Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          Z3WGXWsVB/Uj+DT1yQ9NiftSGtlxIZv4rsISTEMPdSE=
Subject key identifier:   3A:BD:C9:74:40:D4:10:2A:C8:59:11:2D:55:F8:6B:53:A8:37:EF:94
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       019E30E00EC83218E0FECC306E8CE6D9EDBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          10A8
Signing time:             Sat 16 May 2026 13:00:50 +0000
Manifest this update:     Sat 16 May 2026 13:00:50 +0000
Manifest next update:     Sun 17 May 2026 13:00:50 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: mZT+axNSRMGphH4MtOI0+jwglwCTC3cbS8/oAxnYfVk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:e0:0e:c8:32:18:e0:fe:cc:30:6e:8c:e6:d9:ed:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: May 16 13:00:50 2026 GMT
            Not After : May 17 13:00:50 2026 GMT
        Subject: CN=3abdc97440d4102ac859112d55f86b53a837ef94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:d2:00:44:9b:15:3e:36:60:6c:09:f9:44:ba:
                    43:fa:36:72:5b:b5:25:ed:69:e8:91:ed:08:bb:d0:
                    ab:e8:33:f3:56:0e:10:63:2e:c4:f5:bd:53:b2:1f:
                    3f:06:90:28:87:6d:53:85:b2:d6:df:1b:e4:67:20:
                    15:fb:aa:6b:ef:85:fc:e1:74:23:aa:b4:45:5e:46:
                    c6:9b:dc:3e:bf:80:c0:f7:16:d3:73:2e:38:a1:53:
                    48:5d:42:ab:11:98:ed:f7:ab:1a:98:bd:c4:97:63:
                    cf:9b:98:34:d1:a7:3d:74:5d:9b:f9:ab:a9:cd:9d:
                    7b:5d:e6:0d:22:c4:36:b5:f6:5d:2c:d5:cc:26:b4:
                    26:c5:24:54:3b:6a:16:53:ae:0a:05:11:ba:7f:aa:
                    20:f5:67:33:2b:dd:c1:6d:79:a5:17:4b:43:11:77:
                    5f:48:c9:12:e3:9b:76:4e:9c:30:de:71:e7:a3:51:
                    59:0d:92:62:ca:b9:2c:24:9e:cb:0b:ed:67:fd:66:
                    1d:23:c2:93:9a:3b:58:13:34:62:d9:47:8a:5f:9c:
                    20:bb:da:6f:49:a0:48:08:6a:46:5a:f6:43:99:5b:
                    43:09:75:66:27:db:60:b9:20:ea:bc:82:03:9d:74:
                    23:7f:90:90:3e:10:6b:41:7c:fb:80:a6:eb:4a:74:
                    50:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:BD:C9:74:40:D4:10:2A:C8:59:11:2D:55:F8:6B:53:A8:37:EF:94
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:bf:39:e5:de:f4:65:1e:9e:c0:f3:c1:26:5c:b8:a9:02:9f:
         8a:3a:43:76:a1:a3:e8:49:2c:48:96:5f:df:08:9e:12:38:a1:
         9e:36:63:ba:2f:6a:fc:f9:14:88:fd:27:66:77:7a:4e:52:b2:
         ca:9b:0a:1f:9b:60:55:3f:75:c0:f5:3b:7a:a5:eb:46:16:5d:
         20:65:01:31:7a:f3:7e:43:41:ac:bc:03:19:c0:1f:53:9c:9b:
         7f:ff:58:d5:c8:04:c4:5c:cf:59:b8:0d:7b:e4:d3:ef:45:65:
         04:05:77:3f:7c:97:ed:f1:b0:49:a7:76:41:0a:13:0a:4c:47:
         0c:ab:78:96:4a:ac:4c:b3:97:68:7b:00:85:1b:79:31:ef:27:
         9a:c0:fe:5b:a1:1d:9f:4b:c4:19:2f:53:bc:07:e7:4e:4d:7a:
         62:da:e3:8e:ea:d5:80:33:86:f2:97:20:b2:09:33:c9:1d:94:
         7b:1b:a4:68:ed:80:bf:df:72:4f:7b:d1:06:8a:d7:63:4c:0b:
         73:eb:40:f3:3b:db:8c:1a:7c:fc:04:13:fb:af:07:6f:cc:c0:
         9f:b1:69:fa:c1:40:ec:9e:15:ab:87:ab:13:59:a5:61:df:66:
         28:63:a9:6b:94:8b:80:53:37:bb:a5:e6:78:94:8a:c6:65:ce:
         2d:0c:b6:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4A7IMhjg/swwbozm2e2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjYwNTE2MTMwMDUwWhcNMjYwNTE3MTMwMDUwWjAzMTEwLwYDVQQD
EygzYWJkYzk3NDQwZDQxMDJhYzg1OTExMmQ1NWY4NmI1M2E4MzdlZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtIARJsVPjZgbAn5RLpD+jZyW7Ul
7Wnoke0Iu9Cr6DPzVg4QYy7E9b1Tsh8/BpAoh21ThbLW3xvkZyAV+6pr74X84XQj
qrRFXkbGm9w+v4DA9xbTcy44oVNIXUKrEZjt96samL3El2PPm5g00ac9dF2b+aup
zZ17XeYNIsQ2tfZdLNXMJrQmxSRUO2oWU64KBRG6f6og9WczK93BbXmlF0tDEXdf
SMkS45t2Tpww3nHno1FZDZJiyrksJJ7LC+1n/WYdI8KTmjtYEzRi2UeKX5wgu9pv
SaBICGpGWvZDmVtDCXVmJ9tguSDqvIIDnXQjf5CQPhBrQXz7gKbrSnRQuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDq9yXRA1BAqyFkRLVX4a1OoN++UMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7855d70
ZR6ewPPBJly4qQKfijpDdqGj6EksSJZf3wieEjihnjZjui9q/PkUiP0nZnd6TlKy
ypsKH5tgVT91wPU7eqXrRhZdIGUBMXrzfkNBrLwDGcAfU5ybf/9Y1cgExFzPWbgN
e+TT70VlBAV3P3yX7fGwSad2QQoTCkxHDKt4lkqsTLOXaHsAhRt5Me8nmsD+W6Ed
n0vEGS9TvAfnTk16YtrjjurVgDOG8pcgsgkzyR2UexukaO2Av99yT3vRBorXY0wL
c+tA8zvbjBp8/AQT+68Hb8zAn7Fp+sFA7J4Vq4erE1mlYd9mKGOpa5SLgFM3u6Xm
eJSKxmXOLQy2Tw==
-----END CERTIFICATE-----