Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft
File:                     3aYlyUiBFZZabdCk8ILfO0LZSUg.mft (raw, json)
Hash identifier:          CDSEhJWtYJ+ZRPiL6gtETQ/UfRNRkAj0SDVu1eZbI0I=
Subject key identifier:   AD:73:F6:56:F9:49:39:BB:D1:FC:59:1E:1F:90:92:F7:B6:9A:EF:4E
Authority key identifier: DD:A6:25:C9:48:81:15:96:5A:6D:D0:A4:F0:82:DF:3B:42:D9:49:48
Certificate issuer:       /CN=dda625c9488115965a6dd0a4f082df3b42d94948
Certificate serial:       019E1CEB4E5E6CB812E6D1B1B67F988B9E71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3aYlyUiBFZZabdCk8ILfO0LZSUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft
Manifest number:          CC
Signing time:             Tue 12 May 2026 16:00:43 +0000
Manifest this update:     Tue 12 May 2026 16:00:43 +0000
Manifest next update:     Wed 13 May 2026 16:00:43 +0000
Files and hashes:         1: 3aYlyUiBFZZabdCk8ILfO0LZSUg.crl (hash: f9nSwONF2Bi6loOzsIPPIaj4XLsHV0swPD9fWIw0UCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3aYlyUiBFZZabdCk8ILfO0LZSUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:eb:4e:5e:6c:b8:12:e6:d1:b1:b6:7f:98:8b:9e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dda625c9488115965a6dd0a4f082df3b42d94948
        Validity
            Not Before: May 12 16:00:43 2026 GMT
            Not After : May 13 16:00:43 2026 GMT
        Subject: CN=ad73f656f94939bbd1fc591e1f9092f7b69aef4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:35:0d:37:87:1b:cd:40:1e:0b:65:2d:17:b8:
                    f3:e5:20:b1:c8:79:76:96:b0:ca:e3:18:9c:f0:af:
                    09:b5:54:b6:39:de:fb:cd:93:36:04:80:68:ac:11:
                    ca:3a:47:4b:57:3b:56:c1:4b:b1:e9:5c:4b:27:f9:
                    1f:0d:13:0a:64:e6:98:c7:8a:9c:34:ea:dd:ea:01:
                    82:2f:65:9e:ee:fb:c9:9a:6b:c6:12:6b:46:f0:9b:
                    5f:13:6b:f0:80:94:53:92:d9:10:0f:9c:05:4f:8f:
                    c7:62:da:01:7b:3b:97:dd:40:08:51:3d:21:13:d8:
                    53:9e:10:bd:20:ea:f8:aa:25:ca:3c:cc:ce:1e:85:
                    9b:e4:3e:fd:1c:c1:5c:ee:47:a8:1e:7c:81:f2:1e:
                    14:8c:97:05:f4:88:b2:f5:db:f4:0a:f2:6e:0b:a4:
                    ed:3d:26:54:63:2d:3b:2e:39:1e:c9:9a:c6:bb:03:
                    ea:1d:65:81:ea:98:18:a1:82:02:c9:54:13:32:4b:
                    49:19:32:9f:a4:0a:ab:53:5a:c4:cb:77:c8:d6:a4:
                    9f:a7:4e:b4:2e:c8:49:59:79:1c:ed:f6:2b:c3:4d:
                    7d:aa:46:b7:41:24:c9:c8:64:e6:db:bc:af:ae:ad:
                    ef:70:16:61:6f:a2:e3:5a:ad:90:6e:a7:46:c3:66:
                    29:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:73:F6:56:F9:49:39:BB:D1:FC:59:1E:1F:90:92:F7:B6:9A:EF:4E
            X509v3 Authority Key Identifier:
                keyid:DD:A6:25:C9:48:81:15:96:5A:6D:D0:A4:F0:82:DF:3B:42:D9:49:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3aYlyUiBFZZabdCk8ILfO0LZSUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:db:48:4e:2e:43:50:87:35:b7:7a:4c:44:3b:88:78:b8:0e:
         2b:48:69:f7:48:bb:71:5a:1b:47:fb:e2:b0:d1:2a:6d:17:6f:
         22:13:83:82:fc:d4:64:22:f5:16:06:48:85:47:3b:9a:c2:b7:
         5e:6e:af:a2:29:46:2d:db:1c:c7:99:d2:6a:ea:01:d3:2b:24:
         e6:ab:3d:cd:7c:bf:bd:1b:31:2d:de:d6:6e:57:a0:f2:7e:ef:
         c8:d0:97:be:5a:62:36:e8:73:51:c4:c2:d7:2b:5e:9c:ac:0c:
         33:ba:6a:0d:af:97:43:45:71:c0:89:64:56:2e:ed:b4:8c:cc:
         e8:75:08:ee:25:be:6b:76:a2:77:5b:82:f6:0c:e8:01:d0:b7:
         99:74:98:ef:74:51:57:b2:f5:80:23:e1:c6:91:20:17:c1:0d:
         af:50:2a:e0:d1:f9:dd:15:e9:0b:8c:09:4d:1a:45:ce:46:09:
         71:eb:6e:61:14:9c:b0:41:b6:45:82:04:25:3c:f9:09:e6:a1:
         b1:3c:c3:b8:fb:3b:0b:fc:de:70:ef:59:8b:67:fb:5c:6c:fb:
         7b:54:45:ed:07:8b:d4:89:61:ed:0b:3b:a4:ae:3e:c3:18:22:
         e7:8d:80:17:d2:d8:af:9c:f3:a2:04:c0:5d:18:37:f6:df:56:
         05:89:8f:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c605ebLgS5tGxtn+Yi55xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYTYyNWM5NDg4MTE1OTY1YTZkZDBhNGYwODJkZjNiNDJk
OTQ5NDgwHhcNMjYwNTEyMTYwMDQzWhcNMjYwNTEzMTYwMDQzWjAzMTEwLwYDVQQD
EyhhZDczZjY1NmY5NDkzOWJiZDFmYzU5MWUxZjkwOTJmN2I2OWFlZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDUNN4cbzUAeC2UtF7jz5SCxyHl2
lrDK4xic8K8JtVS2Od77zZM2BIBorBHKOkdLVztWwUux6VxLJ/kfDRMKZOaYx4qc
NOrd6gGCL2We7vvJmmvGEmtG8JtfE2vwgJRTktkQD5wFT4/HYtoBezuX3UAIUT0h
E9hTnhC9IOr4qiXKPMzOHoWb5D79HMFc7keoHnyB8h4UjJcF9Iiy9dv0CvJuC6Tt
PSZUYy07LjkeyZrGuwPqHWWB6pgYoYICyVQTMktJGTKfpAqrU1rEy3fI1qSfp060
LshJWXkc7fYrw019qka3QSTJyGTm27yvrq3vcBZhb6LjWq2QbqdGw2YpRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1z9lb5STm70fxZHh+Qkve2mu9OMB8GA1UdIwQY
MBaAFN2mJclIgRWWWm3QpPCC3ztC2UlIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2FZbHlVaUJGWlphYmRDazhJTGZPMExaU1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hZjY0MjEtMjk5Yy00ZmQ1LThhY2It
MjcxYTkyM2M5ZWNlLzEvM2FZbHlVaUJGWlphYmRDazhJTGZPMExaU1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hZjY0MjEtMjk5Yy00ZmQ1LThhY2ItMjcxYTkyM2M5ZWNl
LzEvM2FZbHlVaUJGWlphYmRDazhJTGZPMExaU1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNtITi5D
UIc1t3pMRDuIeLgOK0hp90i7cVobR/visNEqbRdvIhODgvzUZCL1FgZIhUc7msK3
Xm6voilGLdscx5nSauoB0ysk5qs9zXy/vRsxLd7Wbleg8n7vyNCXvlpiNuhzUcTC
1ytenKwMM7pqDa+XQ0VxwIlkVi7ttIzM6HUI7iW+a3aid1uC9gzoAdC3mXSY73RR
V7L1gCPhxpEgF8ENr1Aq4NH53RXpC4wJTRpFzkYJcetuYRScsEG2RYIEJTz5Ceah
sTzDuPs7C/zecO9Zi2f7XGz7e1RF7QeL1Ilh7Qs7pK4+wxgi542AF9LYr5zzogTA
XRg39t9WBYmPFQ==
-----END CERTIFICATE-----