Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          on18JYzEi0LaKpzdiotrHAPPHAUmzM9UoqjPRP5Iy9c=
Subject key identifier:   BC:20:0B:F2:8E:F7:58:27:C4:CD:59:C4:97:89:29:B7:A1:32:F3:C8
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019F17555E7FB98156203ACA0D8E41E5B6C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0A18
Signing time:             Tue 30 Jun 2026 07:01:38 +0000
Manifest this update:     Tue 30 Jun 2026 07:01:38 +0000
Manifest next update:     Wed 01 Jul 2026 07:01:38 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: r0EQ0mZgUZyK0z8DbRxjJ6de3QjfUYNXKAhw8maBIl8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:55:5e:7f:b9:81:56:20:3a:ca:0d:8e:41:e5:b6:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Jun 30 07:01:38 2026 GMT
            Not After : Jul  1 07:01:38 2026 GMT
        Subject: CN=bc200bf28ef75827c4cd59c4978929b7a132f3c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3c:b4:ce:2e:f7:33:a6:df:04:03:60:52:b5:
                    9f:09:d7:fa:95:15:03:6c:5a:3f:4d:2c:53:66:75:
                    17:00:12:95:a3:ff:0f:a5:e7:00:3e:dc:83:ff:73:
                    ad:e3:fe:d8:14:4a:7c:1b:8d:5e:fd:a8:02:e1:4f:
                    9d:a0:76:98:92:c4:2d:f2:8c:c0:e0:ce:68:cd:73:
                    b5:f7:27:77:ef:72:f1:d6:49:d5:7a:70:e4:a1:84:
                    08:53:64:6e:6a:19:df:18:46:7a:09:70:f0:60:3a:
                    57:9c:cf:be:cc:39:10:25:d7:fe:f5:08:51:d9:78:
                    5d:40:e0:8f:35:cb:aa:9b:4b:c4:17:8c:18:9d:b6:
                    b5:65:db:cb:0a:a9:0f:0b:e5:5c:ee:90:36:b8:9a:
                    51:43:d0:e7:d1:d5:9f:0b:fc:07:23:1a:3f:32:60:
                    76:b8:00:0d:49:10:c8:67:e4:69:ef:ae:5d:16:bd:
                    a0:ee:70:39:a7:1a:4b:b7:4d:52:94:49:27:a4:e6:
                    19:a3:32:8f:53:61:41:c5:1f:aa:22:c7:10:82:37:
                    cc:5f:12:5c:88:df:d7:67:db:c6:e9:ad:c4:1a:95:
                    4f:82:26:4d:33:bf:a9:88:2f:29:8e:e5:2a:f9:ed:
                    91:d8:95:8f:72:87:ab:52:83:c7:e6:b4:7f:ff:ef:
                    08:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:20:0B:F2:8E:F7:58:27:C4:CD:59:C4:97:89:29:B7:A1:32:F3:C8
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:33:fc:d3:51:d4:1e:01:e4:3e:90:52:34:19:37:1b:c1:7b:
         21:a7:1c:ed:87:69:4a:c4:7c:d4:9b:3c:b7:95:0b:21:15:5a:
         81:2c:8e:9f:dc:3f:1f:55:41:2f:2a:9c:65:f0:6b:45:fa:3b:
         5c:01:8f:20:54:95:90:76:84:55:4c:23:53:0f:eb:dc:00:6b:
         3f:61:65:95:da:05:f7:43:dc:f5:12:53:14:d2:96:9e:b0:34:
         05:7b:1f:f3:4b:14:c1:1e:a6:26:62:17:76:96:e7:85:52:10:
         5f:f1:06:23:79:e6:ac:d0:51:c4:4c:e3:6b:86:c4:de:9b:6f:
         0a:69:af:b4:61:c3:f3:19:1c:41:e0:17:89:51:27:2a:53:28:
         51:1e:e9:5f:24:9d:2b:9a:06:37:38:82:21:10:af:3d:7d:ea:
         59:d7:ab:27:5d:d1:03:fb:2a:dd:b7:d8:2e:22:7c:67:36:c0:
         08:14:43:b3:f8:e3:c5:3e:55:d4:e7:78:14:91:93:a1:fb:3c:
         12:8b:6d:9f:8c:98:f1:05:1c:b3:e4:b2:ec:f7:3e:f8:2d:15:
         7a:57:78:22:7e:4d:c3:79:28:4c:fa:b6:90:4e:5b:e8:70:df:
         7b:6c:58:f7:b3:1f:0f:7a:c4:05:b0:91:f9:15:8b:d1:6f:78:
         52:07:27:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVV5/uYFWIDrKDY5B5bbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjYwNjMwMDcwMTM4WhcNMjYwNzAxMDcwMTM4WjAzMTEwLwYDVQQD
EyhiYzIwMGJmMjhlZjc1ODI3YzRjZDU5YzQ5Nzg5MjliN2ExMzJmM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujy0zi73M6bfBANgUrWfCdf6lRUD
bFo/TSxTZnUXABKVo/8PpecAPtyD/3Ot4/7YFEp8G41e/agC4U+doHaYksQt8ozA
4M5ozXO19yd373Lx1knVenDkoYQIU2RuahnfGEZ6CXDwYDpXnM++zDkQJdf+9QhR
2XhdQOCPNcuqm0vEF4wYnba1ZdvLCqkPC+Vc7pA2uJpRQ9Dn0dWfC/wHIxo/MmB2
uAANSRDIZ+Rp765dFr2g7nA5pxpLt01SlEknpOYZozKPU2FBxR+qIscQgjfMXxJc
iN/XZ9vG6a3EGpVPgiZNM7+piC8pjuUq+e2R2JWPcoerUoPH5rR//+8IFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwgC/KO91gnxM1ZxJeJKbehMvPIMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALDP801HU
HgHkPpBSNBk3G8F7Iacc7YdpSsR81Js8t5ULIRVagSyOn9w/H1VBLyqcZfBrRfo7
XAGPIFSVkHaEVUwjUw/r3ABrP2FlldoF90Pc9RJTFNKWnrA0BXsf80sUwR6mJmIX
dpbnhVIQX/EGI3nmrNBRxEzja4bE3ptvCmmvtGHD8xkcQeAXiVEnKlMoUR7pXySd
K5oGNziCIRCvPX3qWderJ13RA/sq3bfYLiJ8ZzbACBRDs/jjxT5V1Od4FJGTofs8
Eottn4yY8QUcs+Sy7Pc++C0Veld4In5Nw3koTPq2kE5b6HDfe2xY97MfD3rEBbCR
+RWL0W94UgcnQA==
-----END CERTIFICATE-----