Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          EheOVttxPQZ29D/3nFWiK/5JibK/grO2E/FQrU9dqlI=
Subject key identifier:   88:1D:9A:25:28:AA:FB:C8:4D:E2:E2:75:BA:0D:7C:4E:BB:A6:01:D5
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019E1E35A54CF3E22FDD06E3FE98738B8B21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0BD2
Signing time:             Tue 12 May 2026 22:01:32 +0000
Manifest this update:     Tue 12 May 2026 22:01:32 +0000
Manifest next update:     Wed 13 May 2026 22:01:32 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: W3E9L8gmRtlcGhEMc4ADw09xg+NeG57oZh0PKjVdkgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:a5:4c:f3:e2:2f:dd:06:e3:fe:98:73:8b:8b:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: May 12 22:01:32 2026 GMT
            Not After : May 13 22:01:32 2026 GMT
        Subject: CN=881d9a2528aafbc84de2e275ba0d7c4ebba601d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1a:16:e4:6d:0c:31:94:e5:45:05:96:2c:ea:
                    27:a5:ae:00:9f:23:7e:a7:33:2c:ac:93:ef:da:38:
                    99:c9:a6:52:f6:ec:0e:7f:10:e5:b1:c1:2a:f8:0a:
                    0d:5f:40:65:a8:e2:46:55:5f:fe:b9:71:b8:d4:45:
                    fa:fc:b0:1c:bc:49:cb:5f:c4:25:f7:ae:da:45:f0:
                    7c:81:a6:3b:3e:48:31:09:60:64:29:83:21:5f:85:
                    05:d6:95:db:ed:5b:2f:69:30:39:70:03:61:ac:4f:
                    c0:b5:33:98:d2:b2:ae:6b:29:70:28:b6:35:04:c5:
                    95:87:ca:ef:e3:5e:84:58:51:45:1a:62:28:be:cd:
                    a5:f0:bc:3a:2e:5a:1e:e3:47:2f:78:21:d6:57:3c:
                    e2:6d:03:12:04:95:5a:fb:72:48:24:5f:50:40:36:
                    8d:89:72:99:71:9b:29:37:c5:31:07:19:0d:62:da:
                    28:cd:04:d3:ab:23:33:39:5b:cd:54:98:b4:37:8f:
                    cc:94:60:f3:37:48:c9:49:82:b2:68:86:43:2e:a0:
                    aa:8a:ac:53:c8:2e:3a:43:38:0d:85:76:ea:14:8e:
                    25:1e:0e:ea:44:a4:d9:e4:79:0a:6d:71:6a:d6:75:
                    1f:e3:cf:c2:37:d3:7d:f6:96:38:ab:9c:1d:c1:4b:
                    32:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:1D:9A:25:28:AA:FB:C8:4D:E2:E2:75:BA:0D:7C:4E:BB:A6:01:D5
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:f3:67:33:69:98:b9:a6:98:f7:ec:33:95:5f:bc:6b:9a:a0:
         89:27:f9:41:21:b1:df:80:a5:1d:1d:7a:38:c1:90:3d:11:87:
         bf:91:2e:b6:3b:ce:c7:f0:34:5b:d3:04:73:98:a6:81:f2:db:
         79:fa:14:03:c3:ad:9d:7f:92:1b:07:bd:ff:5a:5b:50:02:62:
         7e:56:52:6c:4d:dc:0f:cb:e5:30:83:3b:53:64:7a:1d:a6:f6:
         69:ac:32:28:49:df:06:c8:e4:00:8b:5a:3d:00:39:95:f0:5d:
         a8:cf:e2:2b:96:7e:38:c5:14:30:7c:33:be:ed:da:44:60:9b:
         ff:57:fa:33:b0:e2:d0:ce:eb:3f:3f:22:cb:89:db:e4:b7:22:
         17:8f:6a:0d:3d:59:50:33:06:cf:19:1a:78:7c:b7:18:c1:38:
         58:1f:cf:fb:d2:7d:6e:fe:a5:98:ae:51:35:ad:b4:6e:ea:56:
         8d:8e:4c:c7:23:30:13:59:a9:34:ca:06:c8:3c:72:8f:92:f5:
         ac:24:41:38:8f:40:26:f0:68:60:6c:74:b4:fe:bd:15:a0:cb:
         58:4b:ef:15:90:7c:c1:22:1f:6a:de:55:85:e4:d9:e8:8e:4d:
         38:46:be:10:52:f9:2f:96:bd:0c:4d:40:26:d4:71:75:05:b8:
         ed:ed:6f:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNaVM8+Iv3Qbj/phzi4shMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjYwNTEyMjIwMTMyWhcNMjYwNTEzMjIwMTMyWjAzMTEwLwYDVQQD
Eyg4ODFkOWEyNTI4YWFmYmM4NGRlMmUyNzViYTBkN2M0ZWJiYTYwMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBoW5G0MMZTlRQWWLOonpa4AnyN+
pzMsrJPv2jiZyaZS9uwOfxDlscEq+AoNX0BlqOJGVV/+uXG41EX6/LAcvEnLX8Ql
967aRfB8gaY7PkgxCWBkKYMhX4UF1pXb7VsvaTA5cANhrE/AtTOY0rKuaylwKLY1
BMWVh8rv416EWFFFGmIovs2l8Lw6Lloe40cveCHWVzzibQMSBJVa+3JIJF9QQDaN
iXKZcZspN8UxBxkNYtoozQTTqyMzOVvNVJi0N4/MlGDzN0jJSYKyaIZDLqCqiqxT
yC46QzgNhXbqFI4lHg7qRKTZ5HkKbXFq1nUf48/CN9N99pY4q5wdwUsyUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgdmiUoqvvITeLidboNfE67pgHVMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAffNnM2mY
uaaY9+wzlV+8a5qgiSf5QSGx34ClHR16OMGQPRGHv5EutjvOx/A0W9MEc5imgfLb
efoUA8OtnX+SGwe9/1pbUAJiflZSbE3cD8vlMIM7U2R6Hab2aawyKEnfBsjkAIta
PQA5lfBdqM/iK5Z+OMUUMHwzvu3aRGCb/1f6M7Di0M7rPz8iy4nb5LciF49qDT1Z
UDMGzxkaeHy3GME4WB/P+9J9bv6lmK5RNa20bupWjY5MxyMwE1mpNMoGyDxyj5L1
rCRBOI9AJvBoYGx0tP69FaDLWEvvFZB8wSIfat5VheTZ6I5NOEa+EFL5L5a9DE1A
JtRxdQW47e1v3g==
-----END CERTIFICATE-----