Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
File:                     ET9u8WzirCilmQYD0folvUl1lN0.mft (raw, json)
Hash identifier:          063dxXQahd0cQtNJfCrXzRyBVXpquaqr+wSvBpQCZ/U=
Subject key identifier:   52:DC:75:7E:31:0F:2E:11:A3:5C:2D:D1:BC:20:77:60:85:6B:EA:73
Authority key identifier: 11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD
Certificate issuer:       /CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
Certificate serial:       019E30726FD37DDE83B1B7C8C99FB35A2E24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
Manifest number:          07C3
Signing time:             Sat 16 May 2026 11:01:06 +0000
Manifest this update:     Sat 16 May 2026 11:01:06 +0000
Manifest next update:     Sun 17 May 2026 11:01:06 +0000
Files and hashes:         1: ET9u8WzirCilmQYD0folvUl1lN0.crl (hash: qWZUTCWKIlNlPMv/lEMmb51rK7gHnJCDtdsTkuCZYWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:72:6f:d3:7d:de:83:b1:b7:c8:c9:9f:b3:5a:2e:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
        Validity
            Not Before: May 16 11:01:06 2026 GMT
            Not After : May 17 11:01:06 2026 GMT
        Subject: CN=52dc757e310f2e11a35c2dd1bc207760856bea73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:33:a5:72:25:87:7f:4e:5a:7b:5b:96:00:84:
                    6f:3b:a2:48:53:6d:fe:29:6d:b9:10:98:a2:10:7d:
                    42:43:93:54:3f:80:9c:db:52:3f:8b:e5:ce:dc:3a:
                    f1:c5:55:68:19:0d:e1:3c:d8:8c:56:d3:64:36:97:
                    0e:38:7c:a7:9e:db:3f:9f:6f:8b:ab:f3:23:c6:db:
                    aa:c5:53:f2:96:b8:46:ec:9a:30:f1:45:fc:4b:9c:
                    fc:0f:09:41:14:d6:f7:59:64:20:f1:eb:33:52:bb:
                    75:a6:a2:29:d6:db:35:4b:91:60:c4:79:99:f7:6d:
                    43:9c:f2:b0:a8:dd:1a:49:20:02:65:7d:c2:2d:96:
                    10:77:64:d6:44:87:75:7e:32:69:75:ff:bd:ff:00:
                    98:05:27:0f:d6:39:2f:2e:3d:4e:16:f6:5b:78:94:
                    05:63:1d:8a:2b:f4:fe:c0:ff:7b:2b:67:37:a3:70:
                    d6:95:4c:d6:8d:fc:41:b1:bf:89:a2:c1:27:f2:f9:
                    b0:0d:10:0c:bb:43:fe:40:3f:18:de:d0:55:e8:d6:
                    b5:e6:b0:c2:f4:42:62:ad:5a:ae:33:1b:da:7e:4a:
                    a8:1e:14:79:de:5c:20:9d:41:b0:91:3b:d6:90:90:
                    fe:62:84:0f:a1:6f:46:9f:e0:69:8f:6e:78:f4:83:
                    76:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:DC:75:7E:31:0F:2E:11:A3:5C:2D:D1:BC:20:77:60:85:6B:EA:73
            X509v3 Authority Key Identifier:
                keyid:11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:35:a7:e9:42:bd:7b:4e:03:ba:06:0a:4c:de:0e:17:bb:d9:
         1d:9c:6f:ca:de:81:83:0e:28:0a:af:7f:04:ef:66:f7:75:b2:
         89:f0:98:7f:0e:d5:5b:7a:b4:98:67:35:33:68:e6:3f:df:12:
         17:f3:97:96:28:53:3e:22:a8:91:0e:13:a6:bf:c7:35:86:52:
         c1:01:75:52:17:d2:aa:e4:12:f6:5f:f0:8f:5b:29:aa:09:2d:
         8e:df:62:5b:1c:4a:6b:0d:cb:be:8d:0d:ef:0c:ea:da:2b:d4:
         84:27:d0:8f:69:d4:4c:84:db:9a:54:49:60:2b:7c:d1:e7:44:
         74:26:dd:9f:d1:a3:bf:39:16:89:dd:5c:df:2b:8d:ac:d0:18:
         de:ba:70:2a:5a:0a:1f:86:a5:2d:d5:5b:56:b0:f7:51:e8:56:
         eb:bd:22:12:e9:05:7e:65:e8:01:00:4e:68:e3:2b:a1:d4:ca:
         e0:ec:2d:be:00:e0:25:b0:82:5f:64:a0:65:d5:cc:95:d7:2e:
         98:88:87:f6:ee:01:67:7f:88:a2:f5:90:c8:6d:45:5c:41:e0:
         78:32:22:e6:12:95:0d:ed:f2:08:c4:f4:b3:84:ed:74:f9:84:
         62:ce:f0:1c:73:4e:db:b3:b1:18:e0:06:de:13:91:48:e7:65:
         76:40:a6:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcm/Tfd6DsbfIyZ+zWi4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExM2Y2ZWYxNmNlMmFjMjhhNTk5MDYwM2QxZmEyNWJkNDk3
NTk0ZGQwHhcNMjYwNTE2MTEwMTA2WhcNMjYwNTE3MTEwMTA2WjAzMTEwLwYDVQQD
Eyg1MmRjNzU3ZTMxMGYyZTExYTM1YzJkZDFiYzIwNzc2MDg1NmJlYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DOlciWHf05ae1uWAIRvO6JIU23+
KW25EJiiEH1CQ5NUP4Cc21I/i+XO3DrxxVVoGQ3hPNiMVtNkNpcOOHynnts/n2+L
q/MjxtuqxVPylrhG7Jow8UX8S5z8DwlBFNb3WWQg8eszUrt1pqIp1ts1S5FgxHmZ
921DnPKwqN0aSSACZX3CLZYQd2TWRId1fjJpdf+9/wCYBScP1jkvLj1OFvZbeJQF
Yx2KK/T+wP97K2c3o3DWlUzWjfxBsb+JosEn8vmwDRAMu0P+QD8Y3tBV6Na15rDC
9EJirVquMxvafkqoHhR53lwgnUGwkTvWkJD+YoQPoW9Gn+Bpj2549IN2hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLcdX4xDy4Ro1wt0bwgd2CFa+pzMB8GA1UdIwQY
MBaAFBE/bvFs4qwopZkGA9H6Jb1JdZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQt
OTA1ZGJhYjhiZDU3LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQtOTA1ZGJhYjhiZDU3
LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzWn6UK9
e04DugYKTN4OF7vZHZxvyt6Bgw4oCq9/BO9m93WyifCYfw7VW3q0mGc1M2jmP98S
F/OXlihTPiKokQ4Tpr/HNYZSwQF1UhfSquQS9l/wj1spqgktjt9iWxxKaw3Lvo0N
7wzq2ivUhCfQj2nUTITbmlRJYCt80edEdCbdn9GjvzkWid1c3yuNrNAY3rpwKloK
H4alLdVbVrD3UehW670iEukFfmXoAQBOaOMrodTK4OwtvgDgJbCCX2SgZdXMldcu
mIiH9u4BZ3+IovWQyG1FXEHgeDIi5hKVDe3yCMT0s4TtdPmEYs7wHHNO27OxGOAG
3hORSOdldkCmTQ==
-----END CERTIFICATE-----