Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          RBc/DsU49ItWWwsw5fPmW9sZjpFaaQ8OWIHWIawT/BU=
Subject key identifier:   FF:C5:1D:BB:58:6E:5F:31:FE:7E:B8:A2:39:11:4A:F4:C2:94:DF:06
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       019E303BC1F6FE1DC8C986F28EFBFAB52C2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0B1C
Signing time:             Sat 16 May 2026 10:01:23 +0000
Manifest this update:     Sat 16 May 2026 10:01:23 +0000
Manifest next update:     Sun 17 May 2026 10:01:23 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: i3TdcMkCS1xs26rT8JD0Y8Io5F/oFwF7kI60rXFtdE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 10:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:3b:c1:f6:fe:1d:c8:c9:86:f2:8e:fb:fa:b5:2c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: May 16 10:01:23 2026 GMT
            Not After : May 17 10:01:23 2026 GMT
        Subject: CN=ffc51dbb586e5f31fe7eb8a239114af4c294df06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:38:81:0e:83:23:30:2a:41:e6:93:45:d3:36:
                    f8:3d:cd:73:b8:16:b4:d1:83:b1:05:30:67:85:7e:
                    51:93:cc:52:5f:8c:1b:ca:1e:c8:e1:66:43:a1:2b:
                    72:01:67:4b:7d:89:98:31:6e:93:f2:95:79:a8:d7:
                    6e:26:f4:35:df:98:f8:08:f2:fc:6e:39:c1:21:88:
                    5c:29:a3:0c:7b:3a:07:f9:c6:51:e3:0b:59:b1:ab:
                    d0:18:aa:94:61:76:78:34:3e:fd:96:0f:55:4b:fc:
                    33:80:df:01:4e:d0:f5:5d:12:45:89:07:19:2f:69:
                    3f:3e:ad:27:2e:f8:a6:db:1f:de:62:7d:6c:8a:ae:
                    30:79:d6:25:1d:3d:f2:71:97:d8:ba:11:67:9d:4d:
                    f8:0c:85:87:45:06:13:b1:52:5b:ca:2f:89:a0:18:
                    8f:e4:ca:14:d0:3b:cb:6e:72:c8:36:20:7f:4f:3e:
                    ad:fd:96:d8:48:d2:6f:1d:48:fd:a5:8c:a4:55:a0:
                    46:d0:25:6e:5c:03:84:6f:d5:73:a8:55:c2:b0:ee:
                    15:17:42:7a:6e:ab:a6:12:c3:ba:83:3d:04:27:e1:
                    27:38:9a:91:30:b9:98:ea:82:fe:c6:06:c4:b3:a0:
                    e0:7f:01:1c:06:a8:04:77:bd:21:6e:ef:00:87:5b:
                    4c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C5:1D:BB:58:6E:5F:31:FE:7E:B8:A2:39:11:4A:F4:C2:94:DF:06
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:10:c9:30:49:b3:ac:18:e2:f5:f4:11:c1:64:8f:17:76:4f:
         b6:e0:eb:0c:d9:55:62:ae:7f:ec:7c:46:61:2d:5b:48:46:d7:
         c8:7f:2f:df:41:ce:40:81:81:1a:ac:2b:46:70:81:ab:a8:6a:
         68:5e:0e:b8:df:ec:95:c2:ef:dd:56:14:df:9e:fa:1b:7b:40:
         e7:c5:c3:c4:f3:84:00:8d:e2:ca:09:57:32:88:17:b6:81:99:
         ec:69:ba:8b:7b:f0:1d:57:52:22:83:35:47:02:b1:f1:95:e1:
         a6:33:c2:a4:2b:ca:36:d9:5a:e1:8b:3d:49:64:7a:5f:3c:ce:
         7f:79:a3:96:38:02:db:37:a5:40:91:64:4c:70:c5:0c:cc:82:
         92:d5:e1:ac:df:a9:6f:90:6b:cd:36:fd:d1:ab:99:51:bd:d1:
         8e:ad:f3:ee:66:a1:e5:9a:67:57:66:c3:5c:44:2f:49:28:a4:
         7c:90:39:d7:2c:4a:dd:24:9a:c6:fd:50:6c:4e:c5:3e:20:37:
         20:10:63:7c:71:21:9f:61:93:cd:3c:83:d3:dc:b7:7e:4c:2c:
         56:03:e5:a0:df:d0:02:b4:14:be:29:ed:94:7b:fe:8f:e1:12:
         f3:35:8b:8e:1e:ac:1d:2b:2b:25:f9:1e:c4:b9:a6:bb:6d:13:
         8f:d7:79:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO8H2/h3IyYbyjvv6tSwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjYwNTE2MTAwMTIzWhcNMjYwNTE3MTAwMTIzWjAzMTEwLwYDVQQD
EyhmZmM1MWRiYjU4NmU1ZjMxZmU3ZWI4YTIzOTExNGFmNGMyOTRkZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DiBDoMjMCpB5pNF0zb4Pc1zuBa0
0YOxBTBnhX5Rk8xSX4wbyh7I4WZDoStyAWdLfYmYMW6T8pV5qNduJvQ135j4CPL8
bjnBIYhcKaMMezoH+cZR4wtZsavQGKqUYXZ4ND79lg9VS/wzgN8BTtD1XRJFiQcZ
L2k/Pq0nLvim2x/eYn1siq4wedYlHT3ycZfYuhFnnU34DIWHRQYTsVJbyi+JoBiP
5MoU0DvLbnLINiB/Tz6t/ZbYSNJvHUj9pYykVaBG0CVuXAOEb9VzqFXCsO4VF0J6
bqumEsO6gz0EJ+EnOJqRMLmY6oL+xgbEs6DgfwEcBqgEd70hbu8Ah1tMyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/FHbtYbl8x/n64ojkRSvTClN8GMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWhDJMEmz
rBji9fQRwWSPF3ZPtuDrDNlVYq5/7HxGYS1bSEbXyH8v30HOQIGBGqwrRnCBq6hq
aF4OuN/slcLv3VYU3576G3tA58XDxPOEAI3iyglXMogXtoGZ7Gm6i3vwHVdSIoM1
RwKx8ZXhpjPCpCvKNtla4Ys9SWR6XzzOf3mjljgC2zelQJFkTHDFDMyCktXhrN+p
b5BrzTb90auZUb3Rjq3z7mah5ZpnV2bDXEQvSSikfJA51yxK3SSaxv1QbE7FPiA3
IBBjfHEhn2GTzTyD09y3fkwsVgPloN/QArQUvintlHv+j+ES8zWLjh6sHSsrJfke
xLmmu20Tj9d5Tg==
-----END CERTIFICATE-----