Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          AfBHY6nshrEmP9yMO3nnKZ5MYPD/056gGg66ZR+azMw=
Subject key identifier:   69:1B:F8:34:03:F8:A6:3E:CF:40:55:E0:D3:91:49:A4:D0:1E:A1:32
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019F17551499785CAF624331345B9C623678
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          1128
Signing time:             Tue 30 Jun 2026 07:01:19 +0000
Manifest this update:     Tue 30 Jun 2026 07:01:19 +0000
Manifest next update:     Wed 01 Jul 2026 07:01:19 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: p+HkquTocfoRDGCYdg/ujBa1OSE1Y5dIJOqGLdxElVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:55:14:99:78:5c:af:62:43:31:34:5b:9c:62:36:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Jun 30 07:01:19 2026 GMT
            Not After : Jul  1 07:01:19 2026 GMT
        Subject: CN=691bf83403f8a63ecf4055e0d39149a4d01ea132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:84:b3:22:3f:ff:08:5b:fc:be:06:72:9f:2c:
                    81:42:3d:49:85:b8:35:24:c0:c1:40:57:db:1f:0b:
                    a5:d2:b9:ea:c5:63:a5:56:a8:26:78:04:8f:d8:f9:
                    98:2d:e5:46:95:c9:ea:52:40:3b:72:0e:67:70:98:
                    72:e9:77:0e:cb:2f:3e:d6:a1:f8:15:72:18:97:11:
                    ac:f1:a8:ac:0e:4f:c4:ad:81:25:4b:ff:8e:73:5e:
                    ed:19:aa:47:62:e6:d8:11:6d:96:7f:b5:a0:64:7d:
                    15:42:2e:78:1c:cd:d0:12:f5:3d:3b:fb:13:46:9d:
                    b3:e9:3d:9c:13:ed:47:e1:c1:71:89:4a:89:65:10:
                    71:00:73:3c:ae:73:47:d8:d3:f0:14:09:87:8a:c6:
                    55:7a:15:47:0e:3e:f6:8c:27:bd:16:22:54:64:ba:
                    06:39:95:e7:12:f3:a8:79:f4:ff:bb:b8:0f:b5:9e:
                    8a:b5:a2:f0:d5:ed:3a:bf:b4:03:e3:92:88:1d:8c:
                    c0:f7:a8:65:25:50:d4:d2:20:0d:f6:df:50:34:ce:
                    74:27:fc:a6:f3:66:f2:11:87:58:8b:26:f9:64:64:
                    52:47:9b:95:c7:1d:af:b1:b6:5e:e5:e6:c7:84:f0:
                    8f:77:74:0b:8b:ed:b9:26:83:c3:90:ba:5f:88:77:
                    fe:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:1B:F8:34:03:F8:A6:3E:CF:40:55:E0:D3:91:49:A4:D0:1E:A1:32
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:01:1b:9b:46:34:9d:ec:c6:a6:ac:f6:62:ad:81:b5:7b:39:
         9d:1f:0a:c3:8c:9f:05:f0:23:f1:df:00:71:3e:36:c0:0d:75:
         52:6f:36:38:2c:b8:7f:a0:60:ed:79:aa:50:5d:ad:f0:d4:af:
         64:ce:5a:f8:1e:d5:5b:6f:01:99:39:86:55:43:aa:c3:4b:45:
         76:54:43:3f:10:0d:42:1d:23:d5:ad:ec:fa:7a:61:81:eb:1c:
         5b:de:6c:b3:1d:93:94:71:9f:28:56:5c:84:bc:1f:8d:fd:7a:
         a1:65:87:52:f0:90:16:60:65:ca:10:a2:2d:6a:13:79:40:27:
         03:4b:3d:14:17:fb:2f:16:38:e9:c9:96:41:86:98:ce:39:aa:
         31:80:31:6e:07:09:23:1e:3f:9f:b6:6d:33:c2:06:e3:8c:30:
         bc:ad:67:85:ba:73:05:17:53:c2:2c:96:e3:a9:11:5f:1e:a1:
         dd:73:e6:3e:f8:6b:3d:f9:92:f2:27:fc:34:3f:24:2b:62:f8:
         41:e2:cf:9d:86:23:83:1a:33:17:57:06:52:c0:6c:63:18:c6:
         11:2c:d0:b6:2b:8d:8f:37:ba:3e:63:a3:db:42:bf:d4:ff:a7:
         3f:00:c5:99:65:56:29:ae:60:b8:3b:90:6b:49:e3:13:64:a2:
         ee:71:35:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVRSZeFyvYkMxNFucYjZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwNjMwMDcwMTE5WhcNMjYwNzAxMDcwMTE5WjAzMTEwLwYDVQQD
Eyg2OTFiZjgzNDAzZjhhNjNlY2Y0MDU1ZTBkMzkxNDlhNGQwMWVhMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oSzIj//CFv8vgZynyyBQj1Jhbg1
JMDBQFfbHwul0rnqxWOlVqgmeASP2PmYLeVGlcnqUkA7cg5ncJhy6XcOyy8+1qH4
FXIYlxGs8aisDk/ErYElS/+Oc17tGapHYubYEW2Wf7WgZH0VQi54HM3QEvU9O/sT
Rp2z6T2cE+1H4cFxiUqJZRBxAHM8rnNH2NPwFAmHisZVehVHDj72jCe9FiJUZLoG
OZXnEvOoefT/u7gPtZ6KtaLw1e06v7QD45KIHYzA96hlJVDU0iAN9t9QNM50J/ym
82byEYdYiyb5ZGRSR5uVxx2vsbZe5ebHhPCPd3QLi+25JoPDkLpfiHf+bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkb+DQD+KY+z0BV4NORSaTQHqEyMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwEbm0Y0
nezGpqz2Yq2BtXs5nR8Kw4yfBfAj8d8AcT42wA11Um82OCy4f6Bg7XmqUF2t8NSv
ZM5a+B7VW28BmTmGVUOqw0tFdlRDPxANQh0j1a3s+nphgescW95ssx2TlHGfKFZc
hLwfjf16oWWHUvCQFmBlyhCiLWoTeUAnA0s9FBf7LxY46cmWQYaYzjmqMYAxbgcJ
Ix4/n7ZtM8IG44wwvK1nhbpzBRdTwiyW46kRXx6h3XPmPvhrPfmS8if8ND8kK2L4
QeLPnYYjgxozF1cGUsBsYxjGESzQtiuNjze6PmOj20K/1P+nPwDFmWVWKa5guDuQ
a0njE2Si7nE1IQ==
-----END CERTIFICATE-----