Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          Im4FT7+xob/TLqjsfrpEvtugjUX91i7eJMpsN6YwPXU=
Subject key identifier:   81:53:DC:D6:CB:30:31:3A:2E:FE:2A:F6:90:EA:25:17:DB:23:14:5E
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019E1E35DFD36912492B8BA1AF7B9FE9BDC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0FF8
Signing time:             Tue 12 May 2026 22:01:47 +0000
Manifest this update:     Tue 12 May 2026 22:01:47 +0000
Manifest next update:     Wed 13 May 2026 22:01:47 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: xPADFxNADDiKjVFSVGOcmDg5pCTeexlHY/6BXMmdJwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:df:d3:69:12:49:2b:8b:a1:af:7b:9f:e9:bd:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: May 12 22:01:47 2026 GMT
            Not After : May 13 22:01:47 2026 GMT
        Subject: CN=8153dcd6cb30313a2efe2af690ea2517db23145e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:83:c0:d3:8b:f8:8e:ed:28:ef:bc:9d:e3:49:
                    c2:a5:94:df:7c:9b:72:b3:fa:7c:43:b1:a7:3a:7e:
                    1b:8f:19:fd:c8:b7:06:c0:cd:cd:ac:4d:9d:2e:85:
                    1d:0a:e6:68:b3:7a:f8:52:e0:27:d0:6f:9b:7f:a6:
                    4e:a5:3f:66:9f:50:d1:26:e6:29:83:78:ed:8a:ad:
                    71:8a:c3:b8:c8:62:c8:77:0b:4b:4b:10:7c:56:53:
                    fd:c6:67:2c:f3:5f:62:27:c4:30:98:f6:63:dd:0b:
                    5b:41:41:ff:44:51:d5:9e:a8:10:cb:ab:ae:ee:b8:
                    83:ec:9a:44:4f:cf:83:9f:a0:13:1e:a1:47:f4:7e:
                    80:13:d4:4d:a7:94:2a:25:3f:31:74:f5:35:f7:32:
                    4b:b6:80:6f:0f:8b:ee:5b:85:d7:b7:48:63:33:3a:
                    41:ab:62:54:93:ca:f0:42:18:9e:ed:d1:d0:25:89:
                    14:ed:4c:fb:db:38:61:eb:0e:2a:e6:e7:20:22:c7:
                    37:39:51:d3:6d:c1:77:0c:e0:27:3c:97:53:8d:8b:
                    38:20:53:4e:a3:47:0c:f0:8e:a6:ce:75:c5:7d:25:
                    eb:27:fa:1b:dc:52:61:10:cf:1a:79:80:8a:d6:6d:
                    92:dc:02:72:87:03:66:e4:bc:3c:10:34:6b:d0:e9:
                    75:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:53:DC:D6:CB:30:31:3A:2E:FE:2A:F6:90:EA:25:17:DB:23:14:5E
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:3c:ad:f0:bf:ab:6a:62:ae:4f:0b:ef:21:cd:3d:f9:ac:fb:
         53:a0:a1:77:40:ca:75:a0:c0:1d:e1:c8:a6:81:22:4c:c0:2c:
         72:8d:96:cf:9a:d8:71:86:c7:01:de:a2:71:e1:a9:56:be:9a:
         8f:d3:97:11:cd:ff:b9:10:8b:be:d6:bc:c4:ee:ec:b5:2f:30:
         33:5c:30:cd:5b:90:74:6d:ee:b7:b2:e9:68:89:61:03:12:09:
         5e:d7:59:d6:1f:4d:b5:a1:8c:14:06:32:01:17:74:01:75:8a:
         ba:9b:c2:f6:55:67:75:15:77:6b:ae:5f:6d:73:22:ee:59:1a:
         c4:8f:a8:09:83:c0:b6:08:dc:d4:6a:60:b1:d2:97:93:0f:c3:
         88:dc:6e:84:c2:fa:1a:7b:37:1f:87:8a:83:fd:d9:72:d5:b6:
         c9:e1:c4:78:d8:bb:81:be:82:3a:c7:69:d8:af:49:ed:3d:6f:
         96:4e:fd:c0:84:88:cd:73:aa:be:62:f2:45:47:50:8c:a6:24:
         40:6a:8e:59:a8:87:9a:fc:a3:3f:30:77:dd:15:ac:45:4d:78:
         c8:7e:fc:8f:b0:7b:a0:ff:ad:db:8c:94:22:7f:af:94:dd:ea:
         55:f7:0f:21:40:40:91:cd:03:64:d1:12:29:2b:9b:ef:52:40:
         be:89:12:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNd/TaRJJK4uhr3uf6b3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwNTEyMjIwMTQ3WhcNMjYwNTEzMjIwMTQ3WjAzMTEwLwYDVQQD
Eyg4MTUzZGNkNmNiMzAzMTNhMmVmZTJhZjY5MGVhMjUxN2RiMjMxNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4PA04v4ju0o77yd40nCpZTffJty
s/p8Q7GnOn4bjxn9yLcGwM3NrE2dLoUdCuZos3r4UuAn0G+bf6ZOpT9mn1DRJuYp
g3jtiq1xisO4yGLIdwtLSxB8VlP9xmcs819iJ8QwmPZj3QtbQUH/RFHVnqgQy6uu
7riD7JpET8+Dn6ATHqFH9H6AE9RNp5QqJT8xdPU19zJLtoBvD4vuW4XXt0hjMzpB
q2JUk8rwQhie7dHQJYkU7Uz72zhh6w4q5ucgIsc3OVHTbcF3DOAnPJdTjYs4IFNO
o0cM8I6mznXFfSXrJ/ob3FJhEM8aeYCK1m2S3AJyhwNm5Lw8EDRr0Ol11wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFT3NbLMDE6Lv4q9pDqJRfbIxReMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2jyt8L+r
amKuTwvvIc09+az7U6Chd0DKdaDAHeHIpoEiTMAsco2Wz5rYcYbHAd6iceGpVr6a
j9OXEc3/uRCLvta8xO7stS8wM1wwzVuQdG3ut7LpaIlhAxIJXtdZ1h9NtaGMFAYy
ARd0AXWKupvC9lVndRV3a65fbXMi7lkaxI+oCYPAtgjc1GpgsdKXkw/DiNxuhML6
Gns3H4eKg/3ZctW2yeHEeNi7gb6COsdp2K9J7T1vlk79wISIzXOqvmLyRUdQjKYk
QGqOWaiHmvyjPzB33RWsRU14yH78j7B7oP+t24yUIn+vlN3qVfcPIUBAkc0DZNES
KSub71JAvokSMg==
-----END CERTIFICATE-----