Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          gDGCYOum7OpzFS3QSlmK1v3WM75MRUYZ9WCCILhsbC0=
Subject key identifier:   58:A4:F5:3B:A5:39:C1:ED:2D:09:86:BB:3C:B4:E3:46:A7:7A:D2:21
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019E2F96869FAC462F667EDF9EF7E804A38A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          1001
Signing time:             Sat 16 May 2026 07:00:54 +0000
Manifest this update:     Sat 16 May 2026 07:00:54 +0000
Manifest next update:     Sun 17 May 2026 07:00:54 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: suX+vOLfkO2nXRLDcZlEt67ilqmapktmCe2VuvvY1JQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:86:9f:ac:46:2f:66:7e:df:9e:f7:e8:04:a3:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: May 16 07:00:54 2026 GMT
            Not After : May 17 07:00:54 2026 GMT
        Subject: CN=58a4f53ba539c1ed2d0986bb3cb4e346a77ad221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:74:2d:ba:0e:2d:2a:86:17:96:2b:4b:12:8f:
                    92:14:2f:2a:87:81:16:61:32:49:c6:7c:75:e6:d0:
                    9b:6b:0c:96:26:d5:b7:21:d3:1b:59:90:72:4f:9d:
                    b6:d5:24:26:50:f8:95:2d:61:f2:01:9a:aa:75:75:
                    8b:3d:50:d5:80:80:27:ff:32:3f:0f:07:c6:7c:2b:
                    40:dd:eb:e6:68:5e:78:32:d1:0b:40:0e:52:15:45:
                    5d:65:32:a3:85:b2:42:d2:8e:2e:3c:30:f8:51:a3:
                    df:26:f5:3b:54:e8:d8:15:31:9e:46:92:90:5c:98:
                    69:56:12:af:36:20:41:78:75:ab:e6:bb:59:3c:9f:
                    2a:3f:ab:5d:22:bb:34:40:4c:72:74:4a:ce:6e:a9:
                    b6:bc:00:11:1e:4e:89:56:7b:e7:0e:f5:48:61:af:
                    70:4b:2f:9d:e0:c7:14:3d:b6:bd:4e:25:b9:53:62:
                    2e:18:b0:34:2e:d7:97:34:9a:d4:4f:42:18:0e:61:
                    db:fd:88:98:21:24:5b:df:3a:b7:26:b8:d5:5b:85:
                    49:56:0a:8a:b7:e0:a9:f9:77:f2:08:b2:38:7b:e6:
                    43:45:fa:43:19:c4:6f:df:e5:e5:60:83:e8:ff:b9:
                    c0:55:73:85:ca:76:48:9d:01:1a:ad:46:cd:38:ac:
                    df:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A4:F5:3B:A5:39:C1:ED:2D:09:86:BB:3C:B4:E3:46:A7:7A:D2:21
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:9a:93:31:0a:c0:9e:10:a1:b2:6f:17:1f:8a:41:98:98:f1:
         5c:12:e5:fa:b0:28:2b:e3:4b:a9:81:94:21:32:26:93:e5:7c:
         2b:b5:56:9c:30:1f:d5:b5:96:c4:cb:44:ed:a2:5b:b5:a5:db:
         c9:5e:80:98:6a:fa:49:9f:ff:ae:44:fc:c4:bb:b6:e8:81:25:
         4f:b9:e5:17:bc:0b:5e:42:a3:a1:ac:01:73:c4:37:c5:fc:05:
         a2:29:1a:55:41:7d:45:3b:c9:8f:28:7e:51:8a:a3:20:da:dd:
         c7:a1:ea:b5:6a:05:12:96:f3:25:68:11:b0:ab:02:4a:23:97:
         30:c2:c9:6a:8c:ee:22:c3:ff:a1:f5:3d:1c:14:7c:dd:c0:9c:
         1e:ee:61:0a:4c:53:a2:31:80:91:b5:e6:74:da:a6:ae:8a:12:
         7f:eb:bb:37:9b:75:90:f1:28:09:d2:f5:55:4e:ac:3d:eb:5e:
         4d:ba:04:54:95:20:aa:6d:9a:2c:33:1a:b1:96:2e:5f:7e:fb:
         68:d8:a4:ee:fc:74:e6:91:35:a0:46:0e:79:e4:07:c9:4d:80:
         99:d8:bd:18:a3:59:26:7b:a2:a2:fd:68:ee:dc:7b:8d:18:c5:
         93:39:ad:ad:49:4e:b7:1d:d5:91:2a:76:9b:dc:dd:7e:51:77:
         09:90:bd:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vloafrEYvZn7fnvfoBKOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwNTE2MDcwMDU0WhcNMjYwNTE3MDcwMDU0WjAzMTEwLwYDVQQD
Eyg1OGE0ZjUzYmE1MzljMWVkMmQwOTg2YmIzY2I0ZTM0NmE3N2FkMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnQtug4tKoYXlitLEo+SFC8qh4EW
YTJJxnx15tCbawyWJtW3IdMbWZByT5221SQmUPiVLWHyAZqqdXWLPVDVgIAn/zI/
DwfGfCtA3evmaF54MtELQA5SFUVdZTKjhbJC0o4uPDD4UaPfJvU7VOjYFTGeRpKQ
XJhpVhKvNiBBeHWr5rtZPJ8qP6tdIrs0QExydErObqm2vAARHk6JVnvnDvVIYa9w
Sy+d4McUPba9TiW5U2IuGLA0LteXNJrUT0IYDmHb/YiYISRb3zq3JrjVW4VJVgqK
t+Cp+XfyCLI4e+ZDRfpDGcRv3+XlYIPo/7nAVXOFynZInQEarUbNOKzf1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFik9TulOcHtLQmGuzy040anetIhMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapqTMQrA
nhChsm8XH4pBmJjxXBLl+rAoK+NLqYGUITImk+V8K7VWnDAf1bWWxMtE7aJbtaXb
yV6AmGr6SZ//rkT8xLu26IElT7nlF7wLXkKjoawBc8Q3xfwFoikaVUF9RTvJjyh+
UYqjINrdx6HqtWoFEpbzJWgRsKsCSiOXMMLJaozuIsP/ofU9HBR83cCcHu5hCkxT
ojGAkbXmdNqmrooSf+u7N5t1kPEoCdL1VU6sPeteTboEVJUgqm2aLDMasZYuX377
aNik7vx05pE1oEYOeeQHyU2Amdi9GKNZJnuiov1o7tx7jRjFkzmtrUlOtx3VkSp2
m9zdflF3CZC9+w==
-----END CERTIFICATE-----