Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          b6fl4QM876ZNXvsM9tE4OHoLeiIkgyXhKz3XBkvKGmU=
Subject key identifier:   40:04:12:87:13:43:1C:F9:32:CF:0E:30:7E:FC:1A:84:6B:FD:6C:70
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       019D3940F0A01F36F0E98895007E40BBA028
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          1191
Signing time:             Sun 29 Mar 2026 11:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:50 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: 3aGUB70QQcgpgFOcV3cedTvZw4abH3/aF5jPrjSIaD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:f0:a0:1f:36:f0:e9:88:95:00:7e:40:bb:a0:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Mar 29 11:00:50 2026 GMT
            Not After : Mar 30 11:00:50 2026 GMT
        Subject: CN=4004128713431cf932cf0e307efc1a846bfd6c70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:11:54:8b:9d:ed:01:7c:f9:47:07:62:8c:50:
                    01:e6:6b:fa:4e:61:ac:a0:f6:15:52:f9:ca:9d:ef:
                    df:c9:7e:17:eb:6e:08:14:d9:ac:14:cc:f1:c2:6c:
                    b2:7d:44:68:5f:49:89:54:b1:c4:28:b0:fb:0d:16:
                    2a:dd:ec:51:ba:b8:0e:43:cb:fc:53:ea:61:d9:a2:
                    6f:a6:19:3d:57:5e:52:ee:e2:af:9e:32:ad:b7:3e:
                    4d:7a:f7:5d:77:e5:3a:96:ff:d0:32:ee:81:3d:d9:
                    3f:27:1f:8f:f1:fc:4b:6d:cd:e5:9e:e4:87:b5:2c:
                    d0:37:16:88:0f:35:61:7a:74:ed:c6:19:61:97:2a:
                    fb:63:71:67:1b:08:e9:9a:ed:3f:c2:a1:90:7d:77:
                    ff:a8:86:de:99:be:de:8b:89:26:c7:6d:19:df:85:
                    f0:b5:bd:e7:54:9d:7f:ea:ab:70:c9:e4:08:b7:57:
                    b5:91:0f:9a:82:61:57:13:11:46:03:27:1b:98:5a:
                    15:e5:d0:d0:93:7d:7b:88:cc:a9:71:db:50:19:27:
                    ed:cf:2f:47:d6:03:c8:90:19:f7:23:e4:8b:d3:9e:
                    23:3b:17:79:63:65:fd:24:19:0a:5a:4c:7e:4d:bf:
                    28:7b:43:bc:6a:e7:e9:e6:dd:f5:9a:ba:8e:bd:b3:
                    6d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:04:12:87:13:43:1C:F9:32:CF:0E:30:7E:FC:1A:84:6B:FD:6C:70
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:2b:39:d6:9e:95:2d:16:31:c5:0a:e3:94:c7:e7:fe:9a:02:
         bb:c0:fd:81:3a:dc:41:7e:17:dc:84:1e:d4:1b:b0:e2:df:e5:
         4c:0e:68:5c:4b:9b:18:50:c5:8f:d0:43:a0:f7:76:0b:fe:4c:
         79:68:2a:ec:30:03:77:99:41:00:0b:1a:6d:39:72:2b:79:04:
         f1:4d:01:94:71:e1:c2:dd:59:bf:a1:d1:eb:77:b2:0c:b8:f1:
         66:cf:27:70:77:00:af:e9:dd:33:6e:98:ae:4c:9f:1d:df:9f:
         ba:86:e6:a8:20:38:5a:57:b6:de:a0:7b:b8:d6:eb:94:86:b5:
         bb:d7:7b:10:e4:75:c3:4f:da:14:c7:3c:c8:dd:d7:dd:ea:5d:
         1e:94:eb:17:c5:c6:be:00:ad:26:e3:70:36:7e:11:1b:cd:a6:
         7e:7b:0e:0f:4a:c7:89:7f:10:61:e7:ce:4f:1b:ec:3b:ec:89:
         f4:a1:08:75:d9:5e:d0:85:cd:15:bd:53:33:5e:4a:6a:45:7e:
         b5:98:09:38:49:8a:f8:de:12:3d:df:bb:f5:c5:1a:67:ef:c6:
         d2:2c:58:21:7a:38:d4:c3:d6:a1:c0:a7:78:28:97:43:79:1d:
         1a:85:7d:1a:2e:6b:10:c3:95:2a:0c:c1:a0:bd:95:e6:22:c5:
         d0:ac:ee:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QPCgHzbw6YiVAH5Au6AoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjYwMzI5MTEwMDUwWhcNMjYwMzMwMTEwMDUwWjAzMTEwLwYDVQQD
Eyg0MDA0MTI4NzEzNDMxY2Y5MzJjZjBlMzA3ZWZjMWE4NDZiZmQ2YzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxFUi53tAXz5RwdijFAB5mv6TmGs
oPYVUvnKne/fyX4X624IFNmsFMzxwmyyfURoX0mJVLHEKLD7DRYq3exRurgOQ8v8
U+ph2aJvphk9V15S7uKvnjKttz5Nevddd+U6lv/QMu6BPdk/Jx+P8fxLbc3lnuSH
tSzQNxaIDzVhenTtxhlhlyr7Y3FnGwjpmu0/wqGQfXf/qIbemb7ei4kmx20Z34Xw
tb3nVJ1/6qtwyeQIt1e1kQ+agmFXExFGAycbmFoV5dDQk317iMypcdtQGSftzy9H
1gPIkBn3I+SL054jOxd5Y2X9JBkKWkx+Tb8oe0O8aufp5t31mrqOvbNtpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAEEocTQxz5Ms8OMH78GoRr/WxwMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaCs51p6V
LRYxxQrjlMfn/poCu8D9gTrcQX4X3IQe1Buw4t/lTA5oXEubGFDFj9BDoPd2C/5M
eWgq7DADd5lBAAsabTlyK3kE8U0BlHHhwt1Zv6HR63eyDLjxZs8ncHcAr+ndM26Y
rkyfHd+fuobmqCA4Wle23qB7uNbrlIa1u9d7EOR1w0/aFMc8yN3X3epdHpTrF8XG
vgCtJuNwNn4RG82mfnsOD0rHiX8QYefOTxvsO+yJ9KEIddle0IXNFb1TM15KakV+
tZgJOEmK+N4SPd+79cUaZ+/G0ixYIXo41MPWocCneCiXQ3kdGoV9Gi5rEMOVKgzB
oL2V5iLF0KzuZQ==
-----END CERTIFICATE-----