Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          vllyce5HgFOgU3LLzSEsrRB/NWpW7Yyw6vHW98pE/Iw=
Subject key identifier:   C5:3C:06:51:45:FE:FF:85:6B:F4:D7:1A:24:B3:55:BE:E4:FC:6F:A5
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019E1C46CC2EBC08F4D40F2CE2FB9E83634C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0A2B
Signing time:             Tue 12 May 2026 13:01:02 +0000
Manifest this update:     Tue 12 May 2026 13:01:02 +0000
Manifest next update:     Wed 13 May 2026 13:01:02 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: efKRtQMGosGW49+ppbWsQJHL7w/zGwUXwI66b36T/e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:cc:2e:bc:08:f4:d4:0f:2c:e2:fb:9e:83:63:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: May 12 13:01:02 2026 GMT
            Not After : May 13 13:01:02 2026 GMT
        Subject: CN=c53c065145feff856bf4d71a24b355bee4fc6fa5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:41:c2:d6:8c:0a:75:42:ce:40:43:35:4f:9c:
                    c2:7d:a7:14:7b:ea:51:84:82:b6:44:f4:ef:d2:4d:
                    1e:7c:71:81:c0:d3:73:cc:0b:59:de:f5:4c:d6:bd:
                    89:54:26:b8:ee:14:f0:16:02:a8:35:4c:d6:33:73:
                    fb:2e:3b:f5:10:6e:7c:c6:fd:9e:f2:04:2e:98:89:
                    ac:21:ed:a6:b5:db:cc:c7:62:3a:62:bf:73:83:50:
                    fc:94:09:cd:ef:22:90:36:4b:14:6a:86:f4:d1:31:
                    68:f8:c2:ce:af:6a:96:3b:1c:55:32:ad:be:ac:31:
                    fd:4e:38:65:4f:e2:73:15:99:81:e7:40:06:6d:5c:
                    1e:11:e9:89:55:1a:4c:de:f8:51:c5:d9:b0:c4:02:
                    d6:b2:f5:2d:e3:0e:4d:66:02:7f:e4:1e:b4:f4:87:
                    66:0b:d3:84:cf:49:22:a3:94:53:a3:a2:f7:c2:c7:
                    99:f8:f8:58:d1:55:27:87:e4:2e:5e:a7:13:b9:58:
                    c6:70:90:26:fb:2b:e2:51:da:7d:0a:f4:c7:e8:04:
                    12:53:ab:22:b3:5e:56:a7:fd:96:aa:0d:d9:04:24:
                    b6:d8:60:a8:17:55:05:6c:60:4a:c9:7a:08:0b:02:
                    15:61:bb:89:73:e6:94:09:51:d0:dd:d5:db:38:87:
                    6c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:3C:06:51:45:FE:FF:85:6B:F4:D7:1A:24:B3:55:BE:E4:FC:6F:A5
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:a9:0d:34:69:53:73:96:cb:4f:0b:63:34:ed:60:98:eb:f1:
         50:71:0f:f8:96:5e:f5:45:6b:1a:28:49:44:9b:6c:0f:37:26:
         35:51:94:c4:dd:85:81:90:08:18:e3:68:07:37:74:fe:f8:8f:
         93:8d:9b:ab:78:30:ad:9a:02:d6:61:13:82:7f:56:b2:8e:1b:
         da:a1:7d:0a:4c:bb:98:a6:9a:5b:26:af:7a:2d:86:ca:f6:5c:
         62:26:01:08:26:b1:0d:82:19:26:a1:3c:d4:90:10:0d:fd:ae:
         e1:26:30:1e:fc:90:49:6c:fd:8a:8a:70:cb:03:37:e7:b7:53:
         3b:10:4d:8c:6a:3d:cf:5c:17:2f:7b:0d:9c:4c:44:40:9a:af:
         34:8a:a5:0e:c9:64:58:74:6e:9e:2f:b6:e5:04:98:77:4e:2b:
         47:82:4f:36:72:a1:3a:7e:10:de:a9:22:9d:e7:ad:57:27:05:
         44:15:19:f6:28:81:32:89:87:84:37:88:a7:8e:5d:77:81:8b:
         5f:c0:51:34:49:5d:0c:38:3c:da:07:4d:ec:2d:4b:6e:2f:e9:
         55:d6:6c:47:19:cf:19:b6:1f:8e:e2:65:81:ad:02:05:6c:29:
         11:f6:a6:01:c9:ed:69:e5:88:29:d6:1f:ec:17:f6:d3:83:32:
         13:b0:ab:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRswuvAj01A8s4vueg2NMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwNTEyMTMwMTAyWhcNMjYwNTEzMTMwMTAyWjAzMTEwLwYDVQQD
EyhjNTNjMDY1MTQ1ZmVmZjg1NmJmNGQ3MWEyNGIzNTViZWU0ZmM2ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUHC1owKdULOQEM1T5zCfacUe+pR
hIK2RPTv0k0efHGBwNNzzAtZ3vVM1r2JVCa47hTwFgKoNUzWM3P7Ljv1EG58xv2e
8gQumImsIe2mtdvMx2I6Yr9zg1D8lAnN7yKQNksUaob00TFo+MLOr2qWOxxVMq2+
rDH9TjhlT+JzFZmB50AGbVweEemJVRpM3vhRxdmwxALWsvUt4w5NZgJ/5B609Idm
C9OEz0kio5RTo6L3wseZ+PhY0VUnh+QuXqcTuVjGcJAm+yviUdp9CvTH6AQSU6si
s15Wp/2Wqg3ZBCS22GCoF1UFbGBKyXoICwIVYbuJc+aUCVHQ3dXbOIdsRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMU8BlFF/v+Fa/TXGiSzVb7k/G+lMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqkNNGlT
c5bLTwtjNO1gmOvxUHEP+JZe9UVrGihJRJtsDzcmNVGUxN2FgZAIGONoBzd0/viP
k42bq3gwrZoC1mETgn9Wso4b2qF9Cky7mKaaWyavei2GyvZcYiYBCCaxDYIZJqE8
1JAQDf2u4SYwHvyQSWz9iopwywM357dTOxBNjGo9z1wXL3sNnExEQJqvNIqlDslk
WHRuni+25QSYd04rR4JPNnKhOn4Q3qkineetVycFRBUZ9iiBMomHhDeIp45dd4GL
X8BRNEldDDg82gdN7C1Lbi/pVdZsRxnPGbYfjuJlga0CBWwpEfamAcntaeWIKdYf
7Bf204MyE7CrrA==
-----END CERTIFICATE-----