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:26:37:7c:86:08:13:20:00:5b:e8:e5:3d:4f:
                    bf:f1:b0:5c:04:e1:06:06:d1:f0:bc:61:06:11:70:
                    8b:5c:a6:9f:fb:1c:01:79:c8:1a:26:8c:28:e2:b5:
                    c1:8a:11:6c:97:61:1f:e1:38:66:e3:f8:eb:cc:d9:
                    4d:ba:b6:95:2e:db:91:4e:8a:4c:4d:25:60:c9:65:
                    41:e4:ae:df:7c:59:d7:c0:a0:e8:de:0f:47:50:02:
                    8e:a6:95:d7:1e:b3:15:b0:9a:20:87:f6:96:38:97:
                    97:bf:d9:0a:f8:f0:e5:52:d7:11:87:68:3c:2b:e4:
                    62:6a:bd:5a:b3:76:9e:57:4f:21:a2:f6:3a:c2:9e:
                    5a:10:ca:79:51:91:5e:ba:2f:b6:48:87:84:02:ca:
                    a4:02:07:d8:f1:e9:34:7c:39:04:a1:ae:79:dc:90:
                    80:c8:82:5c:62:38:1a:65:2c:2b:d6:95:7f:a5:af:
                    ce:4d:a1:32:de:62:ca:ed:cd:bc:e7:92:f6:cb:a0:
                    a6:30:4b:76:c9:b2:8c:a3:a6:4b:9b:73:69:a7:00:
                    fd:30:0d:90:88:5f:1f:10:f2:a5:81:cd:31:50:12:
                    c1:22:c2:4e:67:43:93:88:37:51:bf:04:b4:98:21:
                    7e:89:32:75:8b:d0:47:02:1b:17:5a:ff:3a:51:f7:
                    a2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:53:B5:5A:2E:04:F8:1B:53:60:D3:46:6D:EA:DC:F7:AA:D5:F3:7E
            X509v3 Authority Key Identifier:
                keyid:DE:58:88:60:A1:4B:39:4A:73:51:29:84:2A:EF:AD:1A:70:4A:32:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3liIYKFLOUpzUSmEKu-tGnBKMoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:a0:c1:47:45:b9:51:db:2e:32:5e:01:d5:f7:5d:6b:36:ec:
         41:b6:12:e5:cc:ad:b3:a2:33:9c:0c:ee:05:c0:f8:ac:21:15:
         a1:c4:bf:97:83:75:bf:83:5c:5c:fc:c3:05:8f:aa:64:0a:b9:
         5c:22:45:8d:15:d3:42:53:47:41:19:38:3b:a1:66:16:97:05:
         46:e2:d8:fe:27:18:cc:8f:48:36:3f:f0:a6:b4:3e:7f:8b:96:
         af:4c:ee:4e:c3:e7:73:89:66:ca:42:87:39:fe:85:23:9d:96:
         21:04:ca:c6:a3:90:e2:fc:6e:43:60:ca:86:95:43:18:fd:32:
         a2:ae:f1:0c:1a:f8:ae:eb:e3:20:dc:9f:06:f5:29:c1:cd:7d:
         96:95:8d:50:ae:40:63:3b:fd:d8:c4:5f:20:2f:1d:fd:41:6e:
         e8:19:6e:25:67:4f:28:b2:7b:a8:1c:d5:67:bb:2a:aa:64:bb:
         76:a3:64:22:ab:4b:b8:b6:12:01:d6:f7:53:3f:00:05:6c:de:
         71:cc:98:a3:87:c9:53:3c:5c:e8:0e:00:d3:28:93:4f:b3:60:
         2e:67:94:f2:cd:5a:18:2b:87:88:01:8a:26:86:9c:f5:b1:02:
         26:79:49:de:10:4c:7e:49:e7:85:10:d0:94:a6:2b:c3:5b:bd:
         c2:94:80:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkOZofuRCX/JXUyThEG/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNTg4ODYwYTE0YjM5NGE3MzUxMjk4NDJhZWZhZDFhNzA0
YTMyODcwHhcNMjYwNTEyMTkwMTM1WhcNMjYwNTEzMTkwMTM1WjAzMTEwLwYDVQQD
EyhjYTUzYjU1YTJlMDRmODFiNTM2MGQzNDY2ZGVhZGNmN2FhZDVmMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SY3fIYIEyAAW+jlPU+/8bBcBOEG
BtHwvGEGEXCLXKaf+xwBecgaJowo4rXBihFsl2Ef4Thm4/jrzNlNuraVLtuRTopM
TSVgyWVB5K7ffFnXwKDo3g9HUAKOppXXHrMVsJogh/aWOJeXv9kK+PDlUtcRh2g8
K+Riar1as3aeV08hovY6wp5aEMp5UZFeui+2SIeEAsqkAgfY8ek0fDkEoa553JCA
yIJcYjgaZSwr1pV/pa/OTaEy3mLK7c2855L2y6CmMEt2ybKMo6ZLm3NppwD9MA2Q
iF8fEPKlgc0xUBLBIsJOZ0OTiDdRvwS0mCF+iTJ1i9BHAhsXWv86UfeiNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpTtVouBPgbU2DTRm3q3Peq1fN+MB8GA1UdIwQY
MBaAFN5YiGChSzlKc1EphCrvrRpwSjKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xpSVlLRkxPVXB6VVNtRUt1LXRHbkJLTW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hNTcwMzYtZmE0Yi00NzE0LTgzNDAt
NjNmNjc5ZDdlZTFkLzEvM2xpSVlLRkxPVXB6VVNtRUt1LXRHbkJLTW9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hNTcwMzYtZmE0Yi00NzE0LTgzNDAtNjNmNjc5ZDdlZTFk
LzEvM2xpSVlLRkxPVXB6VVNtRUt1LXRHbkJLTW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKDBR0W5
UdsuMl4B1fddazbsQbYS5cyts6IznAzuBcD4rCEVocS/l4N1v4NcXPzDBY+qZAq5
XCJFjRXTQlNHQRk4O6FmFpcFRuLY/icYzI9INj/wprQ+f4uWr0zuTsPnc4lmykKH
Of6FI52WIQTKxqOQ4vxuQ2DKhpVDGP0yoq7xDBr4ruvjINyfBvUpwc19lpWNUK5A
Yzv92MRfIC8d/UFu6BluJWdPKLJ7qBzVZ7sqqmS7dqNkIqtLuLYSAdb3Uz8ABWze
ccyYo4fJUzxc6A4A0yiTT7NgLmeU8s1aGCuHiAGKJoac9bECJnlJ3hBMfknnhRDQ
lKYrw1u9wpSA0w==
-----END CERTIFICATE-----