Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          By/uS0RpuBn1XnTkBJiJ07gM6h5E1A03RByM0K+71gk=
Subject key identifier:   8F:F5:42:C5:E8:D4:2A:21:0E:9A:FF:76:81:00:50:B8:1E:E0:80:DD
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       019DA30A4C0CF8025123738F1B4A13ECBF05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          1029
Signing time:             Sun 19 Apr 2026 00:00:54 +0000
Manifest this update:     Sun 19 Apr 2026 00:00:54 +0000
Manifest next update:     Mon 20 Apr 2026 00:00:54 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: Y+/3MvWfiwgnaz1QPWOCRhSFOy1IHciL7XW4mi0JaUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:4c:0c:f8:02:51:23:73:8f:1b:4a:13:ec:bf:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Apr 19 00:00:54 2026 GMT
            Not After : Apr 20 00:00:54 2026 GMT
        Subject: CN=8ff542c5e8d42a210e9aff76810050b81ee080dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:0b:8b:51:dc:3c:7c:2a:7d:55:26:23:f2:8b:
                    d4:43:10:30:c7:53:b9:04:60:a8:45:a9:82:ce:08:
                    fb:25:98:d6:fe:9b:4a:c1:6e:3a:1a:bf:8a:03:a6:
                    fc:bd:8e:f1:f6:66:ef:6a:7e:d7:5d:cb:05:20:3b:
                    5f:b1:e1:82:78:8f:12:e0:42:ea:9f:ca:c0:58:b7:
                    85:87:0c:af:43:0e:25:d8:a0:d5:1c:5a:e1:f0:c6:
                    17:8a:55:7b:b8:e8:80:fd:07:49:30:de:1d:e7:9a:
                    85:3b:1b:8f:f1:45:de:04:3a:a0:cb:d4:ee:e4:8f:
                    66:68:8e:49:f6:a8:73:17:86:8f:bb:39:1b:bf:a5:
                    9a:44:d3:ff:56:3d:bf:ff:59:3a:6d:44:ec:a2:a5:
                    98:d4:ae:ab:aa:32:d1:e3:b9:20:a0:26:88:af:66:
                    7b:bc:14:28:0b:b1:45:61:83:a5:e8:83:a5:c6:bd:
                    6a:4b:e3:7b:f6:30:ea:75:f1:26:3a:19:9d:11:dc:
                    02:cb:0b:d4:b2:7c:92:ca:ad:f4:73:d6:83:d6:af:
                    6e:d2:62:7d:bb:3b:1a:64:18:31:d3:64:a5:db:6d:
                    ed:97:d6:88:63:fd:ed:7f:a6:bc:47:65:59:00:c1:
                    34:f6:d8:ad:e9:6a:ea:89:c6:14:b5:98:f3:32:f8:
                    0a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:F5:42:C5:E8:D4:2A:21:0E:9A:FF:76:81:00:50:B8:1E:E0:80:DD
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:0d:13:38:56:a2:3b:07:f4:a1:41:d4:3f:f8:da:3a:df:26:
         6a:cc:ce:09:e1:86:38:ba:f4:02:f9:db:ae:33:ae:ef:83:d5:
         fc:7a:d0:40:c4:be:eb:b8:de:b6:f1:9b:f3:e7:fa:12:04:f5:
         b6:0e:6f:07:d6:5e:bf:90:ab:fa:72:1f:58:bb:83:10:49:1b:
         9e:02:a8:5d:cf:0a:2a:48:ff:41:a3:a3:d3:31:a1:5c:f0:95:
         eb:37:7d:b6:4e:69:d5:d3:e8:9e:51:54:1e:c4:f5:2d:7e:c8:
         7a:6c:df:22:91:e7:20:8e:c2:d4:99:1a:0b:23:ea:df:13:6f:
         c4:dd:53:5d:03:71:59:bc:42:d7:a2:68:4c:fa:74:78:8f:9c:
         5c:be:83:39:9b:6b:e4:45:75:29:5f:fc:bb:bb:43:b6:02:e2:
         02:58:95:91:c7:7e:1a:a2:21:8c:da:84:a9:57:87:6f:96:77:
         51:e7:da:a0:10:2a:2d:28:d1:19:27:6e:4e:97:4b:6d:6b:4a:
         ce:31:d0:76:15:32:77:7c:c4:4a:d5:76:00:8a:ba:6c:fa:2c:
         42:ad:de:a6:36:8f:f2:a1:5c:96:2a:c5:6a:75:b5:d2:50:81:
         19:fe:74:d8:e4:a5:72:98:96:98:9d:d0:2f:7e:5d:23:9e:32:
         d9:51:09:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCkwM+AJRI3OPG0oT7L8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjYwNDE5MDAwMDU0WhcNMjYwNDIwMDAwMDU0WjAzMTEwLwYDVQQD
Eyg4ZmY1NDJjNWU4ZDQyYTIxMGU5YWZmNzY4MTAwNTBiODFlZTA4MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAuLUdw8fCp9VSYj8ovUQxAwx1O5
BGCoRamCzgj7JZjW/ptKwW46Gr+KA6b8vY7x9mbvan7XXcsFIDtfseGCeI8S4ELq
n8rAWLeFhwyvQw4l2KDVHFrh8MYXilV7uOiA/QdJMN4d55qFOxuP8UXeBDqgy9Tu
5I9maI5J9qhzF4aPuzkbv6WaRNP/Vj2//1k6bUTsoqWY1K6rqjLR47kgoCaIr2Z7
vBQoC7FFYYOl6IOlxr1qS+N79jDqdfEmOhmdEdwCywvUsnySyq30c9aD1q9u0mJ9
uzsaZBgx02Sl223tl9aIY/3tf6a8R2VZAME09tit6WrqicYUtZjzMvgKbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/1QsXo1CohDpr/doEAULge4IDdMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPQ0TOFai
Owf0oUHUP/jaOt8maszOCeGGOLr0AvnbrjOu74PV/HrQQMS+67jetvGb8+f6EgT1
tg5vB9Zev5Cr+nIfWLuDEEkbngKoXc8KKkj/QaOj0zGhXPCV6zd9tk5p1dPonlFU
HsT1LX7IemzfIpHnII7C1JkaCyPq3xNvxN1TXQNxWbxC16JoTPp0eI+cXL6DOZtr
5EV1KV/8u7tDtgLiAliVkcd+GqIhjNqEqVeHb5Z3UefaoBAqLSjRGSduTpdLbWtK
zjHQdhUyd3zEStV2AIq6bPosQq3epjaP8qFclirFanW10lCBGf502OSlcpiWmJ3Q
L35dI54y2VEJMQ==
-----END CERTIFICATE-----