Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft
File:                     3LvdnN1oHwNDXWI8gxkw8ifwub8.mft (raw, json)
Hash identifier:          KAVDRrJ1n2aqAlfo+XbJtSO21d2MigzntMPzDF4IKDo=
Subject key identifier:   D2:AD:47:8A:2D:EF:59:C9:27:1F:A0:23:45:8F:FC:BB:B1:7E:57:44
Authority key identifier: DC:BB:DD:9C:DD:68:1F:03:43:5D:62:3C:83:19:30:F2:27:F0:B9:BF
Certificate issuer:       /CN=dcbbdd9cdd681f03435d623c831930f227f0b9bf
Certificate serial:       019E1EDA4CD55A0B5A605360B0D4C6C597D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3LvdnN1oHwNDXWI8gxkw8ifwub8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft
Manifest number:          015D
Signing time:             Wed 13 May 2026 01:01:23 +0000
Manifest this update:     Wed 13 May 2026 01:01:23 +0000
Manifest next update:     Thu 14 May 2026 01:01:23 +0000
Files and hashes:         1: 3LvdnN1oHwNDXWI8gxkw8ifwub8.crl (hash: /54m14gVZiiaWHkI1Fg9HfckmfQhuTkVVrYNFhm8nJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3LvdnN1oHwNDXWI8gxkw8ifwub8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 01:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:da:4c:d5:5a:0b:5a:60:53:60:b0:d4:c6:c5:97:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcbbdd9cdd681f03435d623c831930f227f0b9bf
        Validity
            Not Before: May 13 01:01:23 2026 GMT
            Not After : May 14 01:01:23 2026 GMT
        Subject: CN=d2ad478a2def59c9271fa023458ffcbbb17e5744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e1:1d:42:4d:20:5f:2b:54:c1:16:dc:c1:3c:
                    41:0e:50:f4:b3:55:02:00:73:2a:a1:aa:d1:47:ae:
                    68:c1:ee:96:82:b1:12:02:2f:cd:54:45:9c:b2:99:
                    cd:76:3c:27:84:b6:59:da:a0:9a:3d:2b:26:9c:b3:
                    56:ad:56:38:1f:6a:07:60:d0:ef:82:ff:0d:dd:a7:
                    d4:89:cb:19:f2:14:56:bf:74:97:51:fe:03:6d:e7:
                    64:dc:35:50:dd:6c:81:ae:ec:2b:3b:82:9b:27:e5:
                    83:30:3c:7f:83:f3:9f:bf:7c:89:16:ac:0d:0c:83:
                    c0:d5:75:c8:75:d7:93:db:a9:be:e9:ef:81:54:95:
                    81:f4:9e:0c:8e:c3:f8:bd:0b:ee:52:4c:74:52:34:
                    5c:bc:98:48:d6:54:0e:2e:38:90:72:f2:69:31:21:
                    03:29:33:75:35:27:56:bf:2d:9e:7c:1f:cb:86:ba:
                    c1:bf:12:57:f1:23:ff:f2:93:cb:75:96:7d:23:ab:
                    1c:5e:8a:d1:12:cf:f6:b2:f6:2c:2a:68:74:dd:df:
                    83:d7:fb:ec:6e:2d:de:54:8b:54:3e:96:12:ef:4f:
                    fe:56:70:f4:f6:97:69:77:11:e5:d6:89:18:85:29:
                    5d:f1:19:f5:89:b4:85:8f:cd:dc:ee:e4:69:87:58:
                    32:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:AD:47:8A:2D:EF:59:C9:27:1F:A0:23:45:8F:FC:BB:B1:7E:57:44
            X509v3 Authority Key Identifier:
                keyid:DC:BB:DD:9C:DD:68:1F:03:43:5D:62:3C:83:19:30:F2:27:F0:B9:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LvdnN1oHwNDXWI8gxkw8ifwub8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:88:93:fa:80:1f:d2:64:70:2a:d9:51:84:72:bb:92:07:c3:
         84:99:f8:5e:fe:99:ac:6f:1a:8d:91:5e:19:a1:47:c8:76:39:
         b6:d9:4f:d1:5a:7e:d4:7e:5c:01:36:20:e6:fa:95:b0:d1:26:
         f6:95:1d:86:db:e8:c0:fd:29:9e:19:ac:e5:18:e9:17:21:56:
         90:25:04:22:f6:94:fd:d7:01:cb:3e:1c:85:06:0b:f9:e5:e8:
         ba:bc:1b:b0:bf:a1:01:11:99:c1:0c:d7:5e:5d:bd:9c:fc:7b:
         0e:23:f6:0c:61:36:28:2d:15:62:29:30:aa:38:e9:0d:f2:8d:
         fb:a1:ca:a4:6e:d4:c6:be:19:b3:6d:38:64:39:da:f4:b0:42:
         be:19:ee:b9:4c:c8:db:59:e7:b6:79:83:97:c3:02:07:98:ba:
         01:4d:97:e0:0c:8d:ff:c3:4b:96:89:d4:6f:1b:d7:c5:5f:25:
         b0:d8:a7:36:75:4f:c8:b2:86:80:60:d9:91:b2:5a:5b:c2:ef:
         1b:e6:1c:fc:08:ad:07:b9:51:f9:cd:8f:6c:98:cf:6d:e8:1e:
         a6:e3:01:57:c5:3f:c0:d0:55:df:88:c6:7f:f8:ca:fd:35:9c:
         35:9e:84:97:92:c4:77:35:b5:8f:45:43:2b:08:53:99:7f:40:
         06:72:42:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4e2kzVWgtaYFNgsNTGxZfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmJkZDljZGQ2ODFmMDM0MzVkNjIzYzgzMTkzMGYyMjdm
MGI5YmYwHhcNMjYwNTEzMDEwMTIzWhcNMjYwNTE0MDEwMTIzWjAzMTEwLwYDVQQD
EyhkMmFkNDc4YTJkZWY1OWM5MjcxZmEwMjM0NThmZmNiYmIxN2U1NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneEdQk0gXytUwRbcwTxBDlD0s1UC
AHMqoarRR65owe6WgrESAi/NVEWcspnNdjwnhLZZ2qCaPSsmnLNWrVY4H2oHYNDv
gv8N3afUicsZ8hRWv3SXUf4Dbedk3DVQ3WyBruwrO4KbJ+WDMDx/g/Ofv3yJFqwN
DIPA1XXIddeT26m+6e+BVJWB9J4MjsP4vQvuUkx0UjRcvJhI1lQOLjiQcvJpMSED
KTN1NSdWvy2efB/LhrrBvxJX8SP/8pPLdZZ9I6scXorREs/2svYsKmh03d+D1/vs
bi3eVItUPpYS70/+VnD09pdpdxHl1okYhSld8Rn1ibSFj83c7uRph1gylQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKtR4ot71nJJx+gI0WP/LuxfldEMB8GA1UdIwQY
MBaAFNy73ZzdaB8DQ11iPIMZMPIn8Lm/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0x2ZG5OMW9Id05EWFdJOGd4a3c4aWZ3dWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84YWFhNTQtNDMxNS00OGQ0LTlmN2Et
ODk4NDY1ODJjYmFkLzEvM0x2ZG5OMW9Id05EWFdJOGd4a3c4aWZ3dWI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84YWFhNTQtNDMxNS00OGQ0LTlmN2EtODk4NDY1ODJjYmFk
LzEvM0x2ZG5OMW9Id05EWFdJOGd4a3c4aWZ3dWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyYiT+oAf
0mRwKtlRhHK7kgfDhJn4Xv6ZrG8ajZFeGaFHyHY5ttlP0Vp+1H5cATYg5vqVsNEm
9pUdhtvowP0pnhms5RjpFyFWkCUEIvaU/dcByz4chQYL+eXourwbsL+hARGZwQzX
Xl29nPx7DiP2DGE2KC0VYikwqjjpDfKN+6HKpG7Uxr4Zs204ZDna9LBCvhnuuUzI
21nntnmDl8MCB5i6AU2X4AyN/8NLlonUbxvXxV8lsNinNnVPyLKGgGDZkbJaW8Lv
G+Yc/AitB7lR+c2PbJjPbegepuMBV8U/wNBV34jGf/jK/TWcNZ6El5LEdzW1j0VD
KwhTmX9ABnJCWA==
-----END CERTIFICATE-----