Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          Xs+GAeiAPt2lbsx1rm5kxrhnTQKkSimdJy5O+bUt/5w=
Subject key identifier:   9D:4C:54:3F:3D:2E:E0:6E:B2:74:D1:34:5C:D7:85:85:C7:77:52:AC
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       019E1D591E8326EF8793EA1405BBD2B7EA0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          04C4
Signing time:             Tue 12 May 2026 18:00:40 +0000
Manifest this update:     Tue 12 May 2026 18:00:40 +0000
Manifest next update:     Wed 13 May 2026 18:00:40 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: 2yDkhDHURz80jTXLYn9FuzxdyjaJkhPBx+6DSwmq3XI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 18:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:59:1e:83:26:ef:87:93:ea:14:05:bb:d2:b7:ea:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: May 12 18:00:40 2026 GMT
            Not After : May 13 18:00:40 2026 GMT
        Subject: CN=9d4c543f3d2ee06eb274d1345cd78585c77752ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8b:2e:ae:f8:2f:62:d2:2a:0c:6c:1f:91:5c:
                    2e:1b:85:db:7c:48:af:f4:9a:68:d6:37:d5:94:2c:
                    a9:4d:02:93:a2:c6:8c:14:8d:7e:04:1d:07:f8:9e:
                    73:6e:d0:54:36:bc:de:86:e3:b9:fc:85:2b:b6:ed:
                    11:f4:be:a3:0b:c7:15:5b:75:4c:3e:98:5d:db:2d:
                    af:ed:00:88:19:ac:62:6c:79:29:92:29:8e:c3:26:
                    97:06:4c:2d:3b:59:be:30:97:f5:59:f0:68:e5:6b:
                    2b:4e:dd:97:ec:41:42:66:b2:f0:74:99:08:04:67:
                    4a:9c:ed:1e:48:f7:ef:df:81:a9:93:1a:22:9e:46:
                    1d:85:c0:e9:27:d9:0a:78:54:7d:55:01:ae:00:cc:
                    cb:20:a0:82:2f:f5:04:8d:5b:b3:db:98:94:3a:f5:
                    3d:78:61:3b:86:f3:f9:aa:6c:2b:e1:a1:75:f8:ce:
                    8c:56:46:d7:ca:14:79:18:ee:ad:4b:c2:4e:90:e8:
                    96:c9:00:ed:8e:59:e1:a4:78:f5:12:90:15:06:4d:
                    d6:d7:22:cd:1b:04:fc:ba:bf:e2:2d:a6:b9:59:3c:
                    07:27:f8:21:87:44:4b:80:64:48:de:bd:e7:38:1e:
                    83:c5:05:7f:dd:54:90:a1:91:bd:4a:15:50:72:c9:
                    31:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:4C:54:3F:3D:2E:E0:6E:B2:74:D1:34:5C:D7:85:85:C7:77:52:AC
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:85:7a:88:4b:7c:58:2a:b9:4f:5f:2f:28:c3:c7:b2:27:ff:
         f3:c6:20:30:05:e3:79:1d:0b:01:70:08:c4:3c:81:d1:de:33:
         ab:42:01:d4:9a:07:c9:e5:06:0f:80:b3:c5:1d:7e:0d:7d:65:
         d5:e7:80:26:f7:66:43:89:a3:87:e9:16:59:42:9d:11:66:bf:
         62:71:28:4b:9d:d4:06:b3:a9:67:6c:79:75:66:90:29:96:97:
         bd:cb:6b:20:29:58:f9:ca:87:a7:be:77:59:ee:2d:a9:12:0f:
         06:06:40:a7:32:30:e0:a3:7d:b3:6f:4d:6d:4f:41:ee:c5:a0:
         00:37:16:07:a7:dc:0d:cb:b2:8e:0f:4a:5b:86:be:35:ec:0b:
         97:ad:48:2b:49:9d:ef:9e:0f:5e:53:7f:28:ac:2c:ef:a9:b1:
         6b:e0:d0:30:24:af:c6:eb:f7:a8:94:ba:e3:58:cb:89:c4:ae:
         11:7a:c5:10:39:8a:1a:d9:77:07:3d:3f:0c:d1:54:07:83:56:
         ba:97:61:7b:54:b9:18:3f:05:78:14:c5:a6:8d:cb:48:9e:c6:
         f7:ae:a3:1a:79:3e:1f:40:f8:a5:cb:33:22:e5:35:4f:18:02:
         de:f0:99:82:47:39:5f:d7:a4:96:da:11:61:c2:96:3f:82:fb:
         14:04:64:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dWR6DJu+Hk+oUBbvSt+oKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjYwNTEyMTgwMDQwWhcNMjYwNTEzMTgwMDQwWjAzMTEwLwYDVQQD
Eyg5ZDRjNTQzZjNkMmVlMDZlYjI3NGQxMzQ1Y2Q3ODU4NWM3Nzc1MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYsurvgvYtIqDGwfkVwuG4XbfEiv
9Jpo1jfVlCypTQKTosaMFI1+BB0H+J5zbtBUNrzehuO5/IUrtu0R9L6jC8cVW3VM
Pphd2y2v7QCIGaxibHkpkimOwyaXBkwtO1m+MJf1WfBo5WsrTt2X7EFCZrLwdJkI
BGdKnO0eSPfv34GpkxoinkYdhcDpJ9kKeFR9VQGuAMzLIKCCL/UEjVuz25iUOvU9
eGE7hvP5qmwr4aF1+M6MVkbXyhR5GO6tS8JOkOiWyQDtjlnhpHj1EpAVBk3W1yLN
GwT8ur/iLaa5WTwHJ/ghh0RLgGRI3r3nOB6DxQV/3VSQoZG9ShVQcskxqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1MVD89LuBusnTRNFzXhYXHd1KsMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvoV6iEt8
WCq5T18vKMPHsif/88YgMAXjeR0LAXAIxDyB0d4zq0IB1JoHyeUGD4CzxR1+DX1l
1eeAJvdmQ4mjh+kWWUKdEWa/YnEoS53UBrOpZ2x5dWaQKZaXvctrIClY+cqHp753
We4tqRIPBgZApzIw4KN9s29NbU9B7sWgADcWB6fcDcuyjg9KW4a+NewLl61IK0md
754PXlN/KKws76mxa+DQMCSvxuv3qJS641jLicSuEXrFEDmKGtl3Bz0/DNFUB4NW
updhe1S5GD8FeBTFpo3LSJ7G966jGnk+H0D4pcszIuU1TxgC3vCZgkc5X9ekltoR
YcKWP4L7FARkVw==
-----END CERTIFICATE-----