Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          179rhIaimaymW1l5PliWEa+dz5EPJOSwHgTUdWnlTOo=
Subject key identifier:   02:46:40:B3:B6:B5:E9:BC:B4:47:F7:89:42:2A:F3:0E:FF:05:8E:5B
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019E3185D998BF509F63341ECB220FFE9607
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0BDC
Signing time:             Sat 16 May 2026 16:01:55 +0000
Manifest this update:     Sat 16 May 2026 16:01:55 +0000
Manifest next update:     Sun 17 May 2026 16:01:55 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: av9pgdATK8+eZlhALfec4JL87iMMgm2LULCIab4FlWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:85:d9:98:bf:50:9f:63:34:1e:cb:22:0f:fe:96:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: May 16 16:01:55 2026 GMT
            Not After : May 17 16:01:55 2026 GMT
        Subject: CN=024640b3b6b5e9bcb447f789422af30eff058e5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:11:70:9a:6e:81:4b:2b:ba:47:a1:09:e0:75:
                    ae:3a:31:c6:91:a8:7c:8b:73:9e:ab:65:c9:6f:3d:
                    15:04:6b:fe:7f:5a:3a:3b:a1:9a:f7:77:3f:3c:58:
                    14:7c:b4:76:95:45:84:e9:fd:8d:2d:1b:c6:d1:d6:
                    74:94:db:aa:8b:6e:a7:39:97:06:80:3b:40:7e:e6:
                    db:0d:d6:f3:c6:bd:30:c4:f8:1e:86:27:05:18:b4:
                    e3:46:d7:86:99:36:ca:3c:1b:c6:98:e8:08:3b:c5:
                    95:77:98:0f:1f:b3:c3:17:36:6f:6c:a7:30:3a:c6:
                    f5:da:31:4b:4d:22:97:44:55:95:e7:16:f3:79:26:
                    f1:dd:ba:1f:c6:cb:b0:c8:ac:ae:66:57:00:c1:4e:
                    fe:ba:45:89:57:35:22:3d:1b:b2:6e:7a:25:c1:49:
                    58:39:f1:08:cd:ff:aa:a4:93:4c:5b:c1:e9:90:8d:
                    61:23:4f:6a:c6:d1:d9:8a:1f:9a:5d:d2:f0:d1:a9:
                    af:8a:95:34:d8:f7:1f:93:aa:15:c4:7f:b4:14:34:
                    1b:06:d0:e3:8d:a1:e7:cd:2a:13:ac:48:56:ca:ae:
                    c3:7c:a1:d4:57:a0:ed:58:0b:dc:74:45:1e:9c:85:
                    c6:72:c5:f7:80:5c:37:0e:58:8e:1d:fc:82:62:1d:
                    b2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:46:40:B3:B6:B5:E9:BC:B4:47:F7:89:42:2A:F3:0E:FF:05:8E:5B
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:74:94:56:82:48:42:c1:3d:ba:ab:5f:06:53:0b:ee:43:a7:
         9a:bc:91:d8:c8:48:0a:3e:c1:db:d9:60:50:99:43:28:11:c2:
         5f:82:1a:7e:ca:2f:96:8a:fc:8a:5f:67:22:c0:fd:d7:8c:01:
         f5:5e:83:5b:f3:9b:70:ff:2c:e5:52:61:0f:25:d5:92:af:bb:
         ae:eb:4d:cf:be:88:d0:ce:d0:69:01:6b:10:4b:5e:28:0a:ba:
         5c:bb:34:09:cc:36:38:66:31:92:9d:f1:b4:6e:d2:da:b4:2e:
         df:5c:80:51:81:92:5e:f3:17:18:05:97:ca:f2:f3:14:d1:a6:
         b0:19:10:4b:05:c4:72:cf:b6:58:81:f7:56:e5:1c:81:73:96:
         91:46:d9:41:46:bc:d2:bb:c8:33:b6:05:54:e0:85:58:13:ed:
         a7:14:ac:7d:e4:26:9e:f3:09:cc:1e:98:c1:53:65:a8:84:0d:
         a0:0e:dd:05:66:e4:58:5e:fd:81:a2:bd:26:da:7f:63:39:d2:
         59:33:f8:3f:9f:20:5d:ef:e9:59:5a:c7:00:d5:ec:a7:15:a8:
         6b:1a:6f:22:12:6a:51:e7:ce:dd:3b:7f:76:84:ce:7b:99:bf:
         5d:0c:c4:10:c4:4d:cb:f7:35:99:3e:2a:99:b4:81:51:b8:ba:
         7b:4c:5d:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhdmYv1CfYzQeyyIP/pYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjYwNTE2MTYwMTU1WhcNMjYwNTE3MTYwMTU1WjAzMTEwLwYDVQQD
EygwMjQ2NDBiM2I2YjVlOWJjYjQ0N2Y3ODk0MjJhZjMwZWZmMDU4ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhFwmm6BSyu6R6EJ4HWuOjHGkah8
i3Oeq2XJbz0VBGv+f1o6O6Ga93c/PFgUfLR2lUWE6f2NLRvG0dZ0lNuqi26nOZcG
gDtAfubbDdbzxr0wxPgehicFGLTjRteGmTbKPBvGmOgIO8WVd5gPH7PDFzZvbKcw
Osb12jFLTSKXRFWV5xbzeSbx3bofxsuwyKyuZlcAwU7+ukWJVzUiPRuybnolwUlY
OfEIzf+qpJNMW8HpkI1hI09qxtHZih+aXdLw0amvipU02Pcfk6oVxH+0FDQbBtDj
jaHnzSoTrEhWyq7DfKHUV6DtWAvcdEUenIXGcsX3gFw3DliOHfyCYh2ymQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJGQLO2tem8tEf3iUIq8w7/BY5bMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjnSUVoJI
QsE9uqtfBlML7kOnmryR2MhICj7B29lgUJlDKBHCX4Iafsovlor8il9nIsD914wB
9V6DW/ObcP8s5VJhDyXVkq+7rutNz76I0M7QaQFrEEteKAq6XLs0Ccw2OGYxkp3x
tG7S2rQu31yAUYGSXvMXGAWXyvLzFNGmsBkQSwXEcs+2WIH3VuUcgXOWkUbZQUa8
0rvIM7YFVOCFWBPtpxSsfeQmnvMJzB6YwVNlqIQNoA7dBWbkWF79gaK9Jtp/YznS
WTP4P58gXe/pWVrHANXspxWoaxpvIhJqUefO3Tt/doTOe5m/XQzEEMRNy/c1mT4q
mbSBUbi6e0xdLA==
-----END CERTIFICATE-----