Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          5PTCCrTrN1iHldXznLhu3qNMuCCUYRn7tjPq+iRpdE0=
Subject key identifier:   73:41:FD:5E:2C:05:6B:E8:9A:D4:00:19:AB:60:90:69:FC:CB:14:56
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019D27041EB0147A450136F66B4E071EEFCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          12F5
Signing time:             Wed 25 Mar 2026 22:01:14 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:14 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:14 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: 23iiUMzPj/AWW/A83I/gmDhRCj4oFeAjSMbdyLWalL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:1e:b0:14:7a:45:01:36:f6:6b:4e:07:1e:ef:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Mar 25 22:01:14 2026 GMT
            Not After : Mar 26 22:01:14 2026 GMT
        Subject: CN=7341fd5e2c056be89ad40019ab609069fccb1456
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b9:e4:35:1a:81:4e:ac:22:b9:16:8b:b3:d4:
                    93:ec:38:08:3b:3e:c7:22:60:2c:06:8c:cf:be:4f:
                    7a:de:30:b7:07:cc:2c:05:c1:4f:21:55:a7:9d:d2:
                    f5:04:13:e9:8c:53:15:60:6c:89:38:86:ed:d4:e3:
                    17:a6:5b:dc:5e:e8:1b:48:d7:e2:cd:c1:96:b0:7c:
                    59:84:84:49:d6:3b:46:b9:fc:0d:e2:65:fd:63:54:
                    00:87:f7:37:eb:d6:1d:90:5c:3f:18:20:c8:54:45:
                    a8:e7:d4:15:70:01:b9:23:6b:d7:ff:8b:00:fd:22:
                    f7:6c:89:ce:20:69:86:a3:1b:3b:5c:a7:95:5b:f1:
                    34:43:bc:54:4f:98:78:4f:bf:80:73:60:94:c7:f0:
                    62:4c:cc:3d:7b:90:e2:c1:b1:88:37:b1:5d:9c:a0:
                    5b:07:2c:45:54:77:6e:49:10:c4:e4:ed:94:14:de:
                    55:68:fb:6e:0f:b6:1e:f8:18:63:0f:ca:a7:16:28:
                    1f:0f:51:76:d6:d9:46:99:f3:e8:8a:60:ab:dd:d8:
                    39:d8:ac:f1:c7:5a:bf:d3:c3:d8:8f:d4:e9:8d:7a:
                    e9:7a:3c:e9:1e:30:e0:8c:5d:92:aa:a0:9c:e0:28:
                    29:56:e0:10:4a:b8:33:09:63:41:de:3b:99:e2:57:
                    c5:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:41:FD:5E:2C:05:6B:E8:9A:D4:00:19:AB:60:90:69:FC:CB:14:56
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:34:39:bc:4b:c6:aa:95:a5:ca:86:b6:f6:71:cc:ba:69:df:
         49:aa:2c:94:4a:3a:c5:25:fe:18:95:ef:53:6f:6d:c3:f4:e7:
         a0:18:88:03:f5:a6:d5:66:f6:48:0a:dd:51:5f:4a:25:90:a6:
         63:19:c6:36:e9:8b:35:ae:8e:19:0b:6f:a7:87:24:5e:a4:3c:
         22:d4:f2:f6:e1:e6:5c:a9:ba:ad:11:c4:3b:84:9f:c5:2d:26:
         b6:8f:00:96:36:db:52:2b:0b:c4:94:be:62:3c:c4:77:e2:af:
         13:8a:20:a0:69:00:52:f1:c9:df:e2:22:57:cb:a1:fe:de:b6:
         9e:74:b7:52:a8:02:e1:3b:e2:89:41:a4:80:83:5d:eb:40:39:
         da:ce:3f:6a:66:92:64:92:de:93:1b:b9:e8:bc:b6:f9:ec:8f:
         17:3b:8f:31:5c:cd:21:6a:99:06:c7:a1:6d:85:e6:26:e9:15:
         dc:ca:e5:e4:d2:21:f3:47:29:94:fd:58:33:80:43:29:ed:1a:
         00:16:f2:a7:1f:5e:be:19:60:e6:0d:66:a0:91:6e:c8:b1:ee:
         f5:16:97:e5:67:95:6d:a9:f2:59:a0:1d:73:64:b7:5c:66:e6:
         3b:dc:c8:74:a0:6f:d8:e8:23:a9:be:39:0a:a6:ac:5e:f3:32:
         d3:10:3f:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBB6wFHpFATb2a04HHu/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwMzI1MjIwMTE0WhcNMjYwMzI2MjIwMTE0WjAzMTEwLwYDVQQD
Eyg3MzQxZmQ1ZTJjMDU2YmU4OWFkNDAwMTlhYjYwOTA2OWZjY2IxNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbnkNRqBTqwiuRaLs9ST7DgIOz7H
ImAsBozPvk963jC3B8wsBcFPIVWnndL1BBPpjFMVYGyJOIbt1OMXplvcXugbSNfi
zcGWsHxZhIRJ1jtGufwN4mX9Y1QAh/c369YdkFw/GCDIVEWo59QVcAG5I2vX/4sA
/SL3bInOIGmGoxs7XKeVW/E0Q7xUT5h4T7+Ac2CUx/BiTMw9e5DiwbGIN7FdnKBb
ByxFVHduSRDE5O2UFN5VaPtuD7Ye+BhjD8qnFigfD1F21tlGmfPoimCr3dg52Kzx
x1q/08PYj9TpjXrpejzpHjDgjF2SqqCc4CgpVuAQSrgzCWNB3juZ4lfFyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNB/V4sBWvomtQAGatgkGn8yxRWMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArzQ5vEvG
qpWlyoa29nHMumnfSaoslEo6xSX+GJXvU29tw/TnoBiIA/Wm1Wb2SArdUV9KJZCm
YxnGNumLNa6OGQtvp4ckXqQ8ItTy9uHmXKm6rRHEO4SfxS0mto8AljbbUisLxJS+
YjzEd+KvE4ogoGkAUvHJ3+IiV8uh/t62nnS3UqgC4TviiUGkgINd60A52s4/amaS
ZJLekxu56Ly2+eyPFzuPMVzNIWqZBsehbYXmJukV3Mrl5NIh80cplP1YM4BDKe0a
ABbypx9evhlg5g1moJFuyLHu9RaX5WeVbanyWaAdc2S3XGbmO9zIdKBv2Ogjqb45
CqasXvMy0xA/og==
-----END CERTIFICATE-----