Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          Hsuydj7B+xkBCn8Ez2PajVTmR97FOgxqvIxCKPKWRQs=
Subject key identifier:   FF:B0:1D:04:DE:50:CD:80:9D:2F:D7:51:E6:7F:C5:3B:73:3B:04:09
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019D28F253922F48890E0F05B941321FF230
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0F79
Signing time:             Thu 26 Mar 2026 07:01:02 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:02 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:02 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: r6NlDhivIy3KmS8+N+U/wVvCtBRlq2ycEOR5u2QRWCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:53:92:2f:48:89:0e:0f:05:b9:41:32:1f:f2:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Mar 26 07:01:02 2026 GMT
            Not After : Mar 27 07:01:02 2026 GMT
        Subject: CN=ffb01d04de50cd809d2fd751e67fc53b733b0409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7b:3a:b9:f8:98:fd:6b:f1:29:e6:5f:2b:04:
                    03:e1:6e:1c:20:9e:87:2a:46:ae:f4:e1:a0:e4:83:
                    fd:e6:8d:77:3b:13:bb:42:c9:20:5c:93:f0:ab:30:
                    bc:7f:0e:11:5b:79:6e:b8:cf:2f:62:81:f2:c1:07:
                    ec:7b:21:d1:05:ca:68:05:a6:3e:47:fa:8b:65:be:
                    c4:11:23:41:dd:fa:01:1f:37:73:00:d9:a1:cd:16:
                    bf:b1:42:bf:44:08:d0:58:9e:e3:4a:38:9f:45:af:
                    0b:bf:d2:94:0d:f6:75:4e:ff:73:d2:87:6a:89:1d:
                    cf:ec:a6:91:92:0d:5b:52:b9:6f:43:9c:87:85:04:
                    98:43:5c:27:55:e7:18:cf:d9:b0:13:ba:8a:5f:27:
                    76:12:26:e4:73:be:4c:ad:15:80:ed:20:24:cd:4a:
                    c5:0b:fc:25:45:f5:95:66:4c:3c:b0:0f:d7:0e:b0:
                    08:19:3e:9e:4d:8f:e9:57:2e:46:1b:03:f5:d5:b9:
                    9d:e2:9c:3e:39:5d:6f:12:46:cc:d3:3f:92:78:a8:
                    00:ac:22:49:cd:fa:10:26:fe:d6:e6:1b:f0:ba:c0:
                    56:a0:de:b4:01:7a:06:90:e4:49:a0:f8:8d:b3:13:
                    65:e3:4f:31:79:a3:6c:ee:84:1e:a2:ca:37:3b:ba:
                    1a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:B0:1D:04:DE:50:CD:80:9D:2F:D7:51:E6:7F:C5:3B:73:3B:04:09
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:e6:8e:f5:f7:95:3c:74:3d:6e:fc:c4:0b:7d:81:c6:f4:7f:
         85:7e:22:c7:4a:b1:aa:15:a0:1f:46:24:cd:02:3f:c7:c1:b1:
         4c:93:ee:b4:7e:a0:2f:e0:0e:24:19:4e:dc:e0:7d:8c:21:86:
         0b:b8:68:1e:2d:d7:8a:a1:c6:41:04:80:36:61:8f:d7:85:46:
         e1:40:af:b5:f6:74:71:93:70:18:09:51:fb:8b:ec:df:11:77:
         40:6f:86:77:5a:3a:e4:c4:b8:20:ca:4e:96:97:a3:40:53:c7:
         f6:c5:47:2d:4e:4c:65:ea:29:e6:a8:d8:ef:dd:c3:29:86:a3:
         78:c8:2a:8c:81:4d:5e:af:2d:dd:9c:9a:1f:c9:42:1d:5a:93:
         76:64:c6:70:64:b2:81:8b:42:94:9a:67:27:d5:b8:bf:f9:70:
         f9:3f:0e:a8:f7:02:7f:db:0a:51:9f:86:7c:62:d9:17:1f:1c:
         11:8e:3b:65:67:f6:b2:be:06:48:a4:ea:dc:40:39:64:92:85:
         f0:83:9f:62:94:13:1c:71:c9:c2:30:8c:83:f2:68:73:75:43:
         3d:8f:b5:a2:a2:22:04:7d:53:9c:4a:a3:4c:af:f1:0b:94:09:
         bb:4c:1c:f0:b8:3e:b9:65:8b:4e:7c:c0:6a:02:5b:7c:cc:08:
         b7:b0:a3:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8lOSL0iJDg8FuUEyH/IwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwMzI2MDcwMTAyWhcNMjYwMzI3MDcwMTAyWjAzMTEwLwYDVQQD
EyhmZmIwMWQwNGRlNTBjZDgwOWQyZmQ3NTFlNjdmYzUzYjczM2IwNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHs6ufiY/WvxKeZfKwQD4W4cIJ6H
Kkau9OGg5IP95o13OxO7QskgXJPwqzC8fw4RW3luuM8vYoHywQfseyHRBcpoBaY+
R/qLZb7EESNB3foBHzdzANmhzRa/sUK/RAjQWJ7jSjifRa8Lv9KUDfZ1Tv9z0odq
iR3P7KaRkg1bUrlvQ5yHhQSYQ1wnVecYz9mwE7qKXyd2Eibkc75MrRWA7SAkzUrF
C/wlRfWVZkw8sA/XDrAIGT6eTY/pVy5GGwP11bmd4pw+OV1vEkbM0z+SeKgArCJJ
zfoQJv7W5hvwusBWoN60AXoGkORJoPiNsxNl408xeaNs7oQeoso3O7oauwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+wHQTeUM2AnS/XUeZ/xTtzOwQJMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAueaO9feV
PHQ9bvzEC32BxvR/hX4ix0qxqhWgH0YkzQI/x8GxTJPutH6gL+AOJBlO3OB9jCGG
C7hoHi3XiqHGQQSANmGP14VG4UCvtfZ0cZNwGAlR+4vs3xF3QG+Gd1o65MS4IMpO
lpejQFPH9sVHLU5MZeop5qjY793DKYajeMgqjIFNXq8t3ZyaH8lCHVqTdmTGcGSy
gYtClJpnJ9W4v/lw+T8OqPcCf9sKUZ+GfGLZFx8cEY47ZWf2sr4GSKTq3EA5ZJKF
8IOfYpQTHHHJwjCMg/Joc3VDPY+1oqIiBH1TnEqjTK/xC5QJu0wc8Lg+uWWLTnzA
agJbfMwIt7CjUg==
-----END CERTIFICATE-----