Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          xZQrNbH5H3OBfq3vWOgrv1Y4j9WlgXiNcwEIJex5Nv4=
Subject key identifier:   53:4B:42:0D:92:7E:D7:32:1F:8D:3B:90:10:F6:C3:06:1D:D7:1E:A4
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       019EBEEC61B044E2AF0FE01C1D67BE295F77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          10BC
Signing time:             Sat 13 Jun 2026 03:00:22 +0000
Manifest this update:     Sat 13 Jun 2026 03:00:22 +0000
Manifest next update:     Sun 14 Jun 2026 03:00:22 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: X1IWtNAHbGph+79z9NNtgxBKpbIVcK7qBLLacwwMJ0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ec:61:b0:44:e2:af:0f:e0:1c:1d:67:be:29:5f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Jun 13 03:00:22 2026 GMT
            Not After : Jun 14 03:00:22 2026 GMT
        Subject: CN=534b420d927ed7321f8d3b9010f6c3061dd71ea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:41:7a:8b:26:9f:a4:f1:cc:22:01:7c:85:8a:
                    08:c3:77:93:c7:09:b8:75:f5:7f:00:79:ff:98:29:
                    93:ca:fd:0f:98:87:4a:05:d5:85:7d:31:48:05:d6:
                    c7:8c:8b:fc:7a:69:b6:e0:94:92:61:fd:53:78:dc:
                    2e:ce:28:02:ee:dd:02:a9:2c:fb:e1:80:28:a8:ce:
                    09:b6:bb:99:24:b6:fe:79:b0:9c:01:4c:c1:58:c3:
                    c3:11:f2:37:b2:e2:44:1a:fb:89:66:f7:96:87:2f:
                    d8:88:2a:73:a8:6f:19:09:e0:c5:64:e2:6e:6b:fc:
                    ca:54:58:ac:e3:49:44:bb:ad:f6:4f:3a:af:c2:d1:
                    50:17:a1:a5:6a:ac:f4:cf:33:28:50:2b:a4:ad:98:
                    85:97:60:de:e1:8c:3d:af:24:b7:09:b4:d0:e8:6e:
                    91:99:ba:ad:39:c7:90:4f:f3:db:86:ca:91:4d:2f:
                    fc:c2:50:3d:9a:45:2f:2d:3c:6b:04:82:b7:e3:64:
                    57:b2:9b:15:a2:d7:c8:b4:3f:2c:ae:02:84:fb:56:
                    ed:8f:9a:d9:b1:89:06:73:ba:e8:ea:ec:87:f4:fa:
                    39:2e:5c:21:0f:6d:43:1a:c0:32:5a:15:2d:57:2c:
                    43:78:da:d2:d3:92:05:87:88:50:9d:4f:dd:a0:27:
                    dd:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:4B:42:0D:92:7E:D7:32:1F:8D:3B:90:10:F6:C3:06:1D:D7:1E:A4
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:27:b9:66:c5:2e:7d:c6:c8:5d:d1:f5:57:2f:21:d3:7f:31:
         7f:02:d0:76:fd:3e:22:27:c7:54:fa:95:60:db:5f:d7:95:8d:
         a3:d6:57:9a:62:e3:2f:2d:03:74:f6:52:46:47:ae:90:73:4e:
         69:ec:80:b0:18:22:6a:17:0a:e6:8a:32:15:36:cc:7c:83:9e:
         93:53:8c:e1:e9:ae:b3:fd:dc:98:9e:7e:09:34:f1:3e:28:92:
         6a:08:95:60:2a:6d:3e:fd:fe:c8:34:1e:5a:e3:da:72:10:0b:
         b4:17:29:81:60:c5:d3:2c:50:a1:61:51:fe:aa:fa:f1:05:4c:
         17:54:cc:28:9e:88:dc:95:5d:c4:bf:57:6c:ad:c5:cf:9e:7c:
         8a:c4:cc:ea:44:e1:45:5a:15:a1:27:20:66:cd:00:de:f1:f4:
         6c:12:2a:fb:79:c1:37:45:4b:44:58:40:1d:33:42:12:53:9a:
         0e:e6:e7:86:4d:d7:66:95:58:5c:88:14:7a:2d:51:ed:6e:09:
         1d:c9:79:5a:27:e0:9f:3b:e3:da:c7:a1:6e:8c:02:7e:5a:64:
         b7:c8:ec:ef:47:13:fa:60:79:b8:87:03:e0:26:df:b3:2e:66:
         87:aa:03:a5:b4:33:ab:91:90:c9:aa:8c:ca:d4:7c:b5:90:3e:
         fa:24:7c:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7GGwROKvD+AcHWe+KV93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjYwNjEzMDMwMDIyWhcNMjYwNjE0MDMwMDIyWjAzMTEwLwYDVQQD
Eyg1MzRiNDIwZDkyN2VkNzMyMWY4ZDNiOTAxMGY2YzMwNjFkZDcxZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEF6iyafpPHMIgF8hYoIw3eTxwm4
dfV/AHn/mCmTyv0PmIdKBdWFfTFIBdbHjIv8emm24JSSYf1TeNwuzigC7t0CqSz7
4YAoqM4JtruZJLb+ebCcAUzBWMPDEfI3suJEGvuJZveWhy/YiCpzqG8ZCeDFZOJu
a/zKVFis40lEu632TzqvwtFQF6Glaqz0zzMoUCukrZiFl2De4Yw9ryS3CbTQ6G6R
mbqtOceQT/PbhsqRTS/8wlA9mkUvLTxrBIK342RXspsVotfItD8srgKE+1btj5rZ
sYkGc7ro6uyH9Po5LlwhD21DGsAyWhUtVyxDeNrS05IFh4hQnU/doCfdzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNLQg2SftcyH407kBD2wwYd1x6kMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHie5ZsUu
fcbIXdH1Vy8h038xfwLQdv0+IifHVPqVYNtf15WNo9ZXmmLjLy0DdPZSRkeukHNO
aeyAsBgiahcK5ooyFTbMfIOek1OM4emus/3cmJ5+CTTxPiiSagiVYCptPv3+yDQe
WuPachALtBcpgWDF0yxQoWFR/qr68QVMF1TMKJ6I3JVdxL9XbK3Fz558isTM6kTh
RVoVoScgZs0A3vH0bBIq+3nBN0VLRFhAHTNCElOaDubnhk3XZpVYXIgUei1R7W4J
Hcl5Wifgnzvj2sehbowCflpkt8js70cT+mB5uIcD4Cbfsy5mh6oDpbQzq5GQyaqM
ytR8tZA++iR8gA==
-----END CERTIFICATE-----