Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
File:                     3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json)
Hash identifier:          PoepSygLzVLGkhgFV238HjaWxFSkMAP5wTSY4ATK/KE=
Subject key identifier:   6C:7D:E6:2B:62:2C:18:99:D8:DE:82:D2:09:04:AA:F2:D3:54:A0:63
Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56
Certificate issuer:       /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
Certificate serial:       019E1DFE32AE0E720E73CF817CA1D1A9A6F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
Manifest number:          0BB1
Signing time:             Tue 12 May 2026 21:00:58 +0000
Manifest this update:     Tue 12 May 2026 21:00:58 +0000
Manifest next update:     Wed 13 May 2026 21:00:58 +0000
Files and hashes:         1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: GOClD1ss67NQGDM/qZG6Hu2Jb45jjPGhQTH2ap35FfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:fe:32:ae:0e:72:0e:73:cf:81:7c:a1:d1:a9:a6:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
        Validity
            Not Before: May 12 21:00:58 2026 GMT
            Not After : May 13 21:00:58 2026 GMT
        Subject: CN=6c7de62b622c1899d8de82d20904aaf2d354a063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9a:a5:b5:75:0c:e7:0d:89:70:ce:cb:3e:7c:
                    2b:a1:34:ed:b6:67:fa:90:ad:d9:75:49:30:3b:b9:
                    0a:6d:26:3b:f3:c9:48:4f:4d:57:36:84:72:48:17:
                    46:fd:7b:18:99:3c:96:1b:52:86:6f:0d:9f:2f:84:
                    b8:36:59:d1:b7:02:d8:28:fc:c4:4c:fe:e7:eb:a2:
                    0f:74:5e:2a:ad:aa:a9:98:99:6a:20:2a:75:21:6e:
                    66:5f:4c:38:4c:b3:21:aa:a9:79:e2:fb:5f:18:b5:
                    52:a0:d5:41:19:bc:1e:39:12:d4:16:2a:9d:76:c8:
                    3b:07:69:6c:6e:29:bd:39:2d:3c:50:e4:a4:00:56:
                    e3:b6:b9:d1:71:20:41:23:b6:c3:59:32:f2:5c:99:
                    22:56:a0:6f:01:d8:33:f5:51:97:66:02:ab:15:64:
                    85:d9:e7:d9:17:5f:21:5b:51:6a:ac:56:ca:76:bc:
                    c5:b2:54:e7:7b:be:0f:23:5a:12:c6:10:da:cf:12:
                    90:00:64:8c:81:b8:d5:16:4c:8d:f3:02:5b:35:8a:
                    e7:0f:1c:f5:2c:e1:c0:24:1e:fd:65:be:cf:79:cb:
                    6a:72:b3:39:f5:5d:17:40:2b:a1:63:b9:07:0d:18:
                    0b:f1:e2:fa:6b:f1:7d:9d:cf:4a:e2:d1:47:e0:2d:
                    a7:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:7D:E6:2B:62:2C:18:99:D8:DE:82:D2:09:04:AA:F2:D3:54:A0:63
            X509v3 Authority Key Identifier:
                keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:c6:04:b8:5a:30:09:56:5f:84:30:f1:5b:20:7c:52:fe:0f:
         66:04:02:02:a3:a4:8e:f4:ef:a3:d7:5b:f9:a1:9a:00:a9:fa:
         21:2f:ff:88:ef:2a:96:4a:d2:9c:e5:ce:6b:01:17:74:14:6e:
         0d:34:18:89:3c:98:76:92:82:d8:4e:04:96:09:b5:cd:4d:39:
         60:df:26:61:1e:52:45:26:87:9c:95:1b:2b:80:a3:68:4a:29:
         48:d7:44:48:4e:98:ef:07:72:10:db:ae:c0:e5:29:45:50:aa:
         15:e4:61:56:0a:2f:a8:86:fa:cf:78:9f:7a:eb:ed:ce:b5:fd:
         bf:dd:a5:73:80:95:cf:02:cc:28:2e:1f:9f:e7:34:cf:94:e0:
         2e:51:21:4d:0f:1c:3a:ea:e2:ce:e7:19:95:92:5e:fc:dc:3e:
         c3:35:fb:14:99:a0:e4:3e:a6:ab:19:3c:58:9d:5d:16:17:0b:
         cc:ac:bf:62:d5:54:32:26:a7:e3:69:6c:11:48:f0:6a:7d:cd:
         9e:db:e3:c6:1b:06:ee:a8:6d:03:04:60:d8:da:75:3e:bf:4f:
         20:bc:8a:a0:8d:83:38:c2:33:bb:12:ac:ba:3a:b0:4d:b8:c2:
         e9:cc:8d:36:07:68:d4:b8:4e:08:7d:c9:f2:7b:c5:6a:1b:66:
         df:1d:89:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4d/jKuDnIOc8+BfKHRqab1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi
MWQwNTYwHhcNMjYwNTEyMjEwMDU4WhcNMjYwNTEzMjEwMDU4WjAzMTEwLwYDVQQD
Eyg2YzdkZTYyYjYyMmMxODk5ZDhkZTgyZDIwOTA0YWFmMmQzNTRhMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJqltXUM5w2JcM7LPnwroTTttmf6
kK3ZdUkwO7kKbSY788lIT01XNoRySBdG/XsYmTyWG1KGbw2fL4S4NlnRtwLYKPzE
TP7n66IPdF4qraqpmJlqICp1IW5mX0w4TLMhqql54vtfGLVSoNVBGbweORLUFiqd
dsg7B2lsbim9OS08UOSkAFbjtrnRcSBBI7bDWTLyXJkiVqBvAdgz9VGXZgKrFWSF
2efZF18hW1FqrFbKdrzFslTne74PI1oSxhDazxKQAGSMgbjVFkyN8wJbNYrnDxz1
LOHAJB79Zb7PectqcrM59V0XQCuhY7kHDRgL8eL6a/F9nc9K4tFH4C2ntQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGx95itiLBiZ2N6C0gkEqvLTVKBjMB8GA1UdIwQY
MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It
NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk
LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMYEuFow
CVZfhDDxWyB8Uv4PZgQCAqOkjvTvo9db+aGaAKn6IS//iO8qlkrSnOXOawEXdBRu
DTQYiTyYdpKC2E4Elgm1zU05YN8mYR5SRSaHnJUbK4CjaEopSNdESE6Y7wdyENuu
wOUpRVCqFeRhVgovqIb6z3ifeuvtzrX9v92lc4CVzwLMKC4fn+c0z5TgLlEhTQ8c
OurizucZlZJe/Nw+wzX7FJmg5D6mqxk8WJ1dFhcLzKy/YtVUMian42lsEUjwan3N
ntvjxhsG7qhtAwRg2Np1Pr9PILyKoI2DOMIzuxKsujqwTbjC6cyNNgdo1LhOCH3J
8nvFahtm3x2JLw==
-----END CERTIFICATE-----