Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          tOBzSxIOemQuUY6RYpTRquxFePEm0R+XUCDIsC9W9Gg=
Subject key identifier:   25:DF:19:DE:BC:C4:0E:F1:DF:21:36:F9:FC:4B:A7:E7:88:B2:69:F8
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019E1CEB72165E23582F37480252E48E2EFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0CD7
Signing time:             Tue 12 May 2026 16:00:52 +0000
Manifest this update:     Tue 12 May 2026 16:00:52 +0000
Manifest next update:     Wed 13 May 2026 16:00:52 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: /z506eOgUJy7kZv/7iaEdzIHFJZM0We9fv3omP3Tzgk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:eb:72:16:5e:23:58:2f:37:48:02:52:e4:8e:2e:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: May 12 16:00:52 2026 GMT
            Not After : May 13 16:00:52 2026 GMT
        Subject: CN=25df19debcc40ef1df2136f9fc4ba7e788b269f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:5f:5e:44:aa:0f:8b:8f:05:9d:ed:d9:bd:06:
                    02:41:9c:ae:56:f7:6d:02:68:d1:3a:26:09:b2:e4:
                    4e:87:46:a4:91:e9:34:33:a0:27:06:2c:d4:57:f0:
                    e7:a8:20:ef:a5:ba:73:2b:72:92:69:62:35:ce:e9:
                    d5:a3:46:ea:42:85:37:b7:04:6f:ac:01:28:01:3f:
                    dc:bd:e3:86:d8:31:2f:dd:e6:a9:75:68:9d:b7:73:
                    30:cc:7d:58:5f:7d:11:fb:57:2c:8b:ac:ec:8c:52:
                    dd:45:34:c0:9b:23:f1:c8:5f:11:f8:59:7f:a7:ad:
                    be:02:c6:1b:08:42:d1:db:2a:b9:3a:1e:df:b9:7d:
                    e4:66:f1:d7:a1:56:d9:6d:0f:84:a8:bb:60:eb:9a:
                    0b:02:e6:7d:1f:0e:09:f1:2f:59:1a:27:ae:06:d6:
                    69:56:90:34:50:6a:1c:fc:53:1a:e4:7f:a1:69:5d:
                    1b:a9:80:b8:34:70:af:37:8e:4f:72:a7:a4:d6:96:
                    b7:0c:1c:e7:2a:9d:0d:2e:64:bd:b0:ff:64:d4:50:
                    ff:41:b9:15:fd:d1:1c:d0:f3:28:5c:c7:81:a9:8e:
                    44:5c:24:26:46:f6:3d:53:94:ab:34:89:f3:b2:32:
                    52:6f:de:ed:a6:b4:bc:e7:e0:eb:e0:89:76:41:90:
                    74:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:DF:19:DE:BC:C4:0E:F1:DF:21:36:F9:FC:4B:A7:E7:88:B2:69:F8
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:7f:ca:ee:3d:50:c8:4a:64:9e:48:9d:ff:5c:a6:af:46:ba:
         40:d4:df:d4:6e:08:6f:e1:0b:ab:dd:e1:f0:73:37:2a:2e:2b:
         c1:2a:5d:cd:9a:69:a2:b6:59:ae:de:12:1e:0a:b2:02:ed:02:
         e5:40:2f:47:c2:f7:d5:e3:c6:0a:ed:84:06:25:d7:f0:83:eb:
         bb:9c:d7:81:e9:67:2c:05:91:30:b2:ae:ab:3d:08:82:f9:30:
         8b:ce:2d:26:d0:f7:b0:0a:f3:60:0a:8a:62:cc:06:c5:39:9c:
         2b:8a:67:ed:e1:42:4d:10:29:6a:45:4f:19:cf:5c:cd:59:7f:
         b6:dd:7d:6a:a6:83:24:12:16:a5:e4:2b:6a:7c:7c:9e:e9:f0:
         b2:88:a6:46:0e:45:4b:72:2c:61:98:d9:ba:1a:f9:11:5e:c0:
         39:36:af:d5:51:e8:c6:00:68:a8:ae:c4:21:27:4b:c9:51:31:
         5a:0a:1b:1e:91:d3:d6:e9:c0:4e:81:b7:21:95:76:c5:8b:8a:
         d3:b0:c4:bf:4b:d4:f0:c4:fc:44:13:0e:da:92:15:8d:b4:3a:
         70:35:db:e5:86:b6:8e:cf:b0:12:55:c8:b9:c7:d1:d7:ae:3d:
         b8:41:5f:d9:35:88:d5:e6:30:a6:f7:62:98:9d:9e:2e:32:1f:
         9b:57:9f:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c63IWXiNYLzdIAlLkji7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjYwNTEyMTYwMDUyWhcNMjYwNTEzMTYwMDUyWjAzMTEwLwYDVQQD
EygyNWRmMTlkZWJjYzQwZWYxZGYyMTM2ZjlmYzRiYTdlNzg4YjI2OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V9eRKoPi48Fne3ZvQYCQZyuVvdt
AmjROiYJsuROh0akkek0M6AnBizUV/DnqCDvpbpzK3KSaWI1zunVo0bqQoU3twRv
rAEoAT/cveOG2DEv3eapdWidt3MwzH1YX30R+1csi6zsjFLdRTTAmyPxyF8R+Fl/
p62+AsYbCELR2yq5Oh7fuX3kZvHXoVbZbQ+EqLtg65oLAuZ9Hw4J8S9ZGieuBtZp
VpA0UGoc/FMa5H+haV0bqYC4NHCvN45Pcqek1pa3DBznKp0NLmS9sP9k1FD/QbkV
/dEc0PMoXMeBqY5EXCQmRvY9U5SrNInzsjJSb97tprS85+Dr4Il2QZB0XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXfGd68xA7x3yE2+fxLp+eIsmn4MB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADn/K7j1Q
yEpknkid/1ymr0a6QNTf1G4Ib+ELq93h8HM3Ki4rwSpdzZpporZZrt4SHgqyAu0C
5UAvR8L31ePGCu2EBiXX8IPru5zXgelnLAWRMLKuqz0Igvkwi84tJtD3sArzYAqK
YswGxTmcK4pn7eFCTRApakVPGc9czVl/tt19aqaDJBIWpeQranx8nunwsoimRg5F
S3IsYZjZuhr5EV7AOTav1VHoxgBoqK7EISdLyVExWgobHpHT1unAToG3IZV2xYuK
07DEv0vU8MT8RBMO2pIVjbQ6cDXb5Ya2js+wElXIucfR1649uEFf2TWI1eYwpvdi
mJ2eLjIfm1efeg==
-----END CERTIFICATE-----