Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          VLIHaICrUzlsNt5jOiG/tru7IY8SYTDe2zzXO4u9xNg=
Subject key identifier:   5C:FA:06:98:32:99:F5:21:11:8C:5E:88:76:60:3B:69:82:74:9D:19
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019E20C83DC03EE273244874EFB40F7E0EF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          0874
Signing time:             Wed 13 May 2026 10:00:54 +0000
Manifest this update:     Wed 13 May 2026 10:00:54 +0000
Manifest next update:     Thu 14 May 2026 10:00:54 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: p6Rbj22KQYMuPgNASauzQza9kJjuMtRm/riGEMLP7zY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 06:33:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:20:c8:3d:c0:3e:e2:73:24:48:74:ef:b4:0f:7e:0e:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: May 13 10:00:54 2026 GMT
            Not After : May 14 10:00:54 2026 GMT
        Subject: CN=5cfa06983299f521118c5e8876603b6982749d19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ec:f9:09:b2:45:c9:39:4c:b1:08:53:46:23:
                    65:a2:0e:5e:aa:f6:93:11:bd:2c:74:92:35:86:2a:
                    9e:54:22:b0:f8:de:54:a1:eb:18:30:60:c7:eb:a8:
                    97:c8:73:10:b9:80:68:60:ac:b7:08:1b:c2:88:04:
                    ee:a4:a0:14:7f:61:87:1e:3a:93:4d:da:6e:d3:44:
                    cc:f0:94:42:a8:95:21:73:87:5b:d3:fb:40:c1:2f:
                    7e:61:ee:4e:41:5b:32:6e:0a:24:75:51:84:4b:f4:
                    2c:f3:76:15:72:b0:a4:fa:61:9f:4f:c8:12:fd:33:
                    40:80:2e:1a:42:23:22:b8:e9:0c:8e:61:e8:4c:79:
                    a1:9b:63:df:5e:f6:c6:f8:47:04:c7:53:db:b8:76:
                    74:59:36:d7:4a:2d:5b:60:d5:7d:26:b6:c4:33:26:
                    97:ad:49:cb:8e:4e:e5:2e:5a:51:aa:bd:af:7b:1f:
                    05:d8:c4:e5:30:58:47:c1:7f:c3:9a:13:da:43:2e:
                    de:27:60:ee:7e:c7:ca:1d:f6:cb:f7:29:34:da:15:
                    3e:fe:00:f3:53:d8:5e:22:ad:af:3e:d7:a5:64:bf:
                    48:0e:70:f9:42:cf:46:4a:ef:b8:83:c2:f2:21:da:
                    70:77:97:b7:fb:a0:74:10:ec:98:b4:ca:4b:0a:ec:
                    ba:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:FA:06:98:32:99:F5:21:11:8C:5E:88:76:60:3B:69:82:74:9D:19
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:d6:1c:e3:21:c2:7b:b7:95:aa:cc:34:5a:84:60:05:09:2f:
         1c:46:77:e3:59:bc:4a:f8:19:f7:fa:2c:cf:49:41:62:e9:02:
         93:a8:30:ad:72:24:f1:92:aa:f1:f2:e1:ce:27:8e:28:a1:31:
         80:71:61:20:42:45:0b:d1:25:e3:6d:ab:89:dd:58:ae:e1:2d:
         2f:5d:1a:3e:de:ab:02:b8:1a:52:a8:a4:68:e0:22:fd:52:79:
         2c:11:73:1f:cb:be:aa:11:3a:23:66:93:56:df:35:68:dd:b2:
         e8:af:07:0f:ba:9f:39:13:c4:89:7a:95:7d:3f:b5:33:fb:b4:
         fc:54:b0:1d:d3:00:ff:b9:1e:c4:63:7a:4b:19:32:5f:1b:1a:
         fe:e4:72:3d:40:dd:0f:69:15:07:fa:a7:18:26:7f:a1:2d:f1:
         4c:a6:ef:fe:b2:d9:98:fe:84:00:93:ef:6e:7d:79:8d:9d:5c:
         65:4f:93:cb:e5:98:52:ea:7a:53:69:4c:a3:9f:27:47:6a:58:
         8c:55:e8:be:44:a2:fb:c4:e5:a2:f8:c7:72:a3:31:b5:65:ac:
         20:54:e0:5c:f4:ce:b9:b3:66:2f:0b:21:e3:03:02:82:f1:05:
         55:c9:3e:51:31:84:3b:be:35:f2:4e:69:8d:77:cb:2c:de:1d:
         de:61:cf:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4gyD3APuJzJEh077QPfg73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjYwNTEzMTAwMDU0WhcNMjYwNTE0MTAwMDU0WjAzMTEwLwYDVQQD
Eyg1Y2ZhMDY5ODMyOTlmNTIxMTE4YzVlODg3NjYwM2I2OTgyNzQ5ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+z5CbJFyTlMsQhTRiNlog5eqvaT
Eb0sdJI1hiqeVCKw+N5UoesYMGDH66iXyHMQuYBoYKy3CBvCiATupKAUf2GHHjqT
Tdpu00TM8JRCqJUhc4db0/tAwS9+Ye5OQVsybgokdVGES/Qs83YVcrCk+mGfT8gS
/TNAgC4aQiMiuOkMjmHoTHmhm2PfXvbG+EcEx1PbuHZ0WTbXSi1bYNV9JrbEMyaX
rUnLjk7lLlpRqr2vex8F2MTlMFhHwX/DmhPaQy7eJ2DufsfKHfbL9yk02hU+/gDz
U9heIq2vPtelZL9IDnD5Qs9GSu+4g8LyIdpwd5e3+6B0EOyYtMpLCuy6qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFz6BpgymfUhEYxeiHZgO2mCdJ0ZMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNYc4yHC
e7eVqsw0WoRgBQkvHEZ341m8SvgZ9/osz0lBYukCk6gwrXIk8ZKq8fLhzieOKKEx
gHFhIEJFC9El422rid1YruEtL10aPt6rArgaUqikaOAi/VJ5LBFzH8u+qhE6I2aT
Vt81aN2y6K8HD7qfORPEiXqVfT+1M/u0/FSwHdMA/7kexGN6SxkyXxsa/uRyPUDd
D2kVB/qnGCZ/oS3xTKbv/rLZmP6EAJPvbn15jZ1cZU+Ty+WYUup6U2lMo58nR2pY
jFXovkSi+8TlovjHcqMxtWWsIFTgXPTOubNmLwsh4wMCgvEFVck+UTGEO7418k5p
jXfLLN4d3mHPaA==
-----END CERTIFICATE-----