Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File:                     3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier:          Y8D8uwDkHIADJ2MCm9EuAWTIyfY9hTcdY8Nbaj83Nqk=
Subject key identifier:   8C:19:24:AB:48:A9:F5:5F:9C:36:F9:90:13:5A:90:A8:DE:91:2C:F5
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer:       /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial:       019F17C397FD0EF977B29FD808E470BBC8BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number:          1918
Signing time:             Tue 30 Jun 2026 09:02:01 +0000
Manifest this update:     Tue 30 Jun 2026 09:02:01 +0000
Manifest next update:     Wed 01 Jul 2026 09:02:01 +0000
Files and hashes:         1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: nJqMeH2kLNkJa3OqgFTCyrNQp5ZhGIqVrP8YoSUsBAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c3:97:fd:0e:f9:77:b2:9f:d8:08:e4:70:bb:c8:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
        Validity
            Not Before: Jun 30 09:02:01 2026 GMT
            Not After : Jul  1 09:02:01 2026 GMT
        Subject: CN=8c1924ab48a9f55f9c36f990135a90a8de912cf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:3b:1d:ac:59:42:b5:30:6c:42:dc:f4:17:8b:
                    aa:48:2f:3b:da:28:e6:88:71:5f:98:cb:96:29:05:
                    fe:e0:f2:c0:e4:ba:36:6b:e8:4c:af:e9:70:3f:02:
                    b3:1e:3a:af:a1:bf:86:96:58:1c:6a:e9:14:bd:e2:
                    bf:c1:c2:2c:38:bd:2b:dd:d5:03:c8:61:c7:8f:0c:
                    a1:ed:2f:2a:2f:20:3a:ba:61:a4:e1:7d:9f:55:f9:
                    f9:33:20:51:17:8f:8f:56:f7:9d:37:78:1d:e6:ca:
                    81:54:4c:bc:fa:d0:f1:5c:97:f4:ab:aa:f1:1e:e3:
                    95:29:8c:73:c9:f2:de:11:ec:53:ae:24:39:2a:62:
                    05:95:19:27:68:52:e1:d0:e8:8b:32:4c:31:8c:57:
                    0a:7c:b6:d1:44:d4:3d:c7:d2:76:77:f1:f3:58:ed:
                    69:45:2b:d3:f5:e5:ac:81:1d:5f:82:ec:fd:ad:50:
                    f8:ab:a8:2f:1a:26:7d:df:91:94:92:2e:ca:87:b6:
                    29:ce:47:04:18:49:ff:c6:fc:63:3d:e4:c5:32:38:
                    72:97:2a:99:ce:07:f6:d0:5f:1f:b3:2d:2c:07:59:
                    19:1c:2d:2b:61:86:92:5d:a2:d5:6c:ee:af:65:23:
                    14:7a:27:f1:bb:06:64:6f:bb:8a:d9:33:37:7d:77:
                    3c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:19:24:AB:48:A9:F5:5F:9C:36:F9:90:13:5A:90:A8:DE:91:2C:F5
            X509v3 Authority Key Identifier:
                keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ab:1b:ed:af:5a:ec:0c:ef:0c:d0:76:81:4f:bd:2f:0c:8f:
         13:3d:1c:e4:b6:b9:6f:fe:1c:33:e9:25:6a:c0:79:39:a4:63:
         c9:fc:77:16:22:c0:ee:19:40:cb:45:0c:4b:d3:36:d2:1f:ed:
         0f:f3:5b:8a:0a:e6:fb:bf:b7:9c:7b:34:20:a4:b3:d1:7b:42:
         fa:80:30:bc:0c:5e:0c:81:69:60:3d:e7:a9:99:dc:4b:ef:8e:
         c0:60:f2:57:c3:b2:04:6a:53:12:f2:0f:a9:0c:e0:ac:6c:b6:
         ce:d1:d0:e5:f3:dd:a4:f4:9f:01:d6:4b:ff:77:e2:05:dc:18:
         0e:5d:fe:bc:cf:9d:6d:19:cb:56:9d:fc:64:d3:1b:4b:e0:56:
         15:bd:dd:34:e3:18:78:b0:c2:c3:96:aa:d4:3f:fc:36:e2:6d:
         0d:52:96:3f:f8:4d:01:75:a2:bc:74:48:af:8d:6d:50:49:8a:
         03:9a:58:f7:3b:34:fa:ac:77:21:9c:72:84:87:48:71:39:2b:
         45:9e:ca:43:64:42:7f:3e:b6:a7:89:ff:03:58:8b:48:41:21:
         f9:26:45:93:33:bd:e2:7a:74:e0:00:10:d9:a2:28:f2:be:77:
         ba:51:7d:b0:b4:47:32:03:61:14:40:c9:8e:c2:39:ca:84:34:
         88:f7:dd:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Xw5f9Dvl3sp/YCORwu8i+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjYwNjMwMDkwMjAxWhcNMjYwNzAxMDkwMjAxWjAzMTEwLwYDVQQD
Eyg4YzE5MjRhYjQ4YTlmNTVmOWMzNmY5OTAxMzVhOTBhOGRlOTEyY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTsdrFlCtTBsQtz0F4uqSC872ijm
iHFfmMuWKQX+4PLA5Lo2a+hMr+lwPwKzHjqvob+GllgcaukUveK/wcIsOL0r3dUD
yGHHjwyh7S8qLyA6umGk4X2fVfn5MyBRF4+PVvedN3gd5sqBVEy8+tDxXJf0q6rx
HuOVKYxzyfLeEexTriQ5KmIFlRknaFLh0OiLMkwxjFcKfLbRRNQ9x9J2d/HzWO1p
RSvT9eWsgR1fguz9rVD4q6gvGiZ935GUki7Kh7YpzkcEGEn/xvxjPeTFMjhylyqZ
zgf20F8fsy0sB1kZHC0rYYaSXaLVbO6vZSMUeifxuwZkb7uK2TM3fXc81QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwZJKtIqfVfnDb5kBNakKjekSz1MB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKsb7a9a
7AzvDNB2gU+9LwyPEz0c5La5b/4cM+klasB5OaRjyfx3FiLA7hlAy0UMS9M20h/t
D/Nbigrm+7+3nHs0IKSz0XtC+oAwvAxeDIFpYD3nqZncS++OwGDyV8OyBGpTEvIP
qQzgrGy2ztHQ5fPdpPSfAdZL/3fiBdwYDl3+vM+dbRnLVp38ZNMbS+BWFb3dNOMY
eLDCw5aq1D/8NuJtDVKWP/hNAXWivHRIr41tUEmKA5pY9zs0+qx3IZxyhIdIcTkr
RZ7KQ2RCfz62p4n/A1iLSEEh+SZFkzO94np04AAQ2aIo8r53ulF9sLRHMgNhFEDJ
jsI5yoQ0iPfddA==
-----END CERTIFICATE-----