Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          b4k5bwFT49h6NHif8fzHR0v2pqrUXxhDWE1s0eZM+1E=
Subject key identifier:   E4:3B:CA:35:52:3D:54:B6:4C:F5:9E:A1:84:9B:FB:A1:A4:BF:DB:28
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       019E3072EC62B1C1E998A1F45941D8A48DA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          1211
Signing time:             Sat 16 May 2026 11:01:38 +0000
Manifest this update:     Sat 16 May 2026 11:01:38 +0000
Manifest next update:     Sun 17 May 2026 11:01:38 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: QAfYNiTZSfbBStmUmVXaDWDI0EfOfm0pT1ORCOJId1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:72:ec:62:b1:c1:e9:98:a1:f4:59:41:d8:a4:8d:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: May 16 11:01:38 2026 GMT
            Not After : May 17 11:01:38 2026 GMT
        Subject: CN=e43bca35523d54b64cf59ea1849bfba1a4bfdb28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:cb:f4:11:8c:f9:b9:b3:c6:f1:16:70:62:0e:
                    14:23:e3:06:76:e5:3d:ce:f8:11:2f:a9:9c:86:17:
                    20:cf:87:13:d9:78:8d:f1:ef:90:a9:0d:67:34:e2:
                    fa:67:37:30:54:3c:5b:82:cd:bb:ad:c3:99:7f:9c:
                    a9:e7:d0:f1:c9:95:80:02:21:a1:df:8f:7b:e9:ae:
                    ff:05:23:af:57:34:a2:98:cb:66:0e:44:4c:29:ad:
                    a2:c1:b1:29:f5:b9:4b:85:60:a5:c1:e6:66:41:84:
                    14:aa:ac:67:66:1a:62:8a:97:22:0c:7e:52:78:a2:
                    c5:41:1f:cc:b2:d2:9b:e5:c5:91:67:44:e9:cf:c8:
                    7d:8a:52:ec:d4:c4:84:0f:fb:e7:94:7a:66:af:7e:
                    a1:a4:f8:6f:5f:f3:c0:78:37:91:a5:72:d9:ba:7a:
                    4e:c5:0f:84:3b:bd:64:f9:15:69:6f:78:2b:f2:52:
                    4d:36:00:16:49:f4:33:c4:c5:6e:3a:3e:02:9b:6f:
                    83:3c:aa:54:d0:05:4d:5f:4b:71:6c:80:95:87:6e:
                    17:01:63:06:a7:f0:d4:f1:82:34:45:e2:d8:33:ee:
                    13:e5:e6:74:7a:2f:91:87:29:d0:e3:d6:eb:06:a0:
                    de:42:d8:49:72:a5:a2:8e:d8:7a:7e:03:b5:a3:51:
                    c3:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:3B:CA:35:52:3D:54:B6:4C:F5:9E:A1:84:9B:FB:A1:A4:BF:DB:28
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:d2:86:1c:70:65:92:8a:ed:5c:5f:ac:d3:e6:70:0c:22:1b:
         df:57:50:12:2e:15:4d:de:4a:02:2b:77:13:ef:37:20:17:34:
         c0:dc:e2:89:2e:ee:43:5a:1e:59:93:42:b0:97:71:77:8c:60:
         35:e0:28:f0:bf:56:6d:8c:38:ac:54:b4:eb:b4:5b:ca:8a:26:
         33:c2:11:d4:9a:b0:a6:1d:b4:de:8c:fb:6f:f3:f3:5a:03:6a:
         46:8f:dc:9c:69:0c:0f:fd:d9:fa:ca:07:9c:14:1f:95:36:05:
         68:aa:48:fc:3e:5e:ab:48:8c:cb:d7:46:e4:0d:63:df:83:78:
         ed:c6:39:2b:8a:4e:06:28:a5:a2:58:7e:05:a1:1b:13:76:c8:
         a0:48:5c:6e:ee:73:55:f1:50:4a:af:8d:65:b1:71:14:27:7d:
         9c:66:b6:34:f5:ed:28:a5:f8:dc:64:2f:93:17:47:38:b8:c8:
         bd:40:85:a9:77:1c:5b:75:ca:bf:2f:d4:a4:ab:12:ff:9a:e7:
         2f:0d:8d:f8:4f:a6:b1:0a:00:22:b1:9f:75:68:95:d9:76:fc:
         3b:ab:9e:8e:da:8d:55:5b:03:eb:4c:e4:6b:2b:38:71:12:44:
         e5:be:7d:6e:03:27:3c:01:8b:eb:8c:bf:28:e8:8c:3f:ae:78:
         e4:18:c1:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcuxiscHpmKH0WUHYpI2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjYwNTE2MTEwMTM4WhcNMjYwNTE3MTEwMTM4WjAzMTEwLwYDVQQD
EyhlNDNiY2EzNTUyM2Q1NGI2NGNmNTllYTE4NDliZmJhMWE0YmZkYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcv0EYz5ubPG8RZwYg4UI+MGduU9
zvgRL6mchhcgz4cT2XiN8e+QqQ1nNOL6ZzcwVDxbgs27rcOZf5yp59DxyZWAAiGh
34976a7/BSOvVzSimMtmDkRMKa2iwbEp9blLhWClweZmQYQUqqxnZhpiipciDH5S
eKLFQR/MstKb5cWRZ0Tpz8h9ilLs1MSED/vnlHpmr36hpPhvX/PAeDeRpXLZunpO
xQ+EO71k+RVpb3gr8lJNNgAWSfQzxMVuOj4Cm2+DPKpU0AVNX0txbICVh24XAWMG
p/DU8YI0ReLYM+4T5eZ0ei+RhynQ49brBqDeQthJcqWijth6fgO1o1HDCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQ7yjVSPVS2TPWeoYSb+6Gkv9soMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjNKGHHBl
kortXF+s0+ZwDCIb31dQEi4VTd5KAit3E+83IBc0wNziiS7uQ1oeWZNCsJdxd4xg
NeAo8L9WbYw4rFS067RbyoomM8IR1Jqwph203oz7b/PzWgNqRo/cnGkMD/3Z+soH
nBQflTYFaKpI/D5eq0iMy9dG5A1j34N47cY5K4pOBiilolh+BaEbE3bIoEhcbu5z
VfFQSq+NZbFxFCd9nGa2NPXtKKX43GQvkxdHOLjIvUCFqXccW3XKvy/UpKsS/5rn
Lw2N+E+msQoAIrGfdWiV2Xb8O6uejtqNVVsD60zkays4cRJE5b59bgMnPAGL64y/
KOiMP6545BjBxw==
-----END CERTIFICATE-----