Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          RxQyPNSsc1+oB+ihYCEdUDUXegd3e4NSSK1QR4iJQMA=
Subject key identifier:   91:F0:EA:DE:CC:65:47:BC:7C:75:5A:6A:F0:0E:31:D0:BE:B0:8F:63
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019F1944042D1AB840741BBFDBF30C6D674B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          107A
Signing time:             Tue 30 Jun 2026 16:01:55 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:55 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:55 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: j3eVgXrxXg/sCV6+WM1zguJX0g0byS113cUgmZiwdwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:44:04:2d:1a:b8:40:74:1b:bf:db:f3:0c:6d:67:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Jun 30 16:01:55 2026 GMT
            Not After : Jul  1 16:01:55 2026 GMT
        Subject: CN=91f0eadecc6547bc7c755a6af00e31d0beb08f63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:66:3b:70:77:18:c5:03:0b:9e:c8:f3:c1:34:
                    1c:a6:f6:b2:04:88:21:a4:2a:e4:58:25:95:fc:7e:
                    3f:3e:a3:14:37:83:11:87:7b:1b:dc:84:7a:4a:97:
                    9a:83:dd:54:f6:ed:6d:31:b0:6e:87:7c:22:4a:6c:
                    40:02:00:a0:63:2b:7d:b7:4a:0a:b9:71:65:4c:7f:
                    0a:61:76:44:67:eb:f3:19:35:b3:45:ae:74:7c:59:
                    40:01:07:dc:fc:35:48:d3:80:05:72:d9:f7:cf:8b:
                    9b:69:2d:66:a0:7f:68:b8:af:2e:55:4b:76:e6:4f:
                    ae:c7:ee:48:dd:1d:51:93:8b:f5:6e:d7:5d:10:8a:
                    d9:37:af:57:06:b7:9a:3b:9e:b4:7b:27:a8:b2:c5:
                    28:9f:f9:09:8f:4c:49:2b:ac:93:d7:b2:ab:81:82:
                    24:e4:db:ab:55:c0:d9:99:ec:c0:80:8c:d6:fb:f5:
                    3d:01:1a:db:07:f3:7b:09:a0:10:58:1a:72:f1:ba:
                    06:55:9c:f1:dc:c8:27:fc:f1:e1:92:61:89:20:0a:
                    6d:b6:4c:95:e5:6b:10:82:dc:15:78:ec:01:6e:d9:
                    bb:a7:fe:07:da:df:1b:6f:87:14:8e:66:2c:95:04:
                    c6:22:fc:93:74:f6:a3:b2:c8:4a:37:54:e0:a3:52:
                    c1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:F0:EA:DE:CC:65:47:BC:7C:75:5A:6A:F0:0E:31:D0:BE:B0:8F:63
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:36:1d:d4:fc:31:ce:a7:e1:fb:df:1a:f7:b9:03:d0:79:bd:
         9b:f4:2a:9a:f5:42:34:20:b8:d3:4f:fe:4c:c1:36:23:e3:08:
         33:fa:69:2f:d8:5c:35:4d:78:b6:1b:48:2d:ba:a1:a1:19:cd:
         c5:c2:3d:a2:df:bd:28:b4:08:de:f6:11:c9:e9:a4:ee:19:72:
         11:8a:5b:9c:00:52:64:8a:88:4b:03:97:81:a1:b6:ba:31:ac:
         e6:c1:d9:57:b4:d9:d5:5d:54:b7:11:e5:9a:d3:1d:aa:df:bd:
         55:45:c3:65:69:56:eb:a6:d5:1a:b4:42:b9:64:7a:e9:79:a8:
         58:8b:19:22:ff:5c:d2:7f:af:66:16:f1:bb:6c:7d:72:a0:24:
         6d:68:d2:c6:68:68:76:d1:aa:16:95:67:5e:bb:b0:cd:8b:3f:
         85:97:34:bc:59:62:73:5f:37:05:13:b1:94:5f:e9:95:02:de:
         cd:45:53:e3:34:e8:b0:e4:2c:a7:58:f3:38:1d:42:3f:64:04:
         11:55:f7:64:1c:3a:3d:61:9b:b2:93:c8:71:00:6e:57:21:a4:
         87:e5:bd:a1:69:21:cb:d9:f0:d1:62:ec:be:73:0b:61:e5:63:
         07:13:83:19:5e:4d:8d:40:c7:cd:54:c6:f5:90:5d:84:4b:d0:
         2c:38:df:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZRAQtGrhAdBu/2/MMbWdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwNjMwMTYwMTU1WhcNMjYwNzAxMTYwMTU1WjAzMTEwLwYDVQQD
Eyg5MWYwZWFkZWNjNjU0N2JjN2M3NTVhNmFmMDBlMzFkMGJlYjA4ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWY7cHcYxQMLnsjzwTQcpvayBIgh
pCrkWCWV/H4/PqMUN4MRh3sb3IR6Speag91U9u1tMbBuh3wiSmxAAgCgYyt9t0oK
uXFlTH8KYXZEZ+vzGTWzRa50fFlAAQfc/DVI04AFctn3z4ubaS1moH9ouK8uVUt2
5k+ux+5I3R1Rk4v1btddEIrZN69XBreaO560eyeossUon/kJj0xJK6yT17KrgYIk
5NurVcDZmezAgIzW+/U9ARrbB/N7CaAQWBpy8boGVZzx3Mgn/PHhkmGJIApttkyV
5WsQgtwVeOwBbtm7p/4H2t8bb4cUjmYslQTGIvyTdPajsshKN1Tgo1LBOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHw6t7MZUe8fHVaavAOMdC+sI9jMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxzYd1Pwx
zqfh+98a97kD0Hm9m/QqmvVCNCC400/+TME2I+MIM/ppL9hcNU14thtILbqhoRnN
xcI9ot+9KLQI3vYRyemk7hlyEYpbnABSZIqISwOXgaG2ujGs5sHZV7TZ1V1UtxHl
mtMdqt+9VUXDZWlW66bVGrRCuWR66XmoWIsZIv9c0n+vZhbxu2x9cqAkbWjSxmho
dtGqFpVnXruwzYs/hZc0vFlic183BROxlF/plQLezUVT4zTosOQsp1jzOB1CP2QE
EVX3ZBw6PWGbspPIcQBuVyGkh+W9oWkhy9nw0WLsvnMLYeVjBxODGV5NjUDHzVTG
9ZBdhEvQLDjf9A==
-----END CERTIFICATE-----