Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          ODdUS/l7Wx1k7kkZGpC0sdYtOmOqicct2mQnShrGP44=
Subject key identifier:   58:03:AB:00:18:E7:9E:A9:52:BD:5C:02:64:39:6E:A6:F5:0A:3E:3F
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019D98F46FAB9D1C6A9DFE2B7A91508D3B57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0FB3
Signing time:             Fri 17 Apr 2026 01:00:49 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:49 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:49 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: kyftPYhXf/DYMe682u+CGYGi8Jw8w4oBa5gvCdrLOXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:6f:ab:9d:1c:6a:9d:fe:2b:7a:91:50:8d:3b:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Apr 17 01:00:49 2026 GMT
            Not After : Apr 18 01:00:49 2026 GMT
        Subject: CN=5803ab0018e79ea952bd5c0264396ea6f50a3e3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:bb:4d:98:45:25:b6:6d:20:b1:78:23:24:d5:
                    97:56:6f:5c:c7:03:d6:bb:bd:d4:63:cc:26:f6:cb:
                    78:7f:93:53:c5:db:dc:00:99:20:e8:bd:78:7f:60:
                    f3:69:19:9d:79:63:07:34:a9:b5:02:f1:50:10:a9:
                    5e:7c:e5:94:ba:87:93:82:f7:63:07:6d:69:54:d1:
                    84:64:e1:85:28:b8:52:bd:9a:3b:25:10:d4:8c:a6:
                    7b:40:94:8d:aa:dc:8b:90:4e:b2:8f:8c:a0:d6:18:
                    39:03:c7:71:aa:f4:96:f2:85:e5:bd:8a:85:92:8c:
                    0d:3c:d3:b1:b7:c9:bd:05:f4:b1:d0:f5:69:88:fa:
                    8e:50:f2:4c:82:7e:11:1d:8b:19:06:68:39:7c:af:
                    1f:79:22:82:35:d7:a3:df:43:24:97:14:01:a5:05:
                    b3:f9:47:46:fc:f6:96:60:28:68:9a:b0:02:02:ac:
                    84:32:48:0e:63:55:68:a1:11:56:56:86:75:ed:da:
                    13:ec:20:e0:da:71:fe:66:86:ab:9d:1d:69:fd:c5:
                    e1:9c:62:ff:35:7d:02:b7:26:6f:87:7f:7d:fc:90:
                    cc:30:ef:56:fd:44:b1:97:b2:65:a4:44:ad:7a:c5:
                    d8:91:32:f8:54:51:c7:51:80:ae:4f:20:7a:4a:69:
                    7b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:03:AB:00:18:E7:9E:A9:52:BD:5C:02:64:39:6E:A6:F5:0A:3E:3F
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:dd:1b:5d:7c:95:10:38:d1:f6:e5:9a:e1:8b:eb:7e:88:84:
         6e:8c:ae:fd:d9:0d:0f:b0:78:d2:68:8a:13:26:43:95:fd:52:
         38:93:25:97:5f:3e:51:7f:6f:de:07:34:b3:42:83:2a:7b:8b:
         bb:f9:97:aa:92:5b:51:3d:7c:8c:b7:e2:3f:11:77:c8:7f:25:
         ac:68:fd:3a:05:0d:21:2f:2c:55:d1:7e:bc:42:75:d5:4c:89:
         7d:3f:5c:7b:72:dd:f5:e3:89:73:e1:62:36:b8:9c:32:86:cb:
         1b:ad:94:0b:27:df:c7:93:b7:ef:b9:21:b7:e3:85:59:22:b0:
         89:01:88:76:67:8a:c2:f6:7b:c8:f9:69:b4:88:e9:27:bf:24:
         39:0d:83:d0:6d:ef:23:75:80:81:a3:e2:f5:b2:25:41:22:74:
         84:cf:7c:38:79:b3:25:97:8d:bd:7a:5e:fb:13:80:c8:d1:ec:
         a3:a5:7e:7d:ec:a4:4c:88:77:5d:c1:b7:cc:43:2d:36:f5:43:
         3f:53:68:01:0c:a1:67:ee:3a:59:3b:5f:c8:10:c8:10:dc:03:
         43:14:39:61:44:62:a7:c3:21:1e:2b:0d:77:2d:b0:48:e6:86:
         ec:c3:85:59:08:6f:b0:94:c7:43:96:c7:e7:34:4f:dc:c0:f5:
         36:d0:d0:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9G+rnRxqnf4repFQjTtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwNDE3MDEwMDQ5WhcNMjYwNDE4MDEwMDQ5WjAzMTEwLwYDVQQD
Eyg1ODAzYWIwMDE4ZTc5ZWE5NTJiZDVjMDI2NDM5NmVhNmY1MGEzZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLtNmEUltm0gsXgjJNWXVm9cxwPW
u73UY8wm9st4f5NTxdvcAJkg6L14f2DzaRmdeWMHNKm1AvFQEKlefOWUuoeTgvdj
B21pVNGEZOGFKLhSvZo7JRDUjKZ7QJSNqtyLkE6yj4yg1hg5A8dxqvSW8oXlvYqF
kowNPNOxt8m9BfSx0PVpiPqOUPJMgn4RHYsZBmg5fK8feSKCNdej30MklxQBpQWz
+UdG/PaWYChomrACAqyEMkgOY1VooRFWVoZ17doT7CDg2nH+ZoarnR1p/cXhnGL/
NX0CtyZvh399/JDMMO9W/USxl7JlpEStesXYkTL4VFHHUYCuTyB6Sml73QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgDqwAY556pUr1cAmQ5bqb1Cj4/MB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATd0bXXyV
EDjR9uWa4YvrfoiEboyu/dkND7B40miKEyZDlf1SOJMll18+UX9v3gc0s0KDKnuL
u/mXqpJbUT18jLfiPxF3yH8lrGj9OgUNIS8sVdF+vEJ11UyJfT9ce3Ld9eOJc+Fi
NricMobLG62UCyffx5O377kht+OFWSKwiQGIdmeKwvZ7yPlptIjpJ78kOQ2D0G3v
I3WAgaPi9bIlQSJ0hM98OHmzJZeNvXpe+xOAyNHso6V+feykTIh3XcG3zEMtNvVD
P1NoAQyhZ+46WTtfyBDIENwDQxQ5YURip8MhHisNdy2wSOaG7MOFWQhvsJTHQ5bH
5zRP3MD1NtDQfQ==
-----END CERTIFICATE-----