Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          wFliXeuiWLsEdhBL7bMRQLRSrm5CsIflBOtdsUYMLNE=
Subject key identifier:   29:FA:CA:7D:CD:99:81:45:3D:33:1B:26:2F:10:6F:72:EC:5A:7C:5F
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019EBE7F94FFD28D9E2BEACD225FD90E1B2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0C25
Signing time:             Sat 13 Jun 2026 01:01:32 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:32 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:32 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: DLNf3rLYhpr2vd2T2/6w6TeobMNFrjcZt0BxYNPTWig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:94:ff:d2:8d:9e:2b:ea:cd:22:5f:d9:0e:1b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Jun 13 01:01:32 2026 GMT
            Not After : Jun 14 01:01:32 2026 GMT
        Subject: CN=29faca7dcd9981453d331b262f106f72ec5a7c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:06:9b:be:b9:aa:46:41:e2:81:4b:31:11:98:
                    f7:c7:e9:7e:13:0b:a1:6c:a6:62:28:f7:a1:12:74:
                    ca:1e:b2:35:db:d2:8d:5d:e4:6e:32:78:dd:e2:45:
                    e1:00:71:dc:85:23:c6:ec:fe:6c:c4:cd:bc:01:f2:
                    f3:f3:17:34:c9:53:5c:08:3b:b7:be:47:0e:9e:73:
                    3c:68:52:ff:c5:52:11:db:c5:2f:60:6e:c6:9b:84:
                    f1:b2:04:eb:e3:64:9c:43:6f:a1:43:1a:51:98:63:
                    29:ec:b2:42:e6:43:c6:06:58:00:81:03:58:fb:a0:
                    de:bb:35:db:84:cf:ff:00:66:33:e5:0e:ec:2a:00:
                    4d:a3:5e:28:75:58:70:5e:94:32:98:41:c9:0a:89:
                    4e:23:7f:90:58:08:eb:04:88:5c:02:fe:8f:91:bc:
                    a6:52:30:f7:4b:66:b8:52:5a:7e:43:b5:3f:1c:7c:
                    49:3c:61:4c:9f:90:60:2e:c0:62:67:11:70:4f:be:
                    d8:10:f4:95:ba:e2:67:1c:72:5f:8b:8d:55:45:cf:
                    0b:55:8c:c7:97:79:2a:e1:e8:a3:2f:40:b0:39:96:
                    b1:52:1b:77:b2:48:43:13:52:04:17:fe:55:36:67:
                    82:c6:be:b0:56:97:73:5b:a6:c3:2e:fa:cf:cb:bd:
                    8a:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:FA:CA:7D:CD:99:81:45:3D:33:1B:26:2F:10:6F:72:EC:5A:7C:5F
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:5d:d1:30:03:6c:9c:79:82:30:08:13:77:6d:9f:ce:c4:96:
         46:c5:73:83:08:d6:74:10:b6:21:db:04:5a:24:b6:2e:12:3f:
         65:29:12:d4:07:0b:27:65:79:23:f6:bb:d2:3f:54:cc:3e:59:
         df:ad:b4:bd:80:fa:57:89:22:0a:f8:25:d9:a3:3f:d8:48:4b:
         f1:a2:f8:47:cd:e5:5e:60:da:76:22:88:33:d5:07:93:22:36:
         ba:40:1e:8c:68:ab:ee:f8:ec:6e:08:7a:0c:93:97:fb:77:8d:
         39:91:87:1a:c2:d1:8b:5b:54:f8:81:6a:67:2e:e4:7b:f0:90:
         7c:02:b6:97:03:e0:df:18:56:ba:ff:1e:79:c6:c3:25:42:0e:
         d8:34:a1:0e:f2:1d:6c:c6:3d:e6:e8:72:26:7a:89:63:54:29:
         97:9c:47:ba:ee:7e:62:a2:1f:a2:24:1f:9d:a6:21:f9:99:ce:
         94:b0:52:82:01:37:2a:18:79:54:db:7f:46:55:8e:6a:cb:1d:
         d2:52:35:31:d1:56:a3:d7:78:6f:4c:9a:d3:36:fd:94:41:63:
         66:c0:5d:03:b3:f3:a5:ba:07:5b:5d:5f:72:68:c6:90:45:c0:
         57:8c:3a:cd:12:43:f7:fa:6e:8a:81:fc:c1:bb:b2:bc:10:e9:
         e6:52:1a:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f5T/0o2eK+rNIl/ZDhsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjYwNjEzMDEwMTMyWhcNMjYwNjE0MDEwMTMyWjAzMTEwLwYDVQQD
EygyOWZhY2E3ZGNkOTk4MTQ1M2QzMzFiMjYyZjEwNmY3MmVjNWE3YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQabvrmqRkHigUsxEZj3x+l+Ewuh
bKZiKPehEnTKHrI129KNXeRuMnjd4kXhAHHchSPG7P5sxM28AfLz8xc0yVNcCDu3
vkcOnnM8aFL/xVIR28UvYG7Gm4TxsgTr42ScQ2+hQxpRmGMp7LJC5kPGBlgAgQNY
+6DeuzXbhM//AGYz5Q7sKgBNo14odVhwXpQymEHJColOI3+QWAjrBIhcAv6Pkbym
UjD3S2a4Ulp+Q7U/HHxJPGFMn5BgLsBiZxFwT77YEPSVuuJnHHJfi41VRc8LVYzH
l3kq4eijL0CwOZaxUht3skhDE1IEF/5VNmeCxr6wVpdzW6bDLvrPy72KsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCn6yn3NmYFFPTMbJi8Qb3LsWnxfMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACl3RMANs
nHmCMAgTd22fzsSWRsVzgwjWdBC2IdsEWiS2LhI/ZSkS1AcLJ2V5I/a70j9UzD5Z
3620vYD6V4kiCvgl2aM/2EhL8aL4R83lXmDadiKIM9UHkyI2ukAejGir7vjsbgh6
DJOX+3eNOZGHGsLRi1tU+IFqZy7ke/CQfAK2lwPg3xhWuv8eecbDJUIO2DShDvId
bMY95uhyJnqJY1Qpl5xHuu5+YqIfoiQfnaYh+ZnOlLBSggE3Khh5VNt/RlWOassd
0lI1MdFWo9d4b0ya0zb9lEFjZsBdA7PzpboHW11fcmjGkEXAV4w6zRJD9/puioH8
wbuyvBDp5lIajA==
-----END CERTIFICATE-----