Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          5dFPVcyRoIA+8vzizh7sR9+grSTfaVvTTXB/s2D78Vg=
Subject key identifier:   49:E6:5A:46:D2:8F:80:1C:41:1C:00:14:24:ED:85:20:F0:D4:6E:B3
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019EBE7EDB075E990219D51A9445CB25225E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0A7F
Signing time:             Sat 13 Jun 2026 01:00:45 +0000
Manifest this update:     Sat 13 Jun 2026 01:00:45 +0000
Manifest next update:     Sun 14 Jun 2026 01:00:45 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: ubTDJIeXS4jAsn8CUsQheAzuBPXRYDUk0ijJZizfEJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7e:db:07:5e:99:02:19:d5:1a:94:45:cb:25:22:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Jun 13 01:00:45 2026 GMT
            Not After : Jun 14 01:00:45 2026 GMT
        Subject: CN=49e65a46d28f801c411c001424ed8520f0d46eb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9f:07:e8:fc:5c:19:91:4b:95:25:11:28:a9:
                    b4:f8:1f:b2:f7:42:2d:40:34:f6:07:ba:07:88:09:
                    c1:56:1a:52:9a:54:f0:26:20:ad:5c:14:55:c6:e4:
                    76:b4:70:9c:31:4c:5e:c0:46:8d:aa:db:01:61:ed:
                    60:c0:f4:5d:e8:61:6a:e5:a5:0f:48:74:c1:72:48:
                    14:60:c3:2e:13:15:80:f6:87:41:66:77:e5:a9:73:
                    f1:a3:02:16:aa:d2:fa:99:6d:ea:ce:2a:0b:b9:c4:
                    7d:09:29:85:94:97:76:5c:d6:e5:94:f6:63:f4:32:
                    94:cc:b2:3c:95:50:17:66:6f:dd:59:df:c8:c3:ce:
                    b1:45:9e:16:c8:ec:28:2f:30:66:89:aa:d3:24:f7:
                    6f:de:95:14:d4:fd:06:ae:4a:77:5d:36:67:42:37:
                    96:12:11:4b:81:c5:93:74:f4:69:5f:fa:ef:94:8c:
                    20:f3:f8:3f:72:2e:fd:74:4c:0c:f3:9f:f5:5a:68:
                    77:9b:69:3b:bc:f9:53:1a:be:3f:9e:36:33:37:5a:
                    9f:73:35:0d:4a:d4:a8:ab:71:a5:b5:69:25:e9:aa:
                    b2:68:68:6b:e4:b6:0f:d5:58:85:0b:c3:04:f0:ea:
                    20:92:55:f5:98:dc:e6:ab:fe:d5:57:fb:b3:5f:b0:
                    70:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:E6:5A:46:D2:8F:80:1C:41:1C:00:14:24:ED:85:20:F0:D4:6E:B3
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:1f:a6:34:e4:06:16:d3:2d:04:c0:2b:2f:c1:ce:3a:b5:98:
         37:eb:70:85:4c:c0:76:ae:68:3f:25:50:05:f2:af:6b:02:7b:
         3c:b9:ee:67:cf:f1:a8:fb:e1:31:a5:e3:6c:7f:5f:ca:9f:a9:
         03:a3:f9:4b:bf:9c:19:e8:d0:f4:3b:f7:5a:42:85:a8:34:f3:
         e7:af:06:b0:b2:e1:9f:0c:47:c2:a2:97:f4:3b:0d:8b:a9:56:
         c3:0e:08:d3:36:51:db:0f:65:47:1f:6a:5e:92:77:71:5f:84:
         20:04:71:a0:18:17:27:94:d0:f3:01:9f:6d:7b:3f:c6:14:df:
         e9:45:db:45:98:60:ab:8d:40:db:c1:fa:55:fc:d0:0a:e7:ef:
         cf:54:09:7b:87:c3:8b:c8:1f:ff:11:dd:ed:a1:e7:74:ae:e0:
         74:67:17:ba:da:06:19:fc:9a:7f:c8:87:2b:d8:df:0f:2c:cb:
         c1:b0:20:2b:04:3d:d1:25:95:9a:95:a3:a3:42:5a:31:22:18:
         6f:cf:92:5a:d5:50:f2:78:50:ed:1c:2b:93:0a:d3:f8:c2:06:
         64:90:c0:ac:f3:69:1f:79:55:7a:21:10:de:3c:00:8f:25:4e:
         65:23:b5:c1:d4:9f:34:3a:57:6b:16:f1:30:91:22:ca:11:a2:
         ef:3f:ae:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+ftsHXpkCGdUalEXLJSJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwNjEzMDEwMDQ1WhcNMjYwNjE0MDEwMDQ1WjAzMTEwLwYDVQQD
Eyg0OWU2NWE0NmQyOGY4MDFjNDExYzAwMTQyNGVkODUyMGYwZDQ2ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ8H6PxcGZFLlSURKKm0+B+y90It
QDT2B7oHiAnBVhpSmlTwJiCtXBRVxuR2tHCcMUxewEaNqtsBYe1gwPRd6GFq5aUP
SHTBckgUYMMuExWA9odBZnflqXPxowIWqtL6mW3qzioLucR9CSmFlJd2XNbllPZj
9DKUzLI8lVAXZm/dWd/Iw86xRZ4WyOwoLzBmiarTJPdv3pUU1P0Grkp3XTZnQjeW
EhFLgcWTdPRpX/rvlIwg8/g/ci79dEwM85/1Wmh3m2k7vPlTGr4/njYzN1qfczUN
StSoq3GltWkl6aqyaGhr5LYP1ViFC8ME8OogklX1mNzmq/7VV/uzX7BwMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnmWkbSj4AcQRwAFCTthSDw1G6zMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVR+mNOQG
FtMtBMArL8HOOrWYN+twhUzAdq5oPyVQBfKvawJ7PLnuZ8/xqPvhMaXjbH9fyp+p
A6P5S7+cGejQ9Dv3WkKFqDTz568GsLLhnwxHwqKX9DsNi6lWww4I0zZR2w9lRx9q
XpJ3cV+EIARxoBgXJ5TQ8wGfbXs/xhTf6UXbRZhgq41A28H6VfzQCufvz1QJe4fD
i8gf/xHd7aHndK7gdGcXutoGGfyaf8iHK9jfDyzLwbAgKwQ90SWVmpWjo0JaMSIY
b8+SWtVQ8nhQ7RwrkwrT+MIGZJDArPNpH3lVeiEQ3jwAjyVOZSO1wdSfNDpXaxbx
MJEiyhGi7z+uAw==
-----END CERTIFICATE-----