Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          wRs0VRwwxYSIMm2/XQhRRfK/ESMiXteNkyjgCyLLZHE=
Subject key identifier:   FD:59:02:DF:DE:80:B1:41:69:DA:6D:AA:9A:D5:01:94:1D:59:DF:B9
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019E1C4788ED26142FF19379EA994E199121
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          1374
Signing time:             Tue 12 May 2026 13:01:50 +0000
Manifest this update:     Tue 12 May 2026 13:01:50 +0000
Manifest next update:     Wed 13 May 2026 13:01:50 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: RyEgZpG+ic4VBAnsvsSKy//FErN8yu0mj6w4t2SbIqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:88:ed:26:14:2f:f1:93:79:ea:99:4e:19:91:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: May 12 13:01:50 2026 GMT
            Not After : May 13 13:01:50 2026 GMT
        Subject: CN=fd5902dfde80b14169da6daa9ad501941d59dfb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:6c:08:85:06:b4:dd:ee:a1:46:b3:f2:57:8e:
                    d2:4d:72:36:22:db:a9:e3:62:c0:36:83:40:38:2d:
                    c3:a7:cc:54:62:04:ef:1d:5a:ed:c1:6e:4f:44:fa:
                    79:d4:93:6e:5e:d8:c9:e6:a4:ee:c7:5b:f6:bd:a7:
                    64:81:b6:68:93:6d:8c:4c:0e:0d:b2:18:82:de:ee:
                    d0:ed:2c:c9:e1:d6:77:80:8f:b7:ea:63:8c:73:95:
                    b2:d0:f0:e2:d8:01:d0:81:d2:69:9f:f1:f6:d4:d6:
                    58:1d:7d:b3:c6:e3:21:96:53:0f:9d:d4:9b:5f:ad:
                    ab:61:88:01:28:1c:80:4c:df:6b:ca:69:ab:e2:9e:
                    d0:33:50:27:b5:0a:a6:dd:65:72:73:3d:85:e5:a8:
                    48:94:16:87:60:8c:a4:be:9c:59:ec:a7:40:f6:77:
                    14:75:8e:11:a0:d0:68:a9:cd:8a:44:da:5d:eb:09:
                    a8:4a:a2:49:0b:38:39:8e:57:8a:09:12:5b:f2:2a:
                    9d:30:04:14:c1:3b:a0:01:22:0a:a1:04:61:5b:b7:
                    cb:4b:1b:34:15:b9:76:c1:a0:90:ac:cf:ab:04:ee:
                    97:56:99:26:c6:47:92:ff:70:b9:a2:05:82:4b:bf:
                    e8:d2:8c:ec:f3:43:91:3d:74:bc:c7:76:fa:c1:8f:
                    ea:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:59:02:DF:DE:80:B1:41:69:DA:6D:AA:9A:D5:01:94:1D:59:DF:B9
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:83:a5:1b:56:b0:dd:d7:90:7a:ad:b6:3f:60:7e:b6:15:74:
         7c:ef:70:47:79:de:01:6e:57:d3:51:be:5d:20:16:dd:1e:2d:
         a0:e9:f5:94:05:b2:4e:e1:87:a2:3b:9b:1d:f0:b3:5d:94:f2:
         e3:f9:f9:71:e0:a2:4e:46:ed:d1:2b:4a:33:19:f8:25:8f:50:
         29:3b:30:87:e5:7c:b3:26:54:c7:d1:09:ae:2f:03:23:4c:f8:
         33:8c:be:e5:58:c5:e4:83:7f:66:1c:6f:d5:67:ed:95:00:c2:
         e1:2d:a3:79:82:ee:aa:35:42:5a:58:bd:88:8d:8a:10:9d:c1:
         9e:7f:88:75:e6:3f:b2:e2:10:64:a6:f5:c3:74:a3:aa:34:c6:
         b0:43:77:0c:98:69:4d:a5:e2:2f:0a:a4:f0:f2:ef:ac:ed:6d:
         b2:c1:6e:7b:da:25:f9:06:68:06:24:37:82:66:ed:57:9a:32:
         b7:6c:87:f7:94:13:7a:d9:85:0a:e0:77:83:fd:0b:7d:9c:18:
         ae:84:44:e1:1f:bb:2f:f0:46:0c:16:9d:8f:45:24:95:48:a1:
         a5:01:2f:12:16:a4:78:6f:70:49:89:ce:c2:f1:72:0d:c1:0b:
         d2:01:8a:80:0b:2d:f6:6a:9e:b5:7b:20:b4:c1:a1:64:b6:7b:
         76:b0:d3:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cR4jtJhQv8ZN56plOGZEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwNTEyMTMwMTUwWhcNMjYwNTEzMTMwMTUwWjAzMTEwLwYDVQQD
EyhmZDU5MDJkZmRlODBiMTQxNjlkYTZkYWE5YWQ1MDE5NDFkNTlkZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGwIhQa03e6hRrPyV47STXI2Itup
42LANoNAOC3Dp8xUYgTvHVrtwW5PRPp51JNuXtjJ5qTux1v2vadkgbZok22MTA4N
shiC3u7Q7SzJ4dZ3gI+36mOMc5Wy0PDi2AHQgdJpn/H21NZYHX2zxuMhllMPndSb
X62rYYgBKByATN9rymmr4p7QM1AntQqm3WVycz2F5ahIlBaHYIykvpxZ7KdA9ncU
dY4RoNBoqc2KRNpd6wmoSqJJCzg5jleKCRJb8iqdMAQUwTugASIKoQRhW7fLSxs0
Fbl2waCQrM+rBO6XVpkmxkeS/3C5ogWCS7/o0ozs80ORPXS8x3b6wY/q3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1ZAt/egLFBadptqprVAZQdWd+5MB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYOlG1aw
3deQeq22P2B+thV0fO9wR3neAW5X01G+XSAW3R4toOn1lAWyTuGHojubHfCzXZTy
4/n5ceCiTkbt0StKMxn4JY9QKTswh+V8syZUx9EJri8DI0z4M4y+5VjF5IN/Zhxv
1WftlQDC4S2jeYLuqjVCWli9iI2KEJ3Bnn+IdeY/suIQZKb1w3SjqjTGsEN3DJhp
TaXiLwqk8PLvrO1tssFue9ol+QZoBiQ3gmbtV5oyt2yH95QTetmFCuB3g/0LfZwY
roRE4R+7L/BGDBadj0UklUihpQEvEhakeG9wSYnOwvFyDcEL0gGKgAst9mqetXsg
tMGhZLZ7drDTuA==
-----END CERTIFICATE-----