Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          WhD/ZDT07cHJYZl3CB6pVlCmdW5gZBapgnT7thL14Gg=
Subject key identifier:   CD:EE:C0:06:62:D0:52:7D:CC:54:7C:B0:8D:0C:27:9C:DD:01:0C:71
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019E2F976BF9D999AB086C43893F3EE69C3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          137E
Signing time:             Sat 16 May 2026 07:01:53 +0000
Manifest this update:     Sat 16 May 2026 07:01:53 +0000
Manifest next update:     Sun 17 May 2026 07:01:53 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: 8Cg1hiDh9kFaXw8WcutOsi1qsteAtoBjiKfBJHgv3Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:6b:f9:d9:99:ab:08:6c:43:89:3f:3e:e6:9c:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: May 16 07:01:53 2026 GMT
            Not After : May 17 07:01:53 2026 GMT
        Subject: CN=cdeec00662d0527dcc547cb08d0c279cdd010c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:22:8d:cb:08:8f:27:12:05:ea:be:99:21:93:
                    41:15:6d:53:68:87:05:12:fd:07:a8:f9:c9:46:39:
                    c1:e5:e7:c3:06:ea:09:66:ef:f4:f6:1e:fb:a8:d9:
                    31:de:06:94:43:ac:6a:49:da:5b:54:e9:45:8e:78:
                    59:3f:40:f9:e0:8e:e1:c6:8f:1f:b5:71:df:0f:e6:
                    70:02:a9:bd:40:c5:f2:36:e6:c0:d6:38:36:a8:a3:
                    cf:26:e7:9f:02:67:aa:ce:68:57:01:e6:ac:3f:35:
                    6b:43:81:fa:27:90:fb:16:3a:d2:34:03:9d:d1:33:
                    ee:8a:88:98:23:8c:a8:d0:df:1d:f4:05:21:70:68:
                    94:4e:80:99:09:02:d4:f9:aa:68:6a:78:7d:26:1f:
                    bf:a8:a6:92:7d:60:b0:72:0a:3d:2d:a7:b4:b6:65:
                    aa:69:f4:1a:89:53:19:63:9c:5e:f6:c1:7e:1f:3a:
                    cb:8e:fb:75:02:d2:d8:b3:cf:09:75:6d:cf:79:82:
                    30:1a:be:d3:14:41:93:03:b6:70:03:12:8a:8f:5c:
                    04:c7:13:d1:04:bd:2c:84:56:af:f1:2a:1b:7b:5b:
                    1a:d4:4d:24:95:11:76:d3:63:dc:4a:b1:ba:24:c7:
                    0d:89:e6:6e:86:70:35:2a:95:ac:57:b0:d9:5c:0c:
                    62:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:EE:C0:06:62:D0:52:7D:CC:54:7C:B0:8D:0C:27:9C:DD:01:0C:71
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:ce:39:b0:76:9e:43:ea:7c:a1:03:b8:4e:71:7e:21:ef:c2:
         6f:75:47:c4:8b:e3:e7:a2:e2:6f:fe:a1:ba:ae:12:76:2e:81:
         e3:23:84:a0:81:2d:36:57:3d:07:b3:ce:7b:09:63:d1:c7:80:
         62:7c:f4:88:29:0e:10:3a:1d:0f:0d:6c:58:c2:57:9d:93:37:
         f8:6b:ee:cb:6d:97:c7:56:35:5d:17:6f:b7:b6:11:d6:da:ae:
         76:5b:53:ab:16:63:e0:28:24:2e:82:7f:b6:1b:56:a1:31:2d:
         85:46:a3:21:83:e9:45:4f:da:75:5b:c5:37:58:69:a1:64:8b:
         32:6f:ad:3a:c3:7a:6b:d1:e0:f7:79:04:b8:9c:af:9a:26:0a:
         7e:e5:ad:35:f0:ce:94:a8:08:a2:11:e2:01:04:b8:5a:5e:2b:
         d7:f2:c8:d4:11:6e:e0:df:9f:98:56:bb:dd:11:88:64:dc:ca:
         7a:ac:4e:04:ac:09:ad:49:12:04:56:a5:7f:5c:a6:15:8a:a2:
         0c:27:43:38:ff:c8:ee:17:e5:6f:cc:05:5c:f7:72:bf:9a:72:
         c9:00:d9:2e:dd:f8:c4:05:05:19:11:0b:e4:40:a6:7e:62:9b:
         85:e8:46:36:90:9a:7a:5d:ab:14:ba:00:b1:b6:82:6a:17:78:
         6f:a7:cf:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vl2v52ZmrCGxDiT8+5pw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwNTE2MDcwMTUzWhcNMjYwNTE3MDcwMTUzWjAzMTEwLwYDVQQD
EyhjZGVlYzAwNjYyZDA1MjdkY2M1NDdjYjA4ZDBjMjc5Y2RkMDEwYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yKNywiPJxIF6r6ZIZNBFW1TaIcF
Ev0HqPnJRjnB5efDBuoJZu/09h77qNkx3gaUQ6xqSdpbVOlFjnhZP0D54I7hxo8f
tXHfD+ZwAqm9QMXyNubA1jg2qKPPJuefAmeqzmhXAeasPzVrQ4H6J5D7FjrSNAOd
0TPuioiYI4yo0N8d9AUhcGiUToCZCQLU+apoanh9Jh+/qKaSfWCwcgo9Lae0tmWq
afQaiVMZY5xe9sF+HzrLjvt1AtLYs88JdW3PeYIwGr7TFEGTA7ZwAxKKj1wExxPR
BL0shFav8Sobe1sa1E0klRF202PcSrG6JMcNieZuhnA1KpWsV7DZXAxiGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3uwAZi0FJ9zFR8sI0MJ5zdAQxxMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQs45sHae
Q+p8oQO4TnF+Ie/Cb3VHxIvj56Lib/6huq4Sdi6B4yOEoIEtNlc9B7POewlj0ceA
Ynz0iCkOEDodDw1sWMJXnZM3+Gvuy22Xx1Y1XRdvt7YR1tqudltTqxZj4CgkLoJ/
thtWoTEthUajIYPpRU/adVvFN1hpoWSLMm+tOsN6a9Hg93kEuJyvmiYKfuWtNfDO
lKgIohHiAQS4Wl4r1/LI1BFu4N+fmFa73RGIZNzKeqxOBKwJrUkSBFalf1ymFYqi
DCdDOP/I7hflb8wFXPdyv5pyyQDZLt34xAUFGREL5ECmfmKbhehGNpCael2rFLoA
sbaCahd4b6fP/A==
-----END CERTIFICATE-----