Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          O0xf9VluiLbqSutH/dO+EgCWYNp2ZO4YVL+ksR0PT4w=
Subject key identifier:   65:44:F2:D3:86:44:7B:76:23:DC:94:AC:24:FB:5A:95:9A:DE:4F:D0
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019CAB6BA68726685A790FCFCEE2847C86B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0F38
Signing time:             Sun 01 Mar 2026 22:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:24 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: pC7h+qcNtrDOp/JpnoysLm8cgBm7f5bTjayNc96v/t0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:a6:87:26:68:5a:79:0f:cf:ce:e2:84:7c:86:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Mar  1 22:01:24 2026 GMT
            Not After : Mar  2 22:01:24 2026 GMT
        Subject: CN=6544f2d386447b7623dc94ac24fb5a959ade4fd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9c:37:2f:9d:eb:c2:91:c5:26:11:a5:a8:04:
                    aa:eb:5e:1b:7d:52:4c:d7:13:ef:b2:99:e0:55:e7:
                    0d:c5:8e:c6:98:68:eb:d0:ad:78:af:2f:7f:35:bf:
                    42:05:fc:ee:94:34:64:93:ff:40:39:b3:4b:60:ab:
                    af:99:c7:76:3d:bd:eb:18:c0:9d:67:78:c0:d9:b5:
                    3a:64:4f:f3:c0:66:4a:21:7b:ba:a6:2a:4b:f0:54:
                    8c:2d:76:ce:85:64:37:cc:a3:d2:41:13:64:9b:27:
                    e5:e3:cb:07:c3:b8:5c:25:d8:f5:e5:68:e3:f1:6a:
                    d4:9b:68:4b:10:56:dc:3b:2b:2f:04:53:0b:a5:ae:
                    0f:9a:74:5f:19:0c:71:77:88:b7:74:d1:25:cc:e4:
                    bc:f9:35:08:49:83:30:d5:90:2a:f2:63:cd:40:a3:
                    16:77:ce:3c:ea:d6:63:dc:20:2f:41:23:a7:7b:d7:
                    61:9b:c5:3c:83:d8:1d:03:e2:a9:01:ff:91:af:9a:
                    1a:54:98:74:88:af:7b:7c:af:41:85:b9:7b:75:2e:
                    3e:ea:5b:e8:b2:19:84:ae:1d:bb:59:37:b1:dc:cf:
                    13:a0:99:09:d2:2f:b7:e9:f3:f6:ce:67:c8:4a:0e:
                    a0:e8:d2:62:bb:7d:f0:0f:bc:66:62:76:8a:2e:5b:
                    88:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:44:F2:D3:86:44:7B:76:23:DC:94:AC:24:FB:5A:95:9A:DE:4F:D0
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:0b:cd:ef:84:d0:8c:75:dd:91:6e:11:0a:e9:26:64:fa:93:
         e6:c4:fa:24:9d:52:a5:15:e2:aa:1f:88:b1:0f:37:88:03:a4:
         2a:84:e3:b0:33:a8:c3:ca:58:d5:01:08:a4:0f:7f:cc:7f:49:
         36:bb:54:6b:67:f9:2f:1b:44:67:8b:0e:4b:23:1e:08:bd:29:
         85:33:7b:60:28:bf:e9:07:d5:f1:cb:b7:42:be:d8:13:d8:a4:
         a7:65:d3:09:42:f7:26:61:26:44:5c:c6:3b:e6:23:ae:9b:f9:
         f2:25:97:09:c5:32:06:f6:6a:be:94:29:cb:c7:61:9f:a0:58:
         4c:4e:27:f5:eb:8d:a8:72:1b:d2:09:e9:91:a4:11:f3:80:54:
         e7:37:4d:f7:3b:04:10:b8:64:0c:fb:b3:6f:1e:ba:f4:cb:11:
         4b:5a:bc:a7:ce:6d:e3:a3:ec:eb:5c:ef:48:95:7b:87:f3:5e:
         04:01:a8:b6:5d:16:1b:f3:d2:1c:d4:a8:0a:c9:38:c5:1a:04:
         bd:f3:02:31:f4:31:10:3c:53:ca:0a:e6:6c:d1:43:13:c5:4e:
         d3:70:39:f5:66:ba:fd:d4:98:20:3b:05:9a:56:a8:ea:e1:ad:
         c7:a7:c2:8c:4c:bd:af:df:c8:2b:51:1d:96:f5:0c:40:fe:3c:
         f8:fa:a8:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6aHJmhaeQ/PzuKEfIaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjYwMzAxMjIwMTI0WhcNMjYwMzAyMjIwMTI0WjAzMTEwLwYDVQQD
Eyg2NTQ0ZjJkMzg2NDQ3Yjc2MjNkYzk0YWMyNGZiNWE5NTlhZGU0ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspw3L53rwpHFJhGlqASq614bfVJM
1xPvspngVecNxY7GmGjr0K14ry9/Nb9CBfzulDRkk/9AObNLYKuvmcd2Pb3rGMCd
Z3jA2bU6ZE/zwGZKIXu6pipL8FSMLXbOhWQ3zKPSQRNkmyfl48sHw7hcJdj15Wjj
8WrUm2hLEFbcOysvBFMLpa4PmnRfGQxxd4i3dNElzOS8+TUISYMw1ZAq8mPNQKMW
d8486tZj3CAvQSOne9dhm8U8g9gdA+KpAf+Rr5oaVJh0iK97fK9Bhbl7dS4+6lvo
shmErh27WTex3M8ToJkJ0i+36fP2zmfISg6g6NJiu33wD7xmYnaKLluIZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVE8tOGRHt2I9yUrCT7WpWa3k/QMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwvN74TQ
jHXdkW4RCukmZPqT5sT6JJ1SpRXiqh+IsQ83iAOkKoTjsDOow8pY1QEIpA9/zH9J
NrtUa2f5LxtEZ4sOSyMeCL0phTN7YCi/6QfV8cu3Qr7YE9ikp2XTCUL3JmEmRFzG
O+Yjrpv58iWXCcUyBvZqvpQpy8dhn6BYTE4n9euNqHIb0gnpkaQR84BU5zdN9zsE
ELhkDPuzbx669MsRS1q8p85t46Ps61zvSJV7h/NeBAGotl0WG/PSHNSoCsk4xRoE
vfMCMfQxEDxTygrmbNFDE8VO03A59Wa6/dSYIDsFmlao6uGtx6fCjEy9r9/IK1Ed
lvUMQP48+PqoHg==
-----END CERTIFICATE-----