Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          dko6XFWV1auAUrpojRui+HzKuwJd797d0McwI0VnD/4=
Subject key identifier:   A7:1A:FD:9D:A6:3C:E8:C2:8E:3D:60:E0:65:8F:04:43:1A:C0:F8:8F
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019D3A5373ED431E60912A58A631AE665C3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0F82
Signing time:             Sun 29 Mar 2026 16:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:40 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: YOZ0HcLAYRSKCIz80tLwqLv2v4zynLY9HTopFH3MrAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:73:ed:43:1e:60:91:2a:58:a6:31:ae:66:5c:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Mar 29 16:00:40 2026 GMT
            Not After : Mar 30 16:00:40 2026 GMT
        Subject: CN=a71afd9da63ce8c28e3d60e0658f04431ac0f88f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:68:37:fa:8f:33:cc:12:0f:a3:99:b7:fd:87:
                    80:74:04:08:a0:b7:ff:6c:ff:1a:87:b0:a9:2d:79:
                    3f:29:07:e8:5d:89:44:42:1a:3c:8c:f7:a2:60:42:
                    52:34:6b:1e:55:03:e8:5a:9e:24:24:fe:23:61:7a:
                    12:93:29:8e:7d:78:42:81:00:d4:6c:78:8d:61:d5:
                    bc:62:2d:b4:a1:c8:dd:8d:6e:36:20:ec:23:09:06:
                    e2:98:a0:ad:20:6d:ba:b3:76:0d:bd:32:67:99:60:
                    aa:01:4b:80:6c:72:43:b7:53:33:86:cc:20:a7:97:
                    34:64:a5:50:b7:19:35:d1:42:ca:2f:f0:45:e7:4b:
                    73:cc:cd:95:95:23:61:e9:62:d9:29:5a:08:78:f6:
                    40:1b:46:40:cd:09:fb:f0:d6:7a:f0:5d:52:7d:72:
                    78:cc:d9:10:32:3c:48:86:3b:ad:a0:b7:c9:12:e5:
                    af:f0:b7:b0:c3:15:18:f7:28:fd:eb:49:3d:56:96:
                    ec:04:59:fd:bc:6a:11:b5:b7:4d:31:77:8b:d3:73:
                    9d:6d:9b:41:95:2a:5d:46:51:70:3d:c9:1a:60:e7:
                    da:f1:28:78:17:6a:dc:d4:7a:17:f0:cd:f6:75:08:
                    ac:70:cb:e8:dc:96:45:ff:f6:c8:16:a7:70:b8:2e:
                    15:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:1A:FD:9D:A6:3C:E8:C2:8E:3D:60:E0:65:8F:04:43:1A:C0:F8:8F
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:eb:9d:3e:f5:aa:5e:4f:c3:0f:c9:85:3c:41:1b:bc:eb:ea:
         81:ad:d3:42:58:32:25:5f:09:ce:c6:41:b7:c9:27:34:60:6f:
         97:63:ff:12:1c:c5:29:e7:ed:d9:96:7a:24:e5:32:7a:49:05:
         e8:24:b7:ee:0f:9c:b7:f3:71:88:98:22:a0:84:06:4d:0a:f1:
         df:87:86:0a:a5:f0:1e:f7:6c:cc:d1:e5:b7:fc:83:ed:d4:10:
         0b:93:40:50:17:ee:ac:cf:da:cb:d3:25:91:49:27:97:10:85:
         60:45:d0:6a:bb:18:ff:4b:64:3f:da:7f:c3:ee:b3:46:5a:09:
         56:8d:81:bb:05:c4:00:49:e4:1f:cd:71:52:37:a5:94:0c:39:
         61:36:14:15:23:60:22:db:80:50:c9:54:b8:b4:0c:66:c0:9b:
         c5:39:6d:b2:98:6b:77:31:00:81:5a:04:da:f0:51:8e:b2:5d:
         e8:51:31:79:44:0a:4c:06:47:4f:24:07:5e:01:a2:e4:9b:61:
         fe:74:4f:a8:ed:60:93:a8:ba:3c:1c:53:5d:d6:a0:b9:c6:54:
         13:d6:cd:74:bb:42:b1:43:5c:8f:e3:bd:11:f9:14:47:d3:e4:
         50:d8:14:21:e9:7f:9a:fe:16:fc:02:19:db:63:b8:73:5e:6d:
         42:36:6f:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U3PtQx5gkSpYpjGuZlw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwMzI5MTYwMDQwWhcNMjYwMzMwMTYwMDQwWjAzMTEwLwYDVQQD
EyhhNzFhZmQ5ZGE2M2NlOGMyOGUzZDYwZTA2NThmMDQ0MzFhYzBmODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmg3+o8zzBIPo5m3/YeAdAQIoLf/
bP8ah7CpLXk/KQfoXYlEQho8jPeiYEJSNGseVQPoWp4kJP4jYXoSkymOfXhCgQDU
bHiNYdW8Yi20ocjdjW42IOwjCQbimKCtIG26s3YNvTJnmWCqAUuAbHJDt1Mzhswg
p5c0ZKVQtxk10ULKL/BF50tzzM2VlSNh6WLZKVoIePZAG0ZAzQn78NZ68F1SfXJ4
zNkQMjxIhjutoLfJEuWv8LewwxUY9yj960k9VpbsBFn9vGoRtbdNMXeL03OdbZtB
lSpdRlFwPckaYOfa8Sh4F2rc1HoX8M32dQiscMvo3JZF//bIFqdwuC4VxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKca/Z2mPOjCjj1g4GWPBEMawPiPMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALuudPvWq
Xk/DD8mFPEEbvOvqga3TQlgyJV8JzsZBt8knNGBvl2P/EhzFKeft2ZZ6JOUyekkF
6CS37g+ct/NxiJgioIQGTQrx34eGCqXwHvdszNHlt/yD7dQQC5NAUBfurM/ay9Ml
kUknlxCFYEXQarsY/0tkP9p/w+6zRloJVo2BuwXEAEnkH81xUjellAw5YTYUFSNg
ItuAUMlUuLQMZsCbxTltsphrdzEAgVoE2vBRjrJd6FExeUQKTAZHTyQHXgGi5Jth
/nRPqO1gk6i6PBxTXdagucZUE9bNdLtCsUNcj+O9EfkUR9PkUNgUIel/mv4W/AIZ
22O4c15tQjZvMA==
-----END CERTIFICATE-----