Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          WFb/PHirpr3t9xeMZXzonGLWZgP1rUgU8niBwTuUgF0=
Subject key identifier:   59:60:3B:E7:3F:9F:4E:EF:B6:58:82:FF:99:50:B3:5E:54:2E:34:FA
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       019D277294BF38E8C548C923AA352DF19555
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0FE9
Signing time:             Thu 26 Mar 2026 00:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:53 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: ijFJKiYVgODAEsOdtNdB3YNOlq17U+2yfPLwbLGoKyA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:94:bf:38:e8:c5:48:c9:23:aa:35:2d:f1:95:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Mar 26 00:01:53 2026 GMT
            Not After : Mar 27 00:01:53 2026 GMT
        Subject: CN=59603be73f9f4eefb65882ff9950b35e542e34fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c9:2c:d9:cc:e7:ed:11:15:c4:ff:69:02:04:
                    d7:dc:37:ef:bf:39:22:76:12:e0:70:4a:6a:dd:4f:
                    0a:fe:fb:b6:b2:36:c9:9d:19:d4:d0:bf:94:12:ae:
                    77:ff:31:6e:9c:4c:b7:ed:31:a0:bc:9e:07:be:cf:
                    63:8a:2f:e3:cc:ee:03:31:4e:65:04:83:8e:32:e2:
                    13:0f:85:1f:01:1c:9d:7d:73:99:90:d2:52:08:75:
                    52:44:89:3b:61:76:58:9b:07:37:c8:69:59:56:2b:
                    29:c1:54:a9:b1:e5:67:10:e5:49:a4:62:7b:9d:49:
                    da:ff:b2:5b:3b:85:14:fc:e1:14:c0:97:1e:de:3d:
                    25:f9:9d:ab:7b:11:bb:31:23:63:26:45:1a:94:a4:
                    02:8a:99:29:de:52:fc:5f:0a:df:fa:ff:a8:73:4a:
                    c7:c4:20:13:df:e5:29:b3:6f:a2:e1:72:33:f8:d6:
                    a1:da:ac:73:cc:95:8f:02:61:80:65:a5:c8:35:45:
                    53:ea:44:e3:a5:dd:37:17:d2:90:e0:50:51:35:9d:
                    bf:b4:a7:fb:a7:49:b1:80:bb:9c:06:79:d2:76:4d:
                    ca:9c:0b:d9:a9:fb:d6:f2:46:52:d7:be:b0:3a:32:
                    f2:11:26:26:4d:98:9a:63:17:11:e1:37:e4:e2:0c:
                    38:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:60:3B:E7:3F:9F:4E:EF:B6:58:82:FF:99:50:B3:5E:54:2E:34:FA
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:73:6b:7f:a3:cc:db:70:c1:89:7e:0a:30:4a:1d:6e:d7:fc:
         92:05:b8:af:2b:d2:03:73:10:d8:c5:45:f8:38:28:f1:02:cc:
         d1:8d:98:34:5b:1c:83:7b:18:dd:68:13:f7:be:57:ac:d7:d8:
         4e:1e:9c:b7:54:15:53:68:eb:2a:fd:9d:79:cb:c7:ab:46:7c:
         e8:c8:0d:14:0c:93:8d:74:96:8e:e9:46:a4:26:a5:2c:83:8f:
         4b:45:67:b0:26:3c:b1:18:41:9d:d8:f0:dd:75:c4:b5:59:70:
         8b:4f:c2:57:3b:09:11:89:42:b7:c6:42:4e:8d:ac:69:1c:05:
         ec:2c:44:ee:f4:31:1b:75:d9:7a:19:d6:0c:64:10:5b:ee:7d:
         27:1b:8a:68:08:a9:3b:0a:29:c6:68:fe:0f:91:31:ea:05:46:
         36:79:07:ed:71:62:6d:2b:97:6d:b8:42:40:b2:12:50:4e:12:
         e3:a4:47:f1:3e:3a:23:08:bf:3b:18:54:d2:7a:90:5a:f9:8c:
         5f:b0:f3:70:71:11:71:89:f8:4a:63:6f:db:5e:c3:05:c4:8a:
         7d:2e:72:4c:ef:43:c8:a6:83:0b:33:ad:24:83:67:95:18:6f:
         5d:e6:77:14:ed:eb:56:32:db:44:1e:e2:ec:b7:fb:4f:0d:aa:
         57:0b:01:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncpS/OOjFSMkjqjUt8ZVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjYwMzI2MDAwMTUzWhcNMjYwMzI3MDAwMTUzWjAzMTEwLwYDVQQD
Eyg1OTYwM2JlNzNmOWY0ZWVmYjY1ODgyZmY5OTUwYjM1ZTU0MmUzNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsks2czn7REVxP9pAgTX3Dfvvzki
dhLgcEpq3U8K/vu2sjbJnRnU0L+UEq53/zFunEy37TGgvJ4Hvs9jii/jzO4DMU5l
BIOOMuITD4UfARydfXOZkNJSCHVSRIk7YXZYmwc3yGlZVispwVSpseVnEOVJpGJ7
nUna/7JbO4UU/OEUwJce3j0l+Z2rexG7MSNjJkUalKQCipkp3lL8Xwrf+v+oc0rH
xCAT3+Ups2+i4XIz+Nah2qxzzJWPAmGAZaXINUVT6kTjpd03F9KQ4FBRNZ2/tKf7
p0mxgLucBnnSdk3KnAvZqfvW8kZS176wOjLyESYmTZiaYxcR4Tfk4gw4ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlgO+c/n07vtliC/5lQs15ULjT6MB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnNrf6PM
23DBiX4KMEodbtf8kgW4ryvSA3MQ2MVF+Dgo8QLM0Y2YNFscg3sY3WgT975XrNfY
Th6ct1QVU2jrKv2decvHq0Z86MgNFAyTjXSWjulGpCalLIOPS0VnsCY8sRhBndjw
3XXEtVlwi0/CVzsJEYlCt8ZCTo2saRwF7CxE7vQxG3XZehnWDGQQW+59JxuKaAip
Owopxmj+D5Ex6gVGNnkH7XFibSuXbbhCQLISUE4S46RH8T46Iwi/OxhU0nqQWvmM
X7DzcHERcYn4SmNv217DBcSKfS5yTO9DyKaDCzOtJINnlRhvXeZ3FO3rVjLbRB7i
7Lf7Tw2qVwsBbQ==
-----END CERTIFICATE-----