Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
File:                     3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json)
Hash identifier:          Gv3L2ejfTzJrHYS1CEyIMplQNoUxrjPRW7sXXKFI7UU=
Subject key identifier:   E4:B5:39:85:E0:CB:36:13:6E:29:83:A2:E5:BA:42:EF:7A:9A:EB:1D
Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
Certificate issuer:       /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Certificate serial:       019F189E5A7D72A15AF973832ACC3D082A75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
Manifest number:          0589
Signing time:             Tue 30 Jun 2026 13:00:58 +0000
Manifest this update:     Tue 30 Jun 2026 13:00:58 +0000
Manifest next update:     Wed 01 Jul 2026 13:00:58 +0000
Files and hashes:         1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: fiVW4H2Nub5xfmbF3qNHMudr83kKjZGaExKGZwktgbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:5a:7d:72:a1:5a:f9:73:83:2a:cc:3d:08:2a:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
        Validity
            Not Before: Jun 30 13:00:58 2026 GMT
            Not After : Jul  1 13:00:58 2026 GMT
        Subject: CN=e4b53985e0cb36136e2983a2e5ba42ef7a9aeb1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:5b:ff:97:f6:b1:c9:21:b7:8f:78:f2:0d:bc:
                    93:5e:8f:a9:e8:65:05:6f:4b:a5:b6:90:a9:1e:a5:
                    71:87:70:52:b5:85:44:c1:3d:b7:49:e2:02:8a:73:
                    e0:91:42:60:89:95:82:1c:ab:e8:18:42:14:b9:a7:
                    73:90:95:50:02:86:d5:0d:6e:65:80:38:d6:8a:62:
                    5f:ec:ab:12:4e:61:28:97:58:f5:b3:e8:32:8d:fa:
                    94:c6:b4:62:b4:a7:88:72:1d:56:f0:81:5f:c1:c0:
                    4a:bf:de:86:ff:a0:f1:05:25:fe:18:3a:70:b0:fd:
                    26:49:42:dc:df:90:56:fd:9e:26:d3:84:e6:46:d6:
                    96:71:7c:9d:af:30:e6:32:a3:f5:5d:df:63:43:55:
                    4f:48:9b:21:41:bc:64:13:7c:7d:95:05:32:d2:5d:
                    57:7a:75:52:24:83:63:ac:99:aa:8d:be:84:7b:e6:
                    06:13:3b:eb:02:64:1d:4c:11:08:d7:51:64:7c:c7:
                    e4:b7:78:31:49:42:04:c6:42:74:ec:b4:92:46:74:
                    f3:0c:30:e8:9f:69:c3:27:47:a0:bb:20:f8:ea:75:
                    cc:5d:de:ed:12:2a:05:42:29:26:84:f0:d2:b4:ea:
                    fa:f6:5d:28:6c:07:ea:5c:91:0c:e0:2b:b1:1d:f4:
                    88:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:B5:39:85:E0:CB:36:13:6E:29:83:A2:E5:BA:42:EF:7A:9A:EB:1D
            X509v3 Authority Key Identifier:
                keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:de:03:d3:de:19:df:06:2b:6c:18:e9:b6:e6:ee:d2:45:8f:
         b3:c7:fe:e4:74:95:e6:39:2e:a9:03:91:e5:d3:0d:76:50:8a:
         ca:d2:7e:1a:84:d4:16:2e:c7:ef:01:92:bf:59:ae:fe:16:42:
         9c:80:0c:9a:63:c2:19:20:8c:e2:56:b0:ce:a2:c7:18:9c:bd:
         76:e2:80:bf:cf:fd:9e:ea:4b:34:fc:39:e3:49:db:95:ae:41:
         81:0d:2e:2c:4b:59:cf:33:dd:98:de:1c:0d:d8:13:b1:64:b7:
         34:30:6a:25:ca:f6:26:02:d2:6e:dd:f2:d1:9c:38:e6:3b:56:
         13:21:a0:9b:26:eb:61:2d:49:2e:80:37:f9:af:8c:91:29:ab:
         14:01:9f:66:c5:8c:af:59:49:b3:c9:36:5a:01:13:8b:43:16:
         ec:51:d3:dd:5d:bc:ff:95:7d:77:3e:24:77:05:e3:67:6f:ea:
         ad:f1:d8:52:ce:c9:a4:b5:64:7d:c1:a8:1c:ca:49:fc:48:9e:
         95:69:41:79:b0:12:5c:f2:e7:2d:1b:65:08:da:c8:9b:89:db:
         65:5c:08:45:46:fd:11:45:0c:bc:df:b4:9d:97:5b:fa:07:2a:
         fc:01:13:d4:e2:54:19:2d:67:96:1f:50:51:cd:bd:48:a9:04:
         af:23:1f:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynlp9cqFa+XODKsw9CCp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm
M2M5ODQwHhcNMjYwNjMwMTMwMDU4WhcNMjYwNzAxMTMwMDU4WjAzMTEwLwYDVQQD
EyhlNGI1Mzk4NWUwY2IzNjEzNmUyOTgzYTJlNWJhNDJlZjdhOWFlYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11v/l/axySG3j3jyDbyTXo+p6GUF
b0ultpCpHqVxh3BStYVEwT23SeICinPgkUJgiZWCHKvoGEIUuadzkJVQAobVDW5l
gDjWimJf7KsSTmEol1j1s+gyjfqUxrRitKeIch1W8IFfwcBKv96G/6DxBSX+GDpw
sP0mSULc35BW/Z4m04TmRtaWcXydrzDmMqP1Xd9jQ1VPSJshQbxkE3x9lQUy0l1X
enVSJINjrJmqjb6Ee+YGEzvrAmQdTBEI11FkfMfkt3gxSUIExkJ07LSSRnTzDDDo
n2nDJ0eguyD46nXMXd7tEioFQikmhPDStOr69l0obAfqXJEM4CuxHfSIJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOS1OYXgyzYTbimDouW6Qu96musdMB8GA1UdIwQY
MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt
MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0
LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD94D094Z
3wYrbBjptubu0kWPs8f+5HSV5jkuqQOR5dMNdlCKytJ+GoTUFi7H7wGSv1mu/hZC
nIAMmmPCGSCM4lawzqLHGJy9duKAv8/9nupLNPw540nbla5BgQ0uLEtZzzPdmN4c
DdgTsWS3NDBqJcr2JgLSbt3y0Zw45jtWEyGgmybrYS1JLoA3+a+MkSmrFAGfZsWM
r1lJs8k2WgETi0MW7FHT3V28/5V9dz4kdwXjZ2/qrfHYUs7JpLVkfcGoHMpJ/Eie
lWlBebASXPLnLRtlCNrIm4nbZVwIRUb9EUUMvN+0nZdb+gcq/AET1OJUGS1nlh9Q
Uc29SKkEryMf3w==
-----END CERTIFICATE-----