Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          Z7rRx7aDAQD30ZdhGGO17dpCUeTGfEh1vyX9KGwjhrM=
Subject key identifier:   24:4A:FF:F3:26:F1:38:7E:42:96:60:07:41:DB:93:15:60:13:47:4B
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019EBE7F5A7F65A79FA918083EBFA3DE8287
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          10FA
Signing time:             Sat 13 Jun 2026 01:01:17 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:17 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:17 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: Qy3Z2ir+GdRF/cZ5B4Vp7B76C8m+CS4ciGxVjFKUmOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:5a:7f:65:a7:9f:a9:18:08:3e:bf:a3:de:82:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Jun 13 01:01:17 2026 GMT
            Not After : Jun 14 01:01:17 2026 GMT
        Subject: CN=244afff326f1387e4296600741db93156013474b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e2:e4:5c:68:5a:aa:b4:ca:d3:67:93:ef:eb:
                    17:d8:40:45:3e:25:64:36:0d:3a:62:a7:b1:17:f6:
                    fe:d6:03:a4:09:87:5c:d3:a6:2b:00:1a:93:7d:ba:
                    f0:20:47:0a:79:28:e8:bf:72:75:99:1a:27:79:0f:
                    db:c4:f9:56:29:2e:84:9d:30:7c:00:49:21:a9:f6:
                    73:7a:c2:17:c2:a7:0e:f4:ea:53:18:ec:00:89:8b:
                    59:a1:1e:e7:bc:bb:a1:72:f1:a4:68:ba:9d:28:44:
                    43:58:99:d0:bc:e7:e9:1d:41:5c:48:80:97:26:36:
                    33:8e:63:60:c5:8b:c0:8e:07:b3:91:2e:6f:17:78:
                    3a:26:88:e8:16:b9:b7:22:31:d8:32:2d:4f:6c:56:
                    68:a0:4d:89:e5:6d:66:20:5a:3b:6e:3d:ff:f5:1e:
                    54:e3:25:34:92:ce:a1:7e:84:d0:3a:a0:45:13:8e:
                    df:bf:c2:06:3b:c0:eb:c9:fd:47:79:43:1c:b0:03:
                    34:81:2c:92:84:be:85:36:3f:7a:8c:12:16:3d:bf:
                    36:e1:72:10:6d:7c:e0:c9:16:ab:99:f6:93:2d:35:
                    35:74:fd:46:ec:da:e8:aa:90:96:28:8a:62:22:b9:
                    29:61:f3:39:17:e2:3d:d1:6b:46:86:f6:aa:89:2b:
                    e9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:4A:FF:F3:26:F1:38:7E:42:96:60:07:41:DB:93:15:60:13:47:4B
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:3f:28:96:c7:ac:2f:1d:b0:a2:e6:fe:cd:3f:6d:8a:f2:26:
         28:a7:5e:d0:f5:b5:a6:72:eb:55:2e:80:9f:b5:87:4d:37:d1:
         f3:ec:b6:87:78:d7:5b:2b:c9:b2:24:d4:79:5b:7f:14:f7:f8:
         46:63:6e:08:f3:85:3a:fd:a2:6a:e6:76:d1:63:22:5f:42:b5:
         9a:3a:46:fe:db:cb:b0:2a:25:fe:c1:fc:53:3a:80:81:52:5e:
         5f:2a:b3:ba:4c:62:a1:f7:50:27:b3:c4:d1:01:60:6a:29:a3:
         46:47:0c:46:92:2c:a5:fd:7b:35:db:47:8b:59:b2:b4:54:d7:
         fb:bb:e7:fa:07:30:06:8e:e5:3f:f1:60:55:eb:94:3b:20:9a:
         4d:77:d3:95:8a:e8:6d:af:7a:0e:29:fb:61:a6:ab:cb:57:7a:
         c6:b0:f6:15:c4:c9:b8:ea:99:2f:8c:0b:85:1d:48:76:02:bb:
         2e:af:74:29:48:eb:d6:18:20:06:20:c9:b8:2a:f1:42:ef:ed:
         cd:6f:4d:6e:9d:d4:ad:79:82:9e:53:da:c6:6e:2d:96:a0:f1:
         58:2f:e0:98:c3:99:21:8d:44:a4:a0:bc:af:6e:e6:4b:b4:d2:
         76:89:52:fe:4a:a8:b0:83:29:3b:6f:35:00:67:d6:91:9c:56:
         8f:34:c0:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f1p/ZaefqRgIPr+j3oKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwNjEzMDEwMTE3WhcNMjYwNjE0MDEwMTE3WjAzMTEwLwYDVQQD
EygyNDRhZmZmMzI2ZjEzODdlNDI5NjYwMDc0MWRiOTMxNTYwMTM0NzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseLkXGhaqrTK02eT7+sX2EBFPiVk
Ng06YqexF/b+1gOkCYdc06YrABqTfbrwIEcKeSjov3J1mRoneQ/bxPlWKS6EnTB8
AEkhqfZzesIXwqcO9OpTGOwAiYtZoR7nvLuhcvGkaLqdKERDWJnQvOfpHUFcSICX
JjYzjmNgxYvAjgezkS5vF3g6JojoFrm3IjHYMi1PbFZooE2J5W1mIFo7bj3/9R5U
4yU0ks6hfoTQOqBFE47fv8IGO8Dryf1HeUMcsAM0gSyShL6FNj96jBIWPb824XIQ
bXzgyRarmfaTLTU1dP1G7NroqpCWKIpiIrkpYfM5F+I90WtGhvaqiSvpUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRK//Mm8Th+QpZgB0HbkxVgE0dLMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAID8olses
Lx2woub+zT9tivImKKde0PW1pnLrVS6An7WHTTfR8+y2h3jXWyvJsiTUeVt/FPf4
RmNuCPOFOv2iauZ20WMiX0K1mjpG/tvLsCol/sH8UzqAgVJeXyqzukxiofdQJ7PE
0QFgaimjRkcMRpIspf17NdtHi1mytFTX+7vn+gcwBo7lP/FgVeuUOyCaTXfTlYro
ba96Din7Yaary1d6xrD2FcTJuOqZL4wLhR1IdgK7Lq90KUjr1hggBiDJuCrxQu/t
zW9Nbp3UrXmCnlPaxm4tlqDxWC/gmMOZIY1EpKC8r27mS7TSdolS/kqosIMpO281
AGfWkZxWjzTATA==
-----END CERTIFICATE-----