Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          qMJKH8fTHHjJpbNWGZ+A8leYViPaVuvih40piWW0xIs=
Subject key identifier:   CE:5C:A9:63:DE:C8:6F:11:D6:F1:6E:75:7B:7B:4F:A8:61:7D:BA:84
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019E2F96FF27E9D5C5632BE6AFF57DBCF2FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          09A0
Signing time:             Sat 16 May 2026 07:01:25 +0000
Manifest this update:     Sat 16 May 2026 07:01:25 +0000
Manifest next update:     Sun 17 May 2026 07:01:25 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: 2LnyGWAaYgDLq3z8WJLERifz3EVQ5hcfqcL0BjBzrCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:ff:27:e9:d5:c5:63:2b:e6:af:f5:7d:bc:f2:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: May 16 07:01:25 2026 GMT
            Not After : May 17 07:01:25 2026 GMT
        Subject: CN=ce5ca963dec86f11d6f16e757b7b4fa8617dba84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:75:70:4e:a5:70:6a:5a:b5:7f:1c:54:23:10:
                    e4:34:bd:22:c2:fe:6e:a7:0d:77:72:e3:b5:01:2d:
                    a3:12:84:03:fd:db:e3:f2:8e:8b:9a:e8:65:67:ca:
                    fb:f8:ea:3a:ea:e2:67:89:84:50:ce:d6:d0:03:42:
                    7d:ec:df:49:4f:2c:48:a8:13:34:1c:76:83:12:b0:
                    93:3c:8d:95:89:b5:44:a5:bc:b0:cb:bf:81:89:a9:
                    46:7a:cd:d9:8e:e4:5f:61:d9:d3:67:88:2b:71:11:
                    e6:b6:f3:ed:db:ae:5e:98:0b:a1:a6:56:97:d3:8c:
                    55:19:77:7f:ac:ba:23:e2:57:5c:9c:dd:4b:7b:86:
                    5b:dc:b8:29:a2:42:87:51:d5:6a:43:b3:85:87:41:
                    2b:bb:89:65:12:f3:f9:cd:be:0d:18:bf:e2:78:3a:
                    ff:52:4a:9d:a7:60:91:d4:63:dc:7f:52:54:fa:b0:
                    2d:bb:a0:2b:fe:b0:29:34:9b:2a:bf:8e:a8:b2:06:
                    57:11:be:2c:55:4c:a3:92:5c:e7:41:79:18:26:7f:
                    4f:74:d1:63:78:d4:50:d0:29:4d:78:b8:d7:7b:12:
                    5d:f3:29:17:3b:87:28:ea:b7:9a:77:a5:ca:7a:c2:
                    b8:f2:bb:e3:2a:35:48:81:f7:b3:24:b2:54:51:ad:
                    93:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:5C:A9:63:DE:C8:6F:11:D6:F1:6E:75:7B:7B:4F:A8:61:7D:BA:84
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:bf:51:fe:76:a2:18:23:48:cf:dc:6a:6b:81:26:db:a0:e7:
         86:8e:b3:9f:ce:b3:13:35:e3:3c:ea:8f:39:b0:ce:97:97:af:
         3e:39:94:a6:d4:bf:98:08:04:73:98:87:7b:eb:77:7c:c7:72:
         4f:5a:a6:5d:63:b4:3b:10:74:83:ab:6a:7a:4d:2c:68:bc:fe:
         0c:b2:a3:90:b0:75:85:81:9a:08:69:2e:a5:06:cf:87:84:d4:
         e3:a6:b4:8c:34:5c:8d:f5:8e:1f:52:f5:92:25:72:2b:46:39:
         1f:30:c1:0c:5d:ce:64:bc:f6:56:53:40:ef:72:ae:35:64:52:
         96:15:c2:b6:dc:c4:54:c0:4d:71:9f:c7:c3:27:0c:4d:79:3b:
         86:66:87:5d:0f:f1:a0:44:20:ed:68:96:7e:49:80:e4:f0:d9:
         2c:56:ca:d4:68:69:14:74:17:ac:cf:76:64:c6:7d:81:68:4b:
         f9:b5:fc:f4:04:81:5d:8b:d5:0c:b7:d0:fb:c0:59:7d:13:1d:
         ac:d9:e1:f3:19:56:6a:c2:4f:ab:1b:f8:ec:6d:ae:26:17:02:
         a7:73:44:70:70:00:88:46:15:88:01:13:7b:0c:0a:58:d7:0b:
         cd:43:e9:08:71:08:54:18:d5:69:a1:21:95:d8:52:91:04:ef:
         8c:92:63:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlv8n6dXFYyvmr/V9vPL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjYwNTE2MDcwMTI1WhcNMjYwNTE3MDcwMTI1WjAzMTEwLwYDVQQD
EyhjZTVjYTk2M2RlYzg2ZjExZDZmMTZlNzU3YjdiNGZhODYxN2RiYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnVwTqVwalq1fxxUIxDkNL0iwv5u
pw13cuO1AS2jEoQD/dvj8o6LmuhlZ8r7+Oo66uJniYRQztbQA0J97N9JTyxIqBM0
HHaDErCTPI2VibVEpbywy7+BialGes3ZjuRfYdnTZ4grcRHmtvPt265emAuhplaX
04xVGXd/rLoj4ldcnN1Le4Zb3LgpokKHUdVqQ7OFh0Eru4llEvP5zb4NGL/ieDr/
Ukqdp2CR1GPcf1JU+rAtu6Ar/rApNJsqv46osgZXEb4sVUyjklznQXkYJn9PdNFj
eNRQ0ClNeLjXexJd8ykXO4co6read6XKesK48rvjKjVIgfezJLJUUa2TeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5cqWPeyG8R1vFudXt7T6hhfbqEMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlr9R/nai
GCNIz9xqa4Em26Dnho6zn86zEzXjPOqPObDOl5evPjmUptS/mAgEc5iHe+t3fMdy
T1qmXWO0OxB0g6tqek0saLz+DLKjkLB1hYGaCGkupQbPh4TU46a0jDRcjfWOH1L1
kiVyK0Y5HzDBDF3OZLz2VlNA73KuNWRSlhXCttzEVMBNcZ/HwycMTXk7hmaHXQ/x
oEQg7WiWfkmA5PDZLFbK1GhpFHQXrM92ZMZ9gWhL+bX89ASBXYvVDLfQ+8BZfRMd
rNnh8xlWasJPqxv47G2uJhcCp3NEcHAAiEYViAETewwKWNcLzUPpCHEIVBjVaaEh
ldhSkQTvjJJjDA==
-----END CERTIFICATE-----