Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft
File:                     3sQzl3xytL5diI9WhT7TGh_x78Y.mft (raw, json)
Hash identifier:          1OIULxFU5P3wEi4ukWolYj3zqMERbhm6AbQIEYCy0oo=
Subject key identifier:   78:E6:62:F9:F3:D7:3E:A4:8A:9B:F6:8A:51:95:D6:F1:E7:2E:67:26
Authority key identifier: DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6
Certificate issuer:       /CN=dec433977c72b4be5d888f56853ed31a1ff1efc6
Certificate serial:       019D9DAD8F32EC17B9252A3D246CDFA2F100
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft
Manifest number:          0FA3
Signing time:             Fri 17 Apr 2026 23:01:30 +0000
Manifest this update:     Fri 17 Apr 2026 23:01:30 +0000
Manifest next update:     Sat 18 Apr 2026 23:01:30 +0000
Files and hashes:         1: 3sQzl3xytL5diI9WhT7TGh_x78Y.crl (hash: Xqhg729WbmIjTCuYQx1VQOAcIy3mv56IUtlqoENCrhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9d:ad:8f:32:ec:17:b9:25:2a:3d:24:6c:df:a2:f1:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dec433977c72b4be5d888f56853ed31a1ff1efc6
        Validity
            Not Before: Apr 17 23:01:30 2026 GMT
            Not After : Apr 18 23:01:30 2026 GMT
        Subject: CN=78e662f9f3d73ea48a9bf68a5195d6f1e72e6726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:26:da:66:ff:d5:f3:ac:5c:00:34:a0:c5:01:
                    b4:49:67:b8:79:02:1d:4d:7e:26:03:4d:41:f5:21:
                    dd:81:39:84:6b:f0:44:b0:ec:39:cf:06:ce:f6:11:
                    84:82:05:01:28:6b:c3:f5:b6:e7:34:44:2a:c4:2d:
                    25:72:56:47:fb:19:97:68:69:e1:c6:a5:0e:63:ed:
                    90:c5:37:3f:5b:24:4a:6a:8f:08:c3:a9:8c:83:ab:
                    1e:41:6b:2c:5b:2d:b1:05:70:24:46:bf:fb:86:df:
                    5c:39:89:07:e0:7a:59:5c:dc:23:94:b0:df:d8:5f:
                    7c:82:22:6b:18:64:b1:84:dc:1d:4d:9a:6d:2b:e4:
                    77:c8:11:14:51:5e:90:69:39:60:e3:9d:e8:f3:92:
                    ec:8e:ae:b3:66:69:7d:42:a0:51:a8:09:ab:2b:31:
                    24:1a:c8:5d:6f:bd:d0:74:0b:72:73:30:7d:4e:35:
                    c2:5a:9e:60:5c:49:bd:1b:a8:5e:0c:58:9f:b5:aa:
                    a8:fa:86:ba:63:94:65:d5:1b:bc:10:94:1f:b2:26:
                    05:e1:8d:0e:63:f5:bc:57:cd:39:c9:60:d0:3e:73:
                    b1:3a:9a:bc:af:dc:a7:96:3d:27:d9:89:52:8d:23:
                    f5:5c:c0:9a:40:19:d0:0b:70:a5:a9:f1:51:9a:b0:
                    03:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:E6:62:F9:F3:D7:3E:A4:8A:9B:F6:8A:51:95:D6:F1:E7:2E:67:26
            X509v3 Authority Key Identifier:
                keyid:DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:48:68:43:6e:3f:e0:18:29:7b:26:1f:ae:2d:b6:c7:b3:9e:
         7a:7c:7c:71:94:5b:9a:ae:0a:cf:3f:11:c9:14:5f:c5:ee:37:
         b9:43:1c:71:ac:db:c3:eb:7a:76:32:d2:19:93:e4:6b:12:ba:
         96:f1:e1:94:a7:7a:aa:92:89:b0:c8:ae:de:92:f5:62:e8:be:
         01:b0:d9:70:c2:6b:6a:79:32:ec:79:bc:86:81:96:00:e8:3f:
         a3:64:af:a3:0c:fd:0e:d1:76:f9:72:97:b2:b4:52:36:0b:58:
         09:62:05:aa:93:e1:6e:9a:37:65:a9:53:fc:78:d4:e4:2d:72:
         c9:83:c2:1a:01:b5:be:6d:fa:17:5e:37:79:31:5b:14:3b:ef:
         29:aa:85:e1:ab:2c:1a:2d:72:92:8c:dd:f0:26:24:16:57:bc:
         20:6b:85:84:a3:76:ac:c3:01:53:b9:24:74:20:8d:17:39:65:
         ef:7b:1a:e1:89:d6:e9:4a:b7:d9:c6:cc:88:11:28:f2:fe:9b:
         20:eb:1b:1a:d8:0f:78:58:66:70:61:cd:e6:a5:14:92:55:9c:
         53:aa:5c:ee:d8:6a:f4:22:2c:dc:a7:b6:da:4b:cb:dc:85:3e:
         a8:04:f9:c2:f4:05:89:61:a7:e2:b9:f2:29:9d:af:5f:e8:b9:
         c0:67:97:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2drY8y7Be5JSo9JGzfovEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYzQzMzk3N2M3MmI0YmU1ZDg4OGY1Njg1M2VkMzFhMWZm
MWVmYzYwHhcNMjYwNDE3MjMwMTMwWhcNMjYwNDE4MjMwMTMwWjAzMTEwLwYDVQQD
Eyg3OGU2NjJmOWYzZDczZWE0OGE5YmY2OGE1MTk1ZDZmMWU3MmU2NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSbaZv/V86xcADSgxQG0SWe4eQId
TX4mA01B9SHdgTmEa/BEsOw5zwbO9hGEggUBKGvD9bbnNEQqxC0lclZH+xmXaGnh
xqUOY+2QxTc/WyRKao8Iw6mMg6seQWssWy2xBXAkRr/7ht9cOYkH4HpZXNwjlLDf
2F98giJrGGSxhNwdTZptK+R3yBEUUV6QaTlg453o85Lsjq6zZml9QqBRqAmrKzEk
Gshdb73QdAtyczB9TjXCWp5gXEm9G6heDFiftaqo+oa6Y5Rl1Ru8EJQfsiYF4Y0O
Y/W8V805yWDQPnOxOpq8r9ynlj0n2YlSjSP1XMCaQBnQC3ClqfFRmrAD0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjmYvnz1z6kipv2ilGV1vHnLmcmMB8GA1UdIwQY
MBaAFN7EM5d8crS+XYiPVoU+0xof8e/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80NTZhODUtYjdhMS00MTgzLWE2NGYt
MjIzZjUwOGMwNTVhLzEvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80NTZhODUtYjdhMS00MTgzLWE2NGYtMjIzZjUwOGMwNTVh
LzEvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtkhoQ24/
4BgpeyYfri22x7Oeenx8cZRbmq4Kzz8RyRRfxe43uUMccazbw+t6djLSGZPkaxK6
lvHhlKd6qpKJsMiu3pL1Yui+AbDZcMJranky7Hm8hoGWAOg/o2Svowz9DtF2+XKX
srRSNgtYCWIFqpPhbpo3ZalT/HjU5C1yyYPCGgG1vm36F143eTFbFDvvKaqF4ass
Gi1ykozd8CYkFle8IGuFhKN2rMMBU7kkdCCNFzll73sa4YnW6Uq32cbMiBEo8v6b
IOsbGtgPeFhmcGHN5qUUklWcU6pc7thq9CIs3Ke22kvL3IU+qAT5wvQFiWGn4rny
KZ2vX+i5wGeXMw==
-----END CERTIFICATE-----