Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          nrFwXjbvoTxcLccf3sP72BW/BrVAqS0utkPuf1qoxiE=
Subject key identifier:   6E:E2:EB:D8:10:60:61:7D:63:C5:15:71:A8:BD:16:A9:CA:2D:00:6C
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019D98F53B8EF981BF6A2E6D8BC7E46D32B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0B8D
Signing time:             Fri 17 Apr 2026 01:01:41 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:41 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:41 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: biZD1OAUvR+V/pq3I1J5dMn+3rHZfMCsQm0QZxPpFVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:3b:8e:f9:81:bf:6a:2e:6d:8b:c7:e4:6d:32:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Apr 17 01:01:41 2026 GMT
            Not After : Apr 18 01:01:41 2026 GMT
        Subject: CN=6ee2ebd81060617d63c51571a8bd16a9ca2d006c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e1:54:46:b6:cc:b7:a5:b2:de:77:75:3f:45:
                    a2:dd:92:72:f9:75:ca:2e:b3:4f:35:d6:ae:c6:a1:
                    1a:14:d1:e0:a6:5f:74:33:68:15:79:cf:b2:ea:c1:
                    d7:68:5e:ec:6b:b7:be:40:13:f6:9d:c1:af:d0:fa:
                    5e:f7:1f:3d:96:e3:7a:5d:6e:d4:6d:8a:0d:20:24:
                    94:17:af:ed:9a:19:fe:45:86:d3:7d:31:e4:16:09:
                    ae:58:48:7e:30:9d:b1:ec:5b:db:a7:3e:9b:92:75:
                    5a:2f:5a:02:be:3a:85:9e:8f:1e:5f:15:de:c0:30:
                    b1:4a:23:d8:9c:55:75:96:3f:cf:fe:74:e7:f3:b9:
                    75:c3:e7:61:0e:ff:81:3c:63:ef:57:8e:b3:91:b9:
                    60:89:c0:37:6c:3e:7b:6c:e3:a6:fc:24:51:c2:58:
                    98:fc:95:94:5a:9b:59:54:7a:5b:ef:1c:c9:15:a0:
                    1f:15:b4:3b:98:ac:12:7f:7c:cc:cb:3c:d2:4b:59:
                    4e:19:91:6d:22:9e:b5:2d:3a:3a:dd:94:43:88:1c:
                    82:60:a3:3d:5f:24:1e:c6:8d:96:0b:b2:84:58:02:
                    7e:9e:1c:d5:59:f0:91:34:15:86:2a:4b:06:1c:cb:
                    06:8c:80:52:b6:69:d2:69:29:fb:84:ae:9f:21:30:
                    dd:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E2:EB:D8:10:60:61:7D:63:C5:15:71:A8:BD:16:A9:CA:2D:00:6C
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:aa:88:fe:c9:95:92:40:a8:95:a3:26:fd:8d:bf:0b:a4:38:
         db:e1:a3:69:18:56:35:bc:96:f5:45:62:df:e1:ec:a5:f7:c4:
         df:eb:ac:4b:73:c4:93:4c:38:53:33:06:33:76:a8:fc:1f:bc:
         e4:e0:c8:07:3d:87:63:28:ef:10:c9:cb:79:9b:3e:62:2e:fd:
         0a:47:09:0d:5c:b2:a6:de:31:0c:ae:48:b9:0d:77:8e:d4:8e:
         f1:b8:01:38:e3:c2:83:54:58:28:c6:6b:5a:fa:d3:15:06:68:
         a8:c1:22:6e:75:99:56:63:34:51:0e:eb:cf:cb:d4:9c:fa:2b:
         22:f7:3e:5d:13:0f:7f:cf:29:f0:14:92:a7:56:15:87:e9:f9:
         90:65:88:70:22:28:74:8f:69:00:e4:3a:27:c8:13:f5:45:0b:
         50:ad:b7:95:97:04:f6:a9:bc:e9:08:0a:7a:80:61:7e:86:11:
         73:5c:e5:30:8d:a8:c1:59:37:6e:9d:e8:35:03:a6:20:9b:0e:
         d4:5b:6f:80:fc:98:ed:66:37:06:15:01:6f:07:91:55:c5:1c:
         3a:1e:ff:2c:7a:16:9c:e0:30:53:e4:9e:0f:51:6c:37:55:e4:
         7b:e1:bb:f7:6d:67:f0:76:82:65:21:f7:2a:4b:fb:23:e0:70:
         97:9b:b6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9TuO+YG/ai5ti8fkbTKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjYwNDE3MDEwMTQxWhcNMjYwNDE4MDEwMTQxWjAzMTEwLwYDVQQD
Eyg2ZWUyZWJkODEwNjA2MTdkNjNjNTE1NzFhOGJkMTZhOWNhMmQwMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuFURrbMt6Wy3nd1P0Wi3ZJy+XXK
LrNPNdauxqEaFNHgpl90M2gVec+y6sHXaF7sa7e+QBP2ncGv0Ppe9x89luN6XW7U
bYoNICSUF6/tmhn+RYbTfTHkFgmuWEh+MJ2x7Fvbpz6bknVaL1oCvjqFno8eXxXe
wDCxSiPYnFV1lj/P/nTn87l1w+dhDv+BPGPvV46zkblgicA3bD57bOOm/CRRwliY
/JWUWptZVHpb7xzJFaAfFbQ7mKwSf3zMyzzSS1lOGZFtIp61LTo63ZRDiByCYKM9
XyQexo2WC7KEWAJ+nhzVWfCRNBWGKksGHMsGjIBStmnSaSn7hK6fITDd3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7i69gQYGF9Y8UVcai9FqnKLQBsMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqqI/smV
kkColaMm/Y2/C6Q42+GjaRhWNbyW9UVi3+HspffE3+usS3PEk0w4UzMGM3ao/B+8
5ODIBz2HYyjvEMnLeZs+Yi79CkcJDVyypt4xDK5IuQ13jtSO8bgBOOPCg1RYKMZr
WvrTFQZoqMEibnWZVmM0UQ7rz8vUnPorIvc+XRMPf88p8BSSp1YVh+n5kGWIcCIo
dI9pAOQ6J8gT9UULUK23lZcE9qm86QgKeoBhfoYRc1zlMI2owVk3bp3oNQOmIJsO
1FtvgPyY7WY3BhUBbweRVcUcOh7/LHoWnOAwU+SeD1FsN1Xke+G7921n8HaCZSH3
Kkv7I+Bwl5u23Q==
-----END CERTIFICATE-----