Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          nU8fTLDkLcDeOyQLDHLhe2waESbot21/9wcJJF1HiKY=
Subject key identifier:   8E:49:EF:83:F9:EB:3F:3A:6B:08:73:2B:01:3C:CB:93:C5:05:A0:D7
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019F1943DBD1DA0D1B35599FCB99D03316BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          13F7
Signing time:             Tue 30 Jun 2026 16:01:44 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:44 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:44 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: EYWYZabq8Np0NsHHZBNxCEIu/jWJSDU5QetJv5AKcI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:db:d1:da:0d:1b:35:59:9f:cb:99:d0:33:16:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Jun 30 16:01:44 2026 GMT
            Not After : Jul  1 16:01:44 2026 GMT
        Subject: CN=8e49ef83f9eb3f3a6b08732b013ccb93c505a0d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d8:2d:28:ba:13:96:4a:7c:a5:37:15:b4:4d:
                    28:db:c3:6f:e2:ab:71:76:5e:87:24:d5:cf:3e:46:
                    06:2c:8e:d7:76:0b:4e:fa:5c:7e:d7:49:02:89:d8:
                    10:8f:c9:28:e2:3d:bf:2d:7d:ce:ed:dc:1e:5d:59:
                    3d:b1:09:30:fa:2d:a7:2b:5e:59:c5:fe:96:9a:0d:
                    a8:8b:90:73:3a:f2:38:4e:67:b4:22:26:52:19:69:
                    ab:88:eb:a9:57:de:e4:d3:c6:8a:17:b1:4c:7a:f5:
                    5e:5a:14:71:47:57:9e:f6:38:9e:90:a2:3d:6b:0c:
                    be:fa:c8:33:26:01:74:61:d2:85:1d:2b:b8:6f:d5:
                    59:11:20:48:b9:31:b5:50:a5:13:8c:06:b1:15:e2:
                    d6:cb:ad:e6:6a:64:20:3a:56:ca:aa:12:82:7b:19:
                    33:2a:5f:09:ad:bc:2f:e7:db:71:82:21:59:bf:ac:
                    df:52:fc:57:34:3e:90:cc:c4:16:86:84:4d:79:40:
                    17:74:e2:69:47:62:58:ab:b0:3a:07:db:01:af:a2:
                    88:88:b9:0f:fc:6b:fb:2d:d9:00:a9:37:04:2e:7f:
                    67:33:30:e6:6c:50:ea:21:37:13:b4:0a:b4:85:5d:
                    d7:09:0b:fc:f2:18:99:2b:ed:86:39:4c:36:8e:36:
                    bb:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:49:EF:83:F9:EB:3F:3A:6B:08:73:2B:01:3C:CB:93:C5:05:A0:D7
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:87:a3:3c:67:09:47:c9:a2:aa:15:d2:53:93:ff:32:05:8f:
         06:c8:0b:32:b2:48:f9:60:b4:e2:d5:24:2b:ef:cc:1e:71:ab:
         73:14:e5:ac:7f:32:b8:c5:aa:c3:d3:52:77:a4:76:9d:53:e5:
         e4:52:9f:56:e3:f9:6f:8a:b0:12:d4:c1:b0:8f:ab:e3:e0:69:
         23:21:6f:fe:aa:57:be:39:2a:24:5d:d7:75:4f:1a:14:3f:b0:
         1b:93:dc:62:39:ca:19:9f:9c:9a:1e:f3:4b:b2:f2:13:c8:b1:
         a6:38:d4:e2:84:0d:c3:99:2b:83:20:a3:66:35:6e:17:f0:39:
         28:d7:71:16:6d:06:be:3c:da:95:84:17:16:02:74:2f:be:52:
         5d:63:8e:9f:c2:7a:48:9a:9f:33:76:03:04:f8:51:cd:03:03:
         0e:fd:fa:18:1c:54:d3:6f:88:6b:96:81:4f:e5:f2:3d:39:a5:
         d1:20:d7:70:c0:52:db:05:b4:7c:f8:5e:31:df:40:48:c6:1b:
         2d:c5:f3:36:69:ef:e8:69:1d:0d:a7:6c:4c:3a:45:ce:e4:73:
         29:e1:de:29:31:b9:b1:ed:18:2d:a6:76:b9:a2:c6:e2:41:f5:
         94:fd:62:09:aa:a0:b7:86:f9:21:8b:d4:a9:1e:c2:8d:07:b0:
         68:dd:b0:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ9vR2g0bNVmfy5nQMxa6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwNjMwMTYwMTQ0WhcNMjYwNzAxMTYwMTQ0WjAzMTEwLwYDVQQD
Eyg4ZTQ5ZWY4M2Y5ZWIzZjNhNmIwODczMmIwMTNjY2I5M2M1MDVhMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNgtKLoTlkp8pTcVtE0o28Nv4qtx
dl6HJNXPPkYGLI7XdgtO+lx+10kCidgQj8ko4j2/LX3O7dweXVk9sQkw+i2nK15Z
xf6Wmg2oi5BzOvI4Tme0IiZSGWmriOupV97k08aKF7FMevVeWhRxR1ee9jiekKI9
awy++sgzJgF0YdKFHSu4b9VZESBIuTG1UKUTjAaxFeLWy63mamQgOlbKqhKCexkz
Kl8Jrbwv59txgiFZv6zfUvxXND6QzMQWhoRNeUAXdOJpR2JYq7A6B9sBr6KIiLkP
/Gv7LdkAqTcELn9nMzDmbFDqITcTtAq0hV3XCQv88hiZK+2GOUw2jja78wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5J74P56z86awhzKwE8y5PFBaDXMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQIejPGcJ
R8miqhXSU5P/MgWPBsgLMrJI+WC04tUkK+/MHnGrcxTlrH8yuMWqw9NSd6R2nVPl
5FKfVuP5b4qwEtTBsI+r4+BpIyFv/qpXvjkqJF3XdU8aFD+wG5PcYjnKGZ+cmh7z
S7LyE8ixpjjU4oQNw5krgyCjZjVuF/A5KNdxFm0GvjzalYQXFgJ0L75SXWOOn8J6
SJqfM3YDBPhRzQMDDv36GBxU02+Ia5aBT+XyPTml0SDXcMBS2wW0fPheMd9ASMYb
LcXzNmnv6GkdDadsTDpFzuRzKeHeKTG5se0YLaZ2uaLG4kH1lP1iCaqgt4b5IYvU
qR7CjQewaN2weQ==
-----END CERTIFICATE-----