Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          P4HfwE6cid3/JB5kIFVVcOe8glh7AmIkwPESP48buLo=
Subject key identifier:   58:8D:29:67:A9:31:50:66:74:8B:E4:96:32:13:80:23:96:EE:4E:9E
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       019F17C2E3CC4C2C652ADDA61C06E6598C3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          1695
Signing time:             Tue 30 Jun 2026 09:01:16 +0000
Manifest this update:     Tue 30 Jun 2026 09:01:16 +0000
Manifest next update:     Wed 01 Jul 2026 09:01:16 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: A0Q/RKZcC7KdmvWXF1MbDqpn3GPYc0N30c6eCA3EIew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c2:e3:cc:4c:2c:65:2a:dd:a6:1c:06:e6:59:8c:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Jun 30 09:01:16 2026 GMT
            Not After : Jul  1 09:01:16 2026 GMT
        Subject: CN=588d2967a9315066748be4963213802396ee4e9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:81:72:ab:9a:fe:18:b4:19:01:3a:f9:3b:65:
                    05:47:4d:d5:83:8e:21:bc:1e:a8:28:4b:00:1e:8c:
                    42:b9:fc:6c:95:f5:94:ac:35:45:fe:01:de:c0:87:
                    6b:bf:c3:b6:37:73:b2:ea:d3:a0:d0:58:39:f9:98:
                    58:81:c6:4b:92:c3:c6:ed:33:6d:fa:92:34:60:ff:
                    d7:1e:a9:61:4a:bb:d0:8a:29:49:b3:2b:bd:03:9c:
                    2f:37:97:24:9e:1b:af:c4:80:5a:ab:74:e4:be:61:
                    f2:d7:4e:f8:0b:38:7a:f3:71:a3:a7:ac:0f:6f:02:
                    c5:ec:e6:5d:45:64:00:c1:6f:a5:c6:e9:70:a0:e5:
                    ed:0b:d1:d9:c3:ba:ae:36:f7:ee:5b:37:87:12:44:
                    0a:59:1f:e6:25:6c:be:1f:7c:7f:a0:dd:7f:83:75:
                    6b:2f:f8:37:23:46:51:ec:d9:19:c3:7b:bc:e7:4d:
                    2f:78:c6:97:4e:59:b8:2f:c6:4f:8e:bd:91:f2:88:
                    3d:88:fb:10:8c:41:6d:ce:36:88:02:fe:c3:b5:57:
                    b9:ec:49:a7:af:03:a4:51:dd:29:c4:a9:c1:19:aa:
                    83:8b:63:36:36:a3:a2:08:07:ee:ea:9e:81:db:35:
                    26:5b:e0:cf:92:a6:d4:91:38:3e:46:dc:2b:20:36:
                    67:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:8D:29:67:A9:31:50:66:74:8B:E4:96:32:13:80:23:96:EE:4E:9E
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:5b:ee:8d:c4:41:7c:a6:2f:c5:c4:70:93:d8:fe:d2:2e:d7:
         9a:15:3a:4f:5f:1a:9d:c9:aa:0e:18:ab:2a:ff:c1:43:54:67:
         99:53:3d:4c:ed:e0:1b:b2:af:99:02:d7:5b:ce:8b:c6:47:87:
         55:5b:21:52:8f:78:16:5f:82:1a:bc:b2:e4:70:29:db:de:98:
         29:ef:46:c3:a9:8c:9f:20:17:78:4f:d3:aa:21:cf:b5:67:b5:
         05:12:40:66:d8:07:97:7f:5d:e5:7f:60:54:93:48:9f:56:a1:
         71:e0:9d:8c:8e:83:9f:2f:dd:97:b4:57:82:85:d5:68:77:7d:
         c3:4e:63:9d:ac:68:ca:15:6e:13:82:02:32:56:60:6f:27:66:
         e1:93:38:b6:d0:a6:e5:06:7a:ec:7d:bc:48:d4:b1:93:41:b3:
         dc:50:5b:db:f7:ec:81:66:fe:cd:24:74:4a:80:ce:0f:27:d7:
         52:cc:9e:c1:a8:1b:70:fb:8d:1a:0d:71:34:d8:a5:cf:2e:74:
         00:5a:a3:66:6c:7e:c3:84:d2:f4:71:c6:98:54:ed:10:72:45:
         bb:23:d9:b0:68:a5:e7:55:53:da:a3:52:f5:77:b7:48:70:15:
         94:f4:9c:7b:84:34:74:15:d7:eb:9a:bc:fc:62:94:ba:c5:da:
         c5:5f:7a:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwuPMTCxlKt2mHAbmWYw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjYwNjMwMDkwMTE2WhcNMjYwNzAxMDkwMTE2WjAzMTEwLwYDVQQD
Eyg1ODhkMjk2N2E5MzE1MDY2NzQ4YmU0OTYzMjEzODAyMzk2ZWU0ZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YFyq5r+GLQZATr5O2UFR03Vg44h
vB6oKEsAHoxCufxslfWUrDVF/gHewIdrv8O2N3Oy6tOg0Fg5+ZhYgcZLksPG7TNt
+pI0YP/XHqlhSrvQiilJsyu9A5wvN5cknhuvxIBaq3TkvmHy1074Czh683Gjp6wP
bwLF7OZdRWQAwW+lxulwoOXtC9HZw7quNvfuWzeHEkQKWR/mJWy+H3x/oN1/g3Vr
L/g3I0ZR7NkZw3u8500veMaXTlm4L8ZPjr2R8og9iPsQjEFtzjaIAv7DtVe57Emn
rwOkUd0pxKnBGaqDi2M2NqOiCAfu6p6B2zUmW+DPkqbUkTg+RtwrIDZnLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiNKWepMVBmdIvkljITgCOW7k6eMB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1vujcRB
fKYvxcRwk9j+0i7XmhU6T18ancmqDhirKv/BQ1RnmVM9TO3gG7KvmQLXW86LxkeH
VVshUo94Fl+CGryy5HAp296YKe9Gw6mMnyAXeE/TqiHPtWe1BRJAZtgHl39d5X9g
VJNIn1ahceCdjI6Dny/dl7RXgoXVaHd9w05jnaxoyhVuE4ICMlZgbydm4ZM4ttCm
5QZ67H28SNSxk0Gz3FBb2/fsgWb+zSR0SoDODyfXUsyewagbcPuNGg1xNNilzy50
AFqjZmx+w4TS9HHGmFTtEHJFuyPZsGil51VT2qNS9Xe3SHAVlPSce4Q0dBXX65q8
/GKUusXaxV96/w==
-----END CERTIFICATE-----