Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          zg1UsrZO3G6zhRm6hx0302BA9/eRHuAeZgnHCv5fTcg=
Subject key identifier:   1C:1F:64:11:1B:DD:AB:B8:98:0A:2E:7D:CB:8A:1E:06:03:02:FA:91
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       019E1D90481321DEB18420FDD6C4FB30B38F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          0786
Signing time:             Tue 12 May 2026 19:00:55 +0000
Manifest this update:     Tue 12 May 2026 19:00:55 +0000
Manifest next update:     Wed 13 May 2026 19:00:55 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: EKHVR3D9fwKVQlX8mtK8RG1tnQcDms/ZVdlsXaDt8SE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 19:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:90:48:13:21:de:b1:84:20:fd:d6:c4:fb:30:b3:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: May 12 19:00:55 2026 GMT
            Not After : May 13 19:00:55 2026 GMT
        Subject: CN=1c1f64111bddabb8980a2e7dcb8a1e060302fa91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:6f:40:06:a3:55:2f:66:b2:bd:35:58:85:79:
                    29:13:c6:2c:8d:09:b4:56:53:72:fa:d3:98:b6:c3:
                    e9:ef:2f:d5:6d:42:f5:8a:a0:d2:30:fa:58:66:97:
                    2d:37:93:eb:64:25:3e:3f:95:e6:53:47:13:9b:7a:
                    73:72:6d:08:7f:ad:79:0c:9a:dc:de:8f:f4:94:5a:
                    58:33:62:8e:a2:21:50:de:bf:e5:ff:82:11:6c:d7:
                    24:ea:13:aa:ef:9f:b3:64:ec:a0:18:82:8f:22:ec:
                    c2:5c:47:89:f3:5f:4a:11:14:a5:8c:ad:36:5b:48:
                    6b:1e:5b:c3:d0:1e:bf:90:2c:02:1e:a2:ae:7c:85:
                    e0:12:c9:55:0b:59:aa:d9:d1:9d:de:f8:47:59:21:
                    51:45:b7:c9:b6:31:b6:1f:bf:ad:2e:14:7b:2c:75:
                    15:f3:43:e3:26:9d:3e:55:7a:28:7d:d4:f0:af:cd:
                    24:df:5e:94:4f:ba:51:98:b5:73:69:05:40:11:73:
                    21:d1:c6:14:5a:23:5e:a8:2a:12:af:51:a4:79:a1:
                    4f:f7:e2:8d:de:e9:2d:56:09:b6:fb:ed:4d:94:c5:
                    71:c7:87:4b:10:bc:72:0d:80:ea:58:66:57:b6:a6:
                    65:cf:b7:60:85:d5:00:9a:04:7a:6c:95:91:88:a2:
                    0a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:1F:64:11:1B:DD:AB:B8:98:0A:2E:7D:CB:8A:1E:06:03:02:FA:91
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c9:5b:57:61:77:3e:a1:c7:2c:b4:24:3c:29:6b:8d:63:cd:
         64:3c:04:e2:85:a8:5e:55:b3:16:36:81:f5:aa:8d:45:98:c4:
         0f:30:7b:b8:6d:27:c9:d1:b9:01:c0:fa:fb:9c:55:af:e8:2f:
         09:2c:4f:a2:54:96:d6:88:86:fd:fd:3e:ce:d7:81:43:98:22:
         b7:3e:ee:6a:fc:cc:c1:70:b5:5a:ff:9c:b4:48:f7:f4:0b:ce:
         65:a1:f0:71:eb:07:55:f9:8b:c9:3f:bb:69:19:00:0c:c1:06:
         43:1b:1e:6c:34:e4:6a:02:4b:5b:9a:ec:50:79:bf:cb:cc:a5:
         ac:13:0e:41:f1:bc:2a:fd:1d:79:02:d6:d6:52:b1:df:a9:6c:
         1f:73:19:e0:6c:c7:db:22:54:e1:78:17:c5:ab:56:6f:c4:be:
         7d:50:d5:20:a6:62:cd:eb:3a:3b:06:d0:af:14:e6:f7:cc:da:
         cb:86:3a:e2:1a:38:d9:c1:9d:44:de:8d:72:33:14:ab:a8:35:
         03:0f:ba:39:bf:c3:c1:4b:dc:f0:8d:0d:43:d6:8e:72:b5:be:
         f9:de:85:31:35:5e:37:73:e0:06:53:30:77:99:dc:df:1d:0d:
         3a:37:98:ad:a4:6f:36:0c:22:59:86:4e:f6:ca:98:5a:6e:a1:
         99:97:ea:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkEgTId6xhCD91sT7MLOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjYwNTEyMTkwMDU1WhcNMjYwNTEzMTkwMDU1WjAzMTEwLwYDVQQD
EygxYzFmNjQxMTFiZGRhYmI4OTgwYTJlN2RjYjhhMWUwNjAzMDJmYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3W9ABqNVL2ayvTVYhXkpE8YsjQm0
VlNy+tOYtsPp7y/VbUL1iqDSMPpYZpctN5PrZCU+P5XmU0cTm3pzcm0If615DJrc
3o/0lFpYM2KOoiFQ3r/l/4IRbNck6hOq75+zZOygGIKPIuzCXEeJ819KERSljK02
W0hrHlvD0B6/kCwCHqKufIXgEslVC1mq2dGd3vhHWSFRRbfJtjG2H7+tLhR7LHUV
80PjJp0+VXoofdTwr80k316UT7pRmLVzaQVAEXMh0cYUWiNeqCoSr1GkeaFP9+KN
3uktVgm2++1NlMVxx4dLELxyDYDqWGZXtqZlz7dghdUAmgR6bJWRiKIKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwfZBEb3au4mAoufcuKHgYDAvqRMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGslbV2F3
PqHHLLQkPClrjWPNZDwE4oWoXlWzFjaB9aqNRZjEDzB7uG0nydG5AcD6+5xVr+gv
CSxPolSW1oiG/f0+zteBQ5gitz7uavzMwXC1Wv+ctEj39AvOZaHwcesHVfmLyT+7
aRkADMEGQxsebDTkagJLW5rsUHm/y8ylrBMOQfG8Kv0deQLW1lKx36lsH3MZ4GzH
2yJU4XgXxatWb8S+fVDVIKZizes6OwbQrxTm98zay4Y64ho42cGdRN6NcjMUq6g1
Aw+6Ob/DwUvc8I0NQ9aOcrW++d6FMTVeN3PgBlMwd5nc3x0NOjeYraRvNgwiWYZO
9sqYWm6hmZfqUQ==
-----END CERTIFICATE-----