Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
File:                     3Feh-cEhycK2-U04p1-_3MVN8Fs.mft (raw, json)
Hash identifier:          95QciWFcPz4VgFtlTOAVXSK2s0iy0rFeTQGjeQDBEzs=
Subject key identifier:   9F:31:BB:EA:B9:C3:F5:1F:52:BC:D7:C4:07:DE:1D:F8:20:E1:3F:7E
Authority key identifier: DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B
Certificate issuer:       /CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
Certificate serial:       019E30058C0991FE7A01DEFA6570BA643EC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
Manifest number:          0D85
Signing time:             Sat 16 May 2026 09:02:10 +0000
Manifest this update:     Sat 16 May 2026 09:02:10 +0000
Manifest next update:     Sun 17 May 2026 09:02:10 +0000
Files and hashes:         1: 3Feh-cEhycK2-U04p1-_3MVN8Fs.crl (hash: rHD50DsLBX77I49SV4ZrlYgVtMLXodZqvg/A9A0pZYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:05:8c:09:91:fe:7a:01:de:fa:65:70:ba:64:3e:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
        Validity
            Not Before: May 16 09:02:10 2026 GMT
            Not After : May 17 09:02:10 2026 GMT
        Subject: CN=9f31bbeab9c3f51f52bcd7c407de1df820e13f7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:64:c6:51:9b:b3:2d:64:a9:0a:91:05:c6:1b:
                    d0:f4:ea:3c:2b:0b:fc:12:d7:fe:4b:a8:c0:27:be:
                    84:59:6c:fd:15:b9:e7:10:92:f6:5b:08:f3:b2:77:
                    f4:3a:a5:86:d8:83:7e:09:57:70:ee:2d:97:dc:a3:
                    a9:bb:7b:35:be:47:1e:ce:e0:e9:b2:4f:3c:2d:df:
                    9a:6c:5c:68:5e:e2:6c:3c:e3:f9:de:71:9b:bd:fa:
                    77:f4:02:9f:f9:c6:87:79:14:a1:ac:5a:6e:9e:43:
                    64:d1:02:84:f4:fc:83:cc:4c:58:48:27:e7:ae:51:
                    a1:f2:03:bf:7e:6d:db:83:e6:f1:13:21:72:ff:bf:
                    e9:a7:25:00:51:bf:fa:b2:ea:77:58:3f:ac:fc:03:
                    b8:5c:77:47:7f:4b:75:2e:10:81:ba:35:ab:ab:66:
                    e0:f4:46:44:fc:82:6a:ae:2a:65:8d:ee:75:34:61:
                    f2:36:8d:e0:f7:4b:4d:98:61:6b:7f:c1:28:98:b6:
                    7e:8b:e4:a5:3e:89:1e:a2:81:ba:1e:59:d0:59:7b:
                    45:6a:84:45:c2:8d:43:84:7a:4c:99:89:18:9a:24:
                    3c:e3:bf:5f:bc:db:a2:f4:d6:b9:1d:40:5a:ab:a5:
                    da:69:55:e1:93:c5:27:34:38:2f:3b:1d:26:a8:6d:
                    1d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:31:BB:EA:B9:C3:F5:1F:52:BC:D7:C4:07:DE:1D:F8:20:E1:3F:7E
            X509v3 Authority Key Identifier:
                keyid:DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:c8:d5:70:ea:a4:95:c6:a6:6e:c8:44:2e:e3:46:e4:0c:f2:
         8b:6d:80:94:25:74:38:e4:98:43:1d:c3:90:41:e6:1e:3d:53:
         b0:f9:49:f0:0b:d8:70:4b:d3:a4:53:6f:44:e0:83:2d:d1:e7:
         71:30:c4:13:d3:16:ae:9d:e3:77:5e:fb:72:87:3e:b8:8d:ee:
         cc:e4:18:84:f8:87:64:11:e7:53:07:68:3a:4a:5d:dd:de:82:
         42:a7:ea:62:c6:40:74:8e:5a:b8:98:13:cd:1a:71:f1:14:4d:
         0e:2a:33:96:fa:79:2b:92:1f:1e:b5:03:66:67:49:fe:6f:f6:
         ea:99:51:0e:7f:18:55:93:63:13:af:9e:74:6d:d7:79:da:53:
         51:0c:d1:ad:a9:45:f5:0d:e1:0c:cd:91:97:58:44:e5:2d:c4:
         8d:d9:28:9a:b4:a2:f2:63:7b:47:e6:e8:a0:b0:05:0d:f2:b5:
         2c:ce:dd:6d:9a:b9:66:bb:ba:cf:4a:f8:b9:07:19:45:f2:ec:
         99:8e:87:b7:0f:77:cf:6c:eb:51:bb:19:59:73:e0:7c:0e:98:
         85:f0:13:bb:2e:6b:9b:bb:0d:f2:53:a7:8d:40:26:92:a8:e9:
         5e:17:8c:79:2a:4a:27:7e:3a:9e:06:ba:71:f7:3e:b8:3b:28:
         17:64:cb:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBYwJkf56Ad76ZXC6ZD7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNTdhMWY5YzEyMWM5YzJiNmY5NGQzOGE3NWZiZmRjYzU0
ZGYwNWIwHhcNMjYwNTE2MDkwMjEwWhcNMjYwNTE3MDkwMjEwWjAzMTEwLwYDVQQD
Eyg5ZjMxYmJlYWI5YzNmNTFmNTJiY2Q3YzQwN2RlMWRmODIwZTEzZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWTGUZuzLWSpCpEFxhvQ9Oo8Kwv8
Etf+S6jAJ76EWWz9FbnnEJL2Wwjzsnf0OqWG2IN+CVdw7i2X3KOpu3s1vkcezuDp
sk88Ld+abFxoXuJsPOP53nGbvfp39AKf+caHeRShrFpunkNk0QKE9PyDzExYSCfn
rlGh8gO/fm3bg+bxEyFy/7/ppyUAUb/6sup3WD+s/AO4XHdHf0t1LhCBujWrq2bg
9EZE/IJqriplje51NGHyNo3g90tNmGFrf8EomLZ+i+SlPokeooG6HlnQWXtFaoRF
wo1DhHpMmYkYmiQ8479fvNui9Na5HUBaq6XaaVXhk8UnNDgvOx0mqG0dMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8xu+q5w/UfUrzXxAfeHfgg4T9+MB8GA1UdIwQY
MBaAFNxXofnBIcnCtvlNOKdfv9zFTfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUt
ZGQxMTNjNjk4ZDEyLzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUtZGQxMTNjNjk4ZDEy
LzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOcjVcOqk
lcambshELuNG5Azyi22AlCV0OOSYQx3DkEHmHj1TsPlJ8AvYcEvTpFNvROCDLdHn
cTDEE9MWrp3jd177coc+uI3uzOQYhPiHZBHnUwdoOkpd3d6CQqfqYsZAdI5auJgT
zRpx8RRNDiozlvp5K5IfHrUDZmdJ/m/26plRDn8YVZNjE6+edG3XedpTUQzRralF
9Q3hDM2Rl1hE5S3EjdkomrSi8mN7R+booLAFDfK1LM7dbZq5Zru6z0r4uQcZRfLs
mY6Htw93z2zrUbsZWXPgfA6YhfATuy5rm7sN8lOnjUAmkqjpXheMeSpKJ346nga6
cfc+uDsoF2TL/A==
-----END CERTIFICATE-----