Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          iKbzH0LQbPU3Qnf3gfog0SVzQi7dTZSTekVxdo+XCI8=
Subject key identifier:   7D:3D:4E:52:F8:B0:9E:EF:80:7D:60:42:0B:9B:E7:25:97:4D:F4:E2
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019E2F9750A7F6777A0F35CDE51C894ED70E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          10B0
Signing time:             Sat 16 May 2026 07:01:46 +0000
Manifest this update:     Sat 16 May 2026 07:01:46 +0000
Manifest next update:     Sun 17 May 2026 07:01:46 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: egW8WNxLMzD7FgICTHD3E25tqZ1LTfaMeIAQ9QwfLiA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:50:a7:f6:77:7a:0f:35:cd:e5:1c:89:4e:d7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: May 16 07:01:46 2026 GMT
            Not After : May 17 07:01:46 2026 GMT
        Subject: CN=7d3d4e52f8b09eef807d60420b9be725974df4e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:78:d7:6e:0c:b5:bf:1f:71:a8:fa:e5:da:3c:
                    be:8f:6c:0f:90:e5:bc:32:db:fe:a9:d7:2b:aa:0c:
                    47:25:4e:26:62:fc:eb:86:78:52:71:f9:42:d0:93:
                    a7:84:9b:33:d4:49:d7:e4:4e:31:b0:a3:b4:cf:b9:
                    dc:04:6b:84:83:31:47:e7:8f:15:ac:cd:58:43:4f:
                    4e:3e:57:ab:97:b0:17:ed:f6:a4:8f:f1:1a:f1:4e:
                    38:ed:5b:2c:94:00:91:39:31:dd:28:58:be:76:08:
                    a0:37:dd:f9:db:75:6e:f9:77:8e:3c:45:67:a0:46:
                    52:f3:7d:71:c4:2d:17:77:3a:13:56:6a:fb:f8:d8:
                    1a:df:d8:f5:fd:b9:64:cd:b0:69:d7:09:e5:61:85:
                    f7:32:a6:f9:b2:b6:fd:b6:6c:11:27:06:96:7e:cb:
                    04:54:df:1a:99:6f:05:6c:41:56:3e:9f:df:ac:ee:
                    18:ea:a4:6c:59:c2:d8:ad:16:76:4c:cd:99:e6:be:
                    0b:14:25:f8:a1:e8:45:a8:bc:4c:ed:a4:36:ac:c9:
                    48:6e:31:35:ce:db:47:a2:c7:63:c2:50:20:a0:47:
                    24:56:4c:2b:25:2d:83:4b:a1:86:10:f2:4d:cb:d1:
                    69:2c:81:25:1c:5c:6f:0d:c0:f9:6d:c9:e3:51:82:
                    63:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:3D:4E:52:F8:B0:9E:EF:80:7D:60:42:0B:9B:E7:25:97:4D:F4:E2
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:62:06:13:69:7b:f5:62:fe:57:a8:8d:20:b2:d7:13:44:ad:
         1f:08:95:2d:16:06:16:ae:01:4c:c0:4f:49:84:6b:a6:4e:e3:
         b6:3c:ab:73:c2:8c:3a:9d:68:48:3f:95:2e:4f:e5:ed:b4:ef:
         b0:1b:97:bc:95:9a:2b:93:b0:cf:a4:32:dc:d4:d9:53:31:77:
         e4:14:50:af:51:47:f7:a6:05:a4:79:39:8b:28:36:51:15:30:
         15:a2:6d:dc:bf:30:9b:02:2a:e0:c9:77:e0:b3:f8:4d:e3:e5:
         e7:46:ac:f9:9b:81:27:24:ba:52:64:27:34:fd:99:ae:1c:28:
         fc:6b:31:21:34:f4:de:84:19:10:69:e9:fb:40:79:38:f6:dc:
         b0:d1:27:b2:fd:df:cc:5f:7a:f4:a1:7f:3a:9d:0b:6b:d3:16:
         5b:b6:69:7e:83:de:b4:73:c5:1d:41:98:ca:4b:6e:15:e2:7d:
         e6:f8:3c:78:14:3f:15:73:1d:39:67:fc:1b:ff:ae:62:a6:bb:
         d9:ee:87:e8:12:6d:68:8e:eb:00:fd:b9:85:d6:19:9e:73:fd:
         28:b7:de:9f:37:4a:8f:f7:42:83:07:b0:d6:b4:3e:a9:5f:22:
         06:28:62:c3:c2:7d:b0:aa:7f:3a:09:b4:fb:f2:e5:d7:5c:1b:
         66:ac:b5:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vl1Cn9nd6DzXN5RyJTtcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwNTE2MDcwMTQ2WhcNMjYwNTE3MDcwMTQ2WjAzMTEwLwYDVQQD
Eyg3ZDNkNGU1MmY4YjA5ZWVmODA3ZDYwNDIwYjliZTcyNTk3NGRmNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXjXbgy1vx9xqPrl2jy+j2wPkOW8
Mtv+qdcrqgxHJU4mYvzrhnhScflC0JOnhJsz1EnX5E4xsKO0z7ncBGuEgzFH548V
rM1YQ09OPlerl7AX7fakj/Ea8U447VsslACROTHdKFi+dgigN93523Vu+XeOPEVn
oEZS831xxC0XdzoTVmr7+Nga39j1/blkzbBp1wnlYYX3Mqb5srb9tmwRJwaWfssE
VN8amW8FbEFWPp/frO4Y6qRsWcLYrRZ2TM2Z5r4LFCX4oehFqLxM7aQ2rMlIbjE1
zttHosdjwlAgoEckVkwrJS2DS6GGEPJNy9FpLIElHFxvDcD5bcnjUYJjPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH09TlL4sJ7vgH1gQgub5yWXTfTiMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGIGE2l7
9WL+V6iNILLXE0StHwiVLRYGFq4BTMBPSYRrpk7jtjyrc8KMOp1oSD+VLk/l7bTv
sBuXvJWaK5Owz6Qy3NTZUzF35BRQr1FH96YFpHk5iyg2URUwFaJt3L8wmwIq4Ml3
4LP4TePl50as+ZuBJyS6UmQnNP2Zrhwo/GsxITT03oQZEGnp+0B5OPbcsNEnsv3f
zF969KF/Op0La9MWW7ZpfoPetHPFHUGYyktuFeJ95vg8eBQ/FXMdOWf8G/+uYqa7
2e6H6BJtaI7rAP25hdYZnnP9KLfenzdKj/dCgwew1rQ+qV8iBihiw8J9sKp/Ogm0
+/Ll11wbZqy1ug==
-----END CERTIFICATE-----