Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
File:                     3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json)
Hash identifier:          V3wtkYh0cPVgoUKlWcev9jxylwjlWR5NhCShoQyUUrA=
Subject key identifier:   96:DA:A2:94:7D:E1:91:66:7F:CB:71:28:E3:CF:89:D9:05:CF:F9:7E
Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
Certificate issuer:       /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Certificate serial:       019E30E044BE48588832663F719F32993507
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
Manifest number:          0511
Signing time:             Sat 16 May 2026 13:01:04 +0000
Manifest this update:     Sat 16 May 2026 13:01:04 +0000
Manifest next update:     Sun 17 May 2026 13:01:04 +0000
Files and hashes:         1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: S4yIOeeeiunhsRXJr8yAIdKOYYSnN8zUUJu5SCqEKFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:e0:44:be:48:58:88:32:66:3f:71:9f:32:99:35:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
        Validity
            Not Before: May 16 13:01:04 2026 GMT
            Not After : May 17 13:01:04 2026 GMT
        Subject: CN=96daa2947de191667fcb7128e3cf89d905cff97e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:7a:e6:be:7a:d7:b8:7a:7e:99:65:a6:f4:56:
                    54:a2:06:6d:7e:ed:ed:1f:c4:42:cb:33:58:a3:b9:
                    ec:e6:43:fe:a0:23:5f:4c:42:cb:a5:e4:ec:0f:93:
                    06:04:9c:f2:ad:d6:f7:7c:2d:ef:36:45:85:da:84:
                    5f:39:c4:6c:8d:eb:80:62:03:62:3c:ea:a0:6c:34:
                    f1:2c:a7:3d:14:83:d9:0c:c6:26:11:01:97:5d:4d:
                    85:22:26:e5:e8:b8:1b:31:7d:93:48:6c:e4:2d:c6:
                    8b:80:dc:25:11:d1:35:7c:52:bd:91:f6:cb:ca:d6:
                    3f:7b:ea:1e:66:86:e1:48:99:79:3d:f8:e5:8b:34:
                    0a:db:3c:49:26:a2:b9:02:bf:2d:dc:33:96:8e:fa:
                    97:91:de:0d:96:5c:7e:37:da:af:9b:a5:f6:a1:f7:
                    7c:21:d1:5e:4f:35:7e:29:e7:c5:7a:5e:10:43:ce:
                    72:09:6c:29:3a:54:91:cc:c9:da:af:8f:23:20:ea:
                    20:34:b5:b2:08:f0:fc:ea:b3:71:ff:02:a1:e5:e4:
                    2e:7c:bc:8a:ae:f9:ff:d9:4b:75:85:94:20:e2:9c:
                    7e:30:3a:f1:1c:e1:65:90:75:e2:22:2a:9d:fa:5f:
                    f9:5f:12:b8:09:16:0c:eb:7e:ce:e8:32:8b:79:a1:
                    42:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:DA:A2:94:7D:E1:91:66:7F:CB:71:28:E3:CF:89:D9:05:CF:F9:7E
            X509v3 Authority Key Identifier:
                keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:aa:c5:7f:55:31:c9:1c:35:4d:4e:b2:fa:8d:f2:25:d6:12:
         7f:40:42:61:2e:1f:44:57:40:0d:74:83:b3:73:54:0b:a5:55:
         99:f6:eb:c9:87:29:44:50:55:7f:13:7e:e1:eb:66:e9:11:bb:
         92:b0:a6:59:42:39:74:af:37:ce:fe:76:43:b9:d9:52:20:a6:
         0a:5b:a4:05:9c:1a:94:3a:a5:ce:df:de:e7:4d:df:09:a9:c8:
         cb:1c:f3:5a:76:e7:52:22:d0:ff:78:64:b8:80:9a:38:39:2c:
         a6:3e:cc:40:b5:07:fa:fb:bd:28:55:9b:a9:b7:71:50:7c:96:
         5f:91:36:8a:9e:78:d2:44:b0:05:d8:34:69:cd:38:a7:6f:71:
         73:e4:ed:ac:71:8d:33:a3:7f:c9:f7:52:4f:ae:1f:c8:1e:41:
         45:11:d0:7a:e1:4d:39:f2:3f:29:c2:15:f8:81:0c:f8:04:3c:
         a1:67:24:92:c3:69:40:29:30:36:4f:d1:ea:0e:ba:cc:61:19:
         a1:ad:92:71:da:14:74:12:a8:8e:95:12:a9:43:8a:d0:52:ad:
         24:5c:06:73:b4:02:f5:09:21:3a:60:e2:21:6b:18:8b:d3:4a:
         9b:da:63:3f:e3:79:0b:54:7f:90:16:7d:43:bf:05:f0:b8:da:
         73:78:fd:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4ES+SFiIMmY/cZ8ymTUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm
M2M5ODQwHhcNMjYwNTE2MTMwMTA0WhcNMjYwNTE3MTMwMTA0WjAzMTEwLwYDVQQD
Eyg5NmRhYTI5NDdkZTE5MTY2N2ZjYjcxMjhlM2NmODlkOTA1Y2ZmOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HrmvnrXuHp+mWWm9FZUogZtfu3t
H8RCyzNYo7ns5kP+oCNfTELLpeTsD5MGBJzyrdb3fC3vNkWF2oRfOcRsjeuAYgNi
POqgbDTxLKc9FIPZDMYmEQGXXU2FIibl6LgbMX2TSGzkLcaLgNwlEdE1fFK9kfbL
ytY/e+oeZobhSJl5PfjlizQK2zxJJqK5Ar8t3DOWjvqXkd4Nllx+N9qvm6X2ofd8
IdFeTzV+KefFel4QQ85yCWwpOlSRzMnar48jIOogNLWyCPD86rNx/wKh5eQufLyK
rvn/2Ut1hZQg4px+MDrxHOFlkHXiIiqd+l/5XxK4CRYM637O6DKLeaFCNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbaopR94ZFmf8txKOPPidkFz/l+MB8GA1UdIwQY
MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt
MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0
LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqKrFf1Ux
yRw1TU6y+o3yJdYSf0BCYS4fRFdADXSDs3NUC6VVmfbryYcpRFBVfxN+4etm6RG7
krCmWUI5dK83zv52Q7nZUiCmClukBZwalDqlzt/e503fCanIyxzzWnbnUiLQ/3hk
uICaODkspj7MQLUH+vu9KFWbqbdxUHyWX5E2ip540kSwBdg0ac04p29xc+TtrHGN
M6N/yfdST64fyB5BRRHQeuFNOfI/KcIV+IEM+AQ8oWckksNpQCkwNk/R6g66zGEZ
oa2ScdoUdBKojpUSqUOK0FKtJFwGc7QC9QkhOmDiIWsYi9NKm9pjP+N5C1R/kBZ9
Q78F8Ljac3j9wQ==
-----END CERTIFICATE-----