Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
File:                     3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json)
Hash identifier:          M1gPHKg/xlMxVrSSpPKLiyXEAsQ/Ywrm4dR7u4cFeds=
Subject key identifier:   AC:75:9C:1A:C8:44:B6:FA:50:5A:C3:09:B8:D8:60:25:6C:15:0B:52
Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1
Certificate issuer:       /CN=dc4be25375942276b2644097dc3d5a875afb8af1
Certificate serial:       019E318501FD507734528F40FFEAAAC4DD9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
Manifest number:          0BC4
Signing time:             Sat 16 May 2026 16:01:00 +0000
Manifest this update:     Sat 16 May 2026 16:01:00 +0000
Manifest next update:     Sun 17 May 2026 16:01:00 +0000
Files and hashes:         1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: ROjq04MdQSgpjgXac9oC88apB12bdLvvFnQQjGNrNK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:85:01:fd:50:77:34:52:8f:40:ff:ea:aa:c4:dd:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1
        Validity
            Not Before: May 16 16:01:00 2026 GMT
            Not After : May 17 16:01:00 2026 GMT
        Subject: CN=ac759c1ac844b6fa505ac309b8d860256c150b52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ee:72:1a:f2:3b:55:a8:c8:ca:8a:f6:0f:ab:
                    d4:aa:d0:f8:99:a5:cc:19:6d:7d:34:72:78:b4:d1:
                    e4:0c:3e:11:f9:d9:6c:ed:46:1c:77:c1:71:b7:96:
                    01:30:ef:27:e9:2d:e8:06:cc:87:ca:09:57:ae:15:
                    b6:45:31:7a:50:c7:5e:4b:70:e2:93:6f:b1:f5:3b:
                    85:11:2b:95:b7:61:1a:ad:78:d7:80:cc:67:83:72:
                    1c:7b:e7:45:0a:74:66:90:52:66:55:94:a0:02:b7:
                    18:13:9a:23:b6:f7:b0:ed:5b:aa:62:71:65:e2:0f:
                    01:e5:1c:e5:b7:b3:59:52:fe:51:54:1a:9c:32:20:
                    d8:60:5a:90:39:3e:9c:ad:0f:02:eb:74:00:4a:92:
                    75:20:eb:b3:95:07:ca:be:25:9f:d0:d2:60:e8:09:
                    2a:45:de:96:9a:33:7b:24:c5:49:5c:c7:c3:95:03:
                    35:6e:55:49:fa:f0:06:de:2b:e1:5c:a2:a7:ed:c6:
                    c5:2c:e8:3d:7b:94:44:54:53:81:8b:e0:51:17:6e:
                    34:cc:9c:a6:ae:d5:da:7e:dd:45:04:4a:7a:34:34:
                    c4:fe:c2:6b:81:da:11:16:3a:7f:a4:4e:10:c4:2f:
                    1d:1d:46:ce:9d:0e:99:50:34:af:08:47:6e:ac:81:
                    b9:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:75:9C:1A:C8:44:B6:FA:50:5A:C3:09:B8:D8:60:25:6C:15:0B:52
            X509v3 Authority Key Identifier:
                keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:0c:43:68:05:d2:07:1e:62:f6:f9:d4:2d:13:ec:f8:93:7a:
         b1:79:5f:38:7a:9b:31:5b:21:e4:6a:58:3e:c8:7c:a2:2a:cc:
         f8:5e:86:90:5a:f2:f5:d6:31:0b:ff:c8:e4:79:8c:59:1d:23:
         2f:d7:ca:71:01:f7:11:66:30:81:a3:95:27:15:4f:7d:1b:3e:
         c4:71:ed:4b:c3:82:bf:e7:7c:23:d6:47:cb:76:8c:0b:41:27:
         be:72:41:cd:01:6a:91:9a:6b:97:f0:7d:8f:a8:d2:19:fb:bd:
         17:ca:52:eb:ab:01:e9:bf:43:af:3d:54:e5:c6:f3:66:91:a0:
         c4:67:94:ec:9c:74:7b:bd:cf:60:3a:97:16:d8:cc:48:02:a1:
         68:17:72:34:9a:e4:8f:e6:db:4c:e6:73:28:57:e2:5b:30:fe:
         22:71:83:24:94:7a:0e:c3:51:7d:40:8b:bb:01:b4:81:9d:ec:
         05:15:85:37:ce:9d:55:e6:5e:0a:64:d8:79:c9:af:ae:08:a8:
         87:f2:c1:7b:7b:23:ee:85:77:39:87:31:13:ac:85:53:b6:4f:
         b2:15:7e:80:bb:ab:6c:6d:14:62:7b:f0:3f:36:e5:00:c7:0d:
         06:7c:6f:27:e3:fa:b5:a6:0b:a5:46:d2:38:70:10:a9:cc:96:
         6f:a9:72:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhQH9UHc0Uo9A/+qqxN2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm
YjhhZjEwHhcNMjYwNTE2MTYwMTAwWhcNMjYwNTE3MTYwMTAwWjAzMTEwLwYDVQQD
EyhhYzc1OWMxYWM4NDRiNmZhNTA1YWMzMDliOGQ4NjAyNTZjMTUwYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2O5yGvI7VajIyor2D6vUqtD4maXM
GW19NHJ4tNHkDD4R+dls7UYcd8Fxt5YBMO8n6S3oBsyHyglXrhW2RTF6UMdeS3Di
k2+x9TuFESuVt2EarXjXgMxng3Ice+dFCnRmkFJmVZSgArcYE5ojtvew7VuqYnFl
4g8B5Rzlt7NZUv5RVBqcMiDYYFqQOT6crQ8C63QASpJ1IOuzlQfKviWf0NJg6Akq
Rd6WmjN7JMVJXMfDlQM1blVJ+vAG3ivhXKKn7cbFLOg9e5REVFOBi+BRF240zJym
rtXaft1FBEp6NDTE/sJrgdoRFjp/pE4QxC8dHUbOnQ6ZUDSvCEdurIG5AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKx1nBrIRLb6UFrDCbjYYCVsFQtSMB8GA1UdIwQY
MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt
MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl
LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANwxDaAXS
Bx5i9vnULRPs+JN6sXlfOHqbMVsh5GpYPsh8oirM+F6GkFry9dYxC//I5HmMWR0j
L9fKcQH3EWYwgaOVJxVPfRs+xHHtS8OCv+d8I9ZHy3aMC0EnvnJBzQFqkZprl/B9
j6jSGfu9F8pS66sB6b9Drz1U5cbzZpGgxGeU7Jx0e73PYDqXFtjMSAKhaBdyNJrk
j+bbTOZzKFfiWzD+InGDJJR6DsNRfUCLuwG0gZ3sBRWFN86dVeZeCmTYecmvrgio
h/LBe3sj7oV3OYcxE6yFU7ZPshV+gLurbG0UYnvwPzblAMcNBnxvJ+P6taYLpUbS
OHAQqcyWb6lyhQ==
-----END CERTIFICATE-----