Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft
File:                     3-ytVuquEjX6eI5OrTkiwpbig6U.mft (raw, json)
Hash identifier:          oZuAUO91UUxhftjrcfzPLQs/rC6GwLGvosC6eQbQNx4=
Subject key identifier:   40:DF:F6:88:1F:B6:DC:6A:8E:D4:DF:13:C5:0E:31:18:B5:BF:C6:00
Authority key identifier: DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5
Certificate issuer:       /CN=dfecad56eaae1235fa788e4ead3922c296e283a5
Certificate serial:       019E1ED9D823D5C98A18349524496F36D6FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft
Manifest number:          0440
Signing time:             Wed 13 May 2026 01:00:53 +0000
Manifest this update:     Wed 13 May 2026 01:00:53 +0000
Manifest next update:     Thu 14 May 2026 01:00:53 +0000
Files and hashes:         1: 3-ytVuquEjX6eI5OrTkiwpbig6U.crl (hash: 8oP8BQj2uWz3UKc0TFH+lQAL1QcWSdh5x4IkrHzPBAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:d9:d8:23:d5:c9:8a:18:34:95:24:49:6f:36:d6:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfecad56eaae1235fa788e4ead3922c296e283a5
        Validity
            Not Before: May 13 01:00:53 2026 GMT
            Not After : May 14 01:00:53 2026 GMT
        Subject: CN=40dff6881fb6dc6a8ed4df13c50e3118b5bfc600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:46:44:8e:94:99:69:b1:45:a5:4b:c2:92:b6:
                    72:45:29:ed:a4:b7:6d:d7:a8:f1:d8:59:7b:8b:ef:
                    11:9e:76:d3:b2:84:b3:19:1a:be:b1:fd:ec:ca:9f:
                    67:80:7a:2b:1f:80:e4:7d:92:72:e3:bb:b6:24:5d:
                    39:15:05:59:75:66:f5:b2:2c:e7:d9:78:8b:9b:b5:
                    45:9e:2b:29:c5:e5:b9:fa:35:c0:ca:d5:ea:68:db:
                    e0:f6:05:41:5d:41:bc:f6:14:e6:c0:97:8b:4a:2c:
                    50:f5:51:70:5b:22:70:94:4e:8a:a2:c3:93:0d:db:
                    d6:f6:eb:63:58:34:71:51:ab:67:ad:2a:0e:bb:fc:
                    57:13:80:00:dc:38:1d:fb:44:55:1c:9f:63:b6:da:
                    93:a4:c0:6c:6e:9e:6a:53:67:48:8b:9e:ea:03:5d:
                    19:7f:19:60:71:9b:4c:38:d4:d4:4a:f7:d7:ec:58:
                    17:e2:58:cc:ea:50:2f:e9:fc:75:bd:4c:e9:a2:ed:
                    ba:ac:1a:ef:bd:1e:1b:20:09:6c:2d:e4:c9:29:0d:
                    76:b9:dd:2d:f4:5b:a6:ba:63:79:3f:d0:a2:2a:d0:
                    14:88:2b:50:dd:48:9d:25:e4:c6:0e:c6:a4:27:ba:
                    2f:e2:9b:77:92:61:51:48:71:a5:dc:5a:b3:92:56:
                    fe:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:DF:F6:88:1F:B6:DC:6A:8E:D4:DF:13:C5:0E:31:18:B5:BF:C6:00
            X509v3 Authority Key Identifier:
                keyid:DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:93:f6:16:65:0c:33:78:f4:52:8c:f5:36:61:22:f1:2d:be:
         e9:a1:48:ab:ed:90:23:f1:5d:f9:9c:df:d7:7c:23:c2:3f:38:
         59:88:e2:aa:b5:38:68:ad:56:82:56:68:0a:b2:cc:f4:58:76:
         ef:4a:c8:41:89:d7:33:e5:d3:7b:e9:53:41:73:dc:1b:46:d8:
         76:9e:39:c6:a8:f2:f3:e5:d4:1d:56:8a:f3:4b:ea:a5:eb:f4:
         ea:8c:91:61:b2:3b:1d:da:7c:08:16:5d:f7:b4:39:27:d3:90:
         24:ce:70:73:cf:bb:8c:d4:5f:9d:38:42:d4:ab:1f:5c:d3:70:
         69:87:b5:32:8f:4b:7f:68:8e:eb:e2:c7:35:af:73:7a:b9:2a:
         7e:cc:ef:b5:a8:99:fa:ce:51:fe:be:cc:9b:e2:4a:2d:64:68:
         90:bf:a5:f9:75:1f:a1:dd:a7:28:4d:48:94:b0:44:e2:a6:39:
         77:15:a4:e4:db:1f:ac:86:57:0e:14:46:52:b2:e6:c3:07:11:
         97:95:13:a1:65:57:d4:c6:c3:4a:d3:e2:0d:9f:4f:72:cd:49:
         a8:7a:7a:6e:cb:2a:95:2f:1c:36:33:24:5d:71:59:a8:27:9c:
         7c:a9:b0:19:3a:51:dc:8f:c8:46:42:24:39:dc:70:e7:ef:16:
         c3:78:b1:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4e2dgj1cmKGDSVJElvNtb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWNhZDU2ZWFhZTEyMzVmYTc4OGU0ZWFkMzkyMmMyOTZl
MjgzYTUwHhcNMjYwNTEzMDEwMDUzWhcNMjYwNTE0MDEwMDUzWjAzMTEwLwYDVQQD
Eyg0MGRmZjY4ODFmYjZkYzZhOGVkNGRmMTNjNTBlMzExOGI1YmZjNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEZEjpSZabFFpUvCkrZyRSntpLdt
16jx2Fl7i+8RnnbTsoSzGRq+sf3syp9ngHorH4DkfZJy47u2JF05FQVZdWb1sizn
2XiLm7VFnispxeW5+jXAytXqaNvg9gVBXUG89hTmwJeLSixQ9VFwWyJwlE6KosOT
DdvW9utjWDRxUatnrSoOu/xXE4AA3Dgd+0RVHJ9jttqTpMBsbp5qU2dIi57qA10Z
fxlgcZtMONTUSvfX7FgX4ljM6lAv6fx1vUzpou26rBrvvR4bIAlsLeTJKQ12ud0t
9FumumN5P9CiKtAUiCtQ3UidJeTGDsakJ7ov4pt3kmFRSHGl3Fqzklb+2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDf9ogfttxqjtTfE8UOMRi1v8YAMB8GA1UdIwQY
MBaAFN/srVbqrhI1+niOTq05IsKW4oOlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMt
Njc3YmFiNjEzYWZmLzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMtNjc3YmFiNjEzYWZm
LzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpP2FmUM
M3j0Uoz1NmEi8S2+6aFIq+2QI/Fd+Zzf13wjwj84WYjiqrU4aK1WglZoCrLM9Fh2
70rIQYnXM+XTe+lTQXPcG0bYdp45xqjy8+XUHVaK80vqpev06oyRYbI7Hdp8CBZd
97Q5J9OQJM5wc8+7jNRfnThC1KsfXNNwaYe1Mo9Lf2iO6+LHNa9zerkqfszvtaiZ
+s5R/r7Mm+JKLWRokL+l+XUfod2nKE1IlLBE4qY5dxWk5NsfrIZXDhRGUrLmwwcR
l5UToWVX1MbDStPiDZ9Pcs1JqHp6bssqlS8cNjMkXXFZqCecfKmwGTpR3I/IRkIk
Odxw5+8Ww3ix3A==
-----END CERTIFICATE-----