Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
File:                     3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json)
Hash identifier:          206wXtCdqKR1SsRWAxzFxmAcpD+XA+D/D9XbATeIxVw=
Subject key identifier:   72:A0:45:96:AD:60:EA:D6:AC:54:37:70:A8:3E:8E:27:B3:DA:BA:E4
Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02
Certificate issuer:       /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
Certificate serial:       019E1DC6F8CED9CFE4A3F804A0F09DA8A678
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
Manifest number:          04DF
Signing time:             Tue 12 May 2026 20:00:39 +0000
Manifest this update:     Tue 12 May 2026 20:00:39 +0000
Manifest next update:     Wed 13 May 2026 20:00:39 +0000
Files and hashes:         1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: tN9yV1A7KlU4V7YGqsR6W7InfcNRRiZ+rna9GEJEK+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:c6:f8:ce:d9:cf:e4:a3:f8:04:a0:f0:9d:a8:a6:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
        Validity
            Not Before: May 12 20:00:39 2026 GMT
            Not After : May 13 20:00:39 2026 GMT
        Subject: CN=72a04596ad60ead6ac543770a83e8e27b3dabae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:97:a0:f6:31:46:e2:fb:fa:9f:dc:c8:db:9b:
                    b6:06:00:a3:2b:46:2f:14:94:b4:15:86:50:bb:22:
                    3f:49:86:cb:16:70:e3:18:b9:e9:d2:ec:55:0a:47:
                    65:e6:dd:7e:ae:b3:53:ec:28:21:8c:a0:24:cb:70:
                    e3:c0:29:04:18:c8:ec:4e:f2:ad:ac:b2:65:e4:5c:
                    da:30:79:48:a4:3d:cb:f1:fd:64:10:e4:a2:ce:69:
                    99:f1:0c:9b:0d:da:e8:f5:3f:88:4b:cc:f8:c6:8d:
                    28:ce:31:ca:b6:58:62:ef:fb:47:c6:cd:3b:d4:25:
                    93:3d:80:bc:75:22:ea:43:f3:64:c4:a8:dd:4e:fd:
                    c6:2a:cd:2f:de:57:cb:1e:fe:90:66:d2:ae:3b:27:
                    02:e8:e3:bf:38:85:54:6f:8e:da:a5:34:c8:85:36:
                    ba:26:e4:9b:6a:fe:59:ef:04:df:97:c9:6e:d3:1c:
                    8d:48:87:42:27:77:bb:cf:a7:f2:0b:7a:bf:e0:61:
                    ca:0e:35:6d:c5:4b:b9:d1:52:62:5f:da:a9:fa:a3:
                    40:19:93:87:ee:cf:25:38:74:dd:66:e8:57:b4:9d:
                    4a:45:37:33:ef:57:73:c9:55:a8:94:55:b9:fd:87:
                    21:b9:d1:ae:23:74:17:cb:b7:7b:76:2f:66:51:f7:
                    f1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:A0:45:96:AD:60:EA:D6:AC:54:37:70:A8:3E:8E:27:B3:DA:BA:E4
            X509v3 Authority Key Identifier:
                keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:86:32:3f:87:33:1c:45:08:0a:7b:82:7d:ea:4b:ec:f3:76:
         69:c3:0a:6c:85:20:78:e3:18:f5:b6:90:b2:ce:2f:1c:93:49:
         96:b3:b1:7c:43:be:0d:ed:ac:34:51:db:77:1c:d3:f8:42:aa:
         24:d7:1e:90:0f:84:15:3c:d2:38:03:32:e3:76:b0:48:51:b5:
         0d:4e:bc:a0:ca:e8:ce:82:b6:fd:53:b2:47:e0:9a:01:39:81:
         a5:7f:25:b0:51:93:6f:2d:6b:81:44:8e:a8:19:b3:b1:1c:55:
         b9:6c:b7:8b:a9:9c:3e:f1:94:13:3d:9b:89:c7:7e:94:e3:89:
         23:5b:f6:de:dd:f4:87:67:be:b6:26:26:86:74:46:23:7e:bb:
         3f:50:0b:31:ff:f7:5f:26:9f:9c:df:23:8a:b7:a8:9f:79:a5:
         a1:2c:c5:98:a4:ec:13:e6:fb:67:dc:f1:11:70:c0:17:ca:9e:
         c6:81:1d:7e:3a:13:18:b7:9f:39:bc:ae:f8:0e:16:44:6d:0a:
         95:4a:26:00:ce:2c:77:ae:c8:f2:25:55:24:00:12:8d:4f:f6:
         54:eb:e9:a5:48:1b:6e:7b:4f:d6:eb:30:00:0d:0e:05:f7:11:
         c7:89:61:01:f3:e9:f1:57:32:7c:ae:d7:6e:0a:37:dd:d1:1e:
         2e:0f:cc:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dxvjO2c/ko/gEoPCdqKZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh
NjM4MDIwHhcNMjYwNTEyMjAwMDM5WhcNMjYwNTEzMjAwMDM5WjAzMTEwLwYDVQQD
Eyg3MmEwNDU5NmFkNjBlYWQ2YWM1NDM3NzBhODNlOGUyN2IzZGFiYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Zeg9jFG4vv6n9zI25u2BgCjK0Yv
FJS0FYZQuyI/SYbLFnDjGLnp0uxVCkdl5t1+rrNT7CghjKAky3DjwCkEGMjsTvKt
rLJl5FzaMHlIpD3L8f1kEOSizmmZ8QybDdro9T+IS8z4xo0ozjHKtlhi7/tHxs07
1CWTPYC8dSLqQ/NkxKjdTv3GKs0v3lfLHv6QZtKuOycC6OO/OIVUb47apTTIhTa6
JuSbav5Z7wTfl8lu0xyNSIdCJ3e7z6fyC3q/4GHKDjVtxUu50VJiX9qp+qNAGZOH
7s8lOHTdZuhXtJ1KRTcz71dzyVWolFW5/YchudGuI3QXy7d7di9mUffx+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKgRZatYOrWrFQ3cKg+jiez2rrkMB8GA1UdIwQY
MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt
NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm
LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlYYyP4cz
HEUICnuCfepL7PN2acMKbIUgeOMY9baQss4vHJNJlrOxfEO+De2sNFHbdxzT+EKq
JNcekA+EFTzSOAMy43awSFG1DU68oMrozoK2/VOyR+CaATmBpX8lsFGTby1rgUSO
qBmzsRxVuWy3i6mcPvGUEz2bicd+lOOJI1v23t30h2e+tiYmhnRGI367P1ALMf/3
XyafnN8jireon3mloSzFmKTsE+b7Z9zxEXDAF8qexoEdfjoTGLefObyu+A4WRG0K
lUomAM4sd67I8iVVJAASjU/2VOvppUgbbntP1uswAA0OBfcRx4lhAfPp8VcyfK7X
bgo33dEeLg/Mww==
-----END CERTIFICATE-----