Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          zj9fQCXtXxbtuGLXw024XW3KR/YV3H2JkIaD4QUeDGc=
Subject key identifier:   C1:61:3E:AE:6D:E7:B7:93:DB:0C:DA:D8:CD:88:03:C9:12:F4:FE:D3
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019E303B59F5F7F3E6D519E3EBDD83C55F1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0CE1
Signing time:             Sat 16 May 2026 10:00:56 +0000
Manifest this update:     Sat 16 May 2026 10:00:56 +0000
Manifest next update:     Sun 17 May 2026 10:00:56 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: FVc1nIsu8d656/MLWSgEbMr58j7By8upXa/ojI3/M5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 10:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:3b:59:f5:f7:f3:e6:d5:19:e3:eb:dd:83:c5:5f:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: May 16 10:00:56 2026 GMT
            Not After : May 17 10:00:56 2026 GMT
        Subject: CN=c1613eae6de7b793db0cdad8cd8803c912f4fed3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:29:3e:0c:46:e6:d9:d7:c8:fc:65:fb:c4:4b:
                    81:aa:f3:f0:ed:24:c1:cb:1a:41:92:f4:67:b5:2d:
                    ba:bc:72:11:a2:cc:ec:29:15:0f:64:25:85:cc:1c:
                    de:88:ee:b4:5d:95:ca:5a:b5:e6:c7:03:83:49:2e:
                    8f:2a:ef:67:2e:a1:55:86:ab:fc:89:40:51:7b:6d:
                    db:29:9a:f5:6b:59:2c:9e:9d:a4:d2:7a:61:18:43:
                    97:b0:ae:14:96:e8:9e:d4:02:4b:63:2d:bf:e6:82:
                    53:60:51:18:61:02:bc:4c:f6:a4:3c:24:3e:ef:ef:
                    22:44:68:15:34:ce:67:27:31:d1:f1:2d:71:57:34:
                    dd:1b:15:c4:d8:cb:bb:80:43:02:23:05:d1:bc:49:
                    d0:03:71:af:39:34:bf:77:7c:2d:71:37:88:53:38:
                    a8:e5:3d:0d:95:2f:a4:57:53:74:89:28:10:99:48:
                    99:70:9e:5c:64:f1:1b:12:89:5d:f8:73:06:35:62:
                    52:2d:05:28:bb:a9:37:63:26:a1:62:47:3e:60:41:
                    0c:b9:be:00:82:41:33:97:6b:1b:87:d1:69:de:98:
                    fd:c6:2d:1a:83:f8:aa:90:ac:00:d6:4f:91:7f:e5:
                    e3:10:fe:44:c3:e1:de:1a:51:f2:06:56:d2:cf:5b:
                    5c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:61:3E:AE:6D:E7:B7:93:DB:0C:DA:D8:CD:88:03:C9:12:F4:FE:D3
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:9c:fa:3b:5a:a7:b8:cd:4b:b6:f8:e7:a5:ef:3b:fc:4d:a1:
         81:d7:62:c9:39:dc:b5:82:6b:68:dd:3a:4a:98:9b:48:8f:3b:
         7b:97:cb:58:78:af:8e:6c:89:1e:45:ed:47:47:ca:5b:ed:71:
         bc:2e:98:e9:96:91:a8:a6:91:4f:5e:59:cd:3e:97:39:c0:eb:
         e9:50:35:ac:da:bd:c1:03:58:50:94:9c:a2:cf:99:ec:90:55:
         ae:cd:45:f2:e1:f8:b0:01:2e:19:6d:fd:b6:1d:f7:53:73:3f:
         94:a5:f9:88:a8:29:ea:6f:04:d6:8b:ea:f8:cc:74:9e:1f:55:
         68:f1:ab:bb:42:9f:2f:78:84:52:7e:8b:1c:9f:27:7f:90:d6:
         ac:a7:6f:da:78:77:43:e1:f3:13:cb:a3:d9:5b:67:4b:3e:2d:
         8a:0b:b2:c9:23:1a:81:d8:01:d2:d5:f9:3a:b7:98:87:c4:16:
         94:8c:70:cc:6f:04:bf:09:cf:67:7a:f7:b3:05:a1:98:50:1c:
         5f:33:41:c9:a9:61:0e:48:29:54:88:0f:eb:e2:02:a0:a8:e2:
         fe:c3:86:fa:68:79:82:d1:4d:3e:de:21:da:e1:4a:9f:04:c0:
         be:d2:72:65:0c:8b:ae:a8:bd:d9:e9:e4:5f:6d:e2:71:ef:84:
         52:bb:44:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO1n19/Pm1Rnj692DxV8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjYwNTE2MTAwMDU2WhcNMjYwNTE3MTAwMDU2WjAzMTEwLwYDVQQD
EyhjMTYxM2VhZTZkZTdiNzkzZGIwY2RhZDhjZDg4MDNjOTEyZjRmZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCk+DEbm2dfI/GX7xEuBqvPw7STB
yxpBkvRntS26vHIRoszsKRUPZCWFzBzeiO60XZXKWrXmxwODSS6PKu9nLqFVhqv8
iUBRe23bKZr1a1ksnp2k0nphGEOXsK4Uluie1AJLYy2/5oJTYFEYYQK8TPakPCQ+
7+8iRGgVNM5nJzHR8S1xVzTdGxXE2Mu7gEMCIwXRvEnQA3GvOTS/d3wtcTeIUzio
5T0NlS+kV1N0iSgQmUiZcJ5cZPEbEold+HMGNWJSLQUou6k3YyahYkc+YEEMub4A
gkEzl2sbh9Fp3pj9xi0ag/iqkKwA1k+Rf+XjEP5Ew+HeGlHyBlbSz1tcsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFhPq5t57eT2wza2M2IA8kS9P7TMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJpz6O1qn
uM1Ltvjnpe87/E2hgddiyTnctYJraN06SpibSI87e5fLWHivjmyJHkXtR0fKW+1x
vC6Y6ZaRqKaRT15ZzT6XOcDr6VA1rNq9wQNYUJScos+Z7JBVrs1F8uH4sAEuGW39
th33U3M/lKX5iKgp6m8E1ovq+Mx0nh9VaPGru0KfL3iEUn6LHJ8nf5DWrKdv2nh3
Q+HzE8uj2VtnSz4tiguyySMagdgB0tX5OreYh8QWlIxwzG8EvwnPZ3r3swWhmFAc
XzNByalhDkgpVIgP6+ICoKji/sOG+mh5gtFNPt4h2uFKnwTAvtJyZQyLrqi92enk
X23ice+EUrtEJA==
-----END CERTIFICATE-----