Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          DZvVeYMau0Fe0px2Lrw0iFHsoAokw8yCyYy3IUOjSM0=
Subject key identifier:   D7:00:14:61:D6:6A:B3:11:D1:D4:8D:0A:B2:93:F9:79:02:85:52:10
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       019CABD91E4A3B60BFC90F501DC208E5413C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0FA9
Signing time:             Mon 02 Mar 2026 00:00:58 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:58 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:58 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: 5o3bEQzYq0Cm4Z4ENrGFJxWgw+d/Em6HA62SbLwmu1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:1e:4a:3b:60:bf:c9:0f:50:1d:c2:08:e5:41:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Mar  2 00:00:58 2026 GMT
            Not After : Mar  3 00:00:58 2026 GMT
        Subject: CN=d7001461d66ab311d1d48d0ab293f97902855210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:fe:47:d5:ba:2b:c4:8e:05:d3:7e:b7:e9:33:
                    f3:66:3a:9f:fa:df:9e:3e:c0:f1:45:67:49:da:1a:
                    8e:51:7d:53:3c:06:00:33:0e:36:ea:48:83:0a:40:
                    47:59:bb:b1:01:6f:ef:fd:03:82:ec:e7:06:1e:6a:
                    02:93:84:b9:d6:fa:7d:94:28:46:b7:65:ad:6d:57:
                    c6:0e:7e:e8:29:e8:e7:eb:e6:9f:93:cd:27:97:7c:
                    89:e5:47:b4:b9:51:55:4d:e0:89:20:c3:d1:f1:68:
                    0e:da:ee:9e:0a:d8:5c:be:87:15:b2:63:26:22:80:
                    85:3b:7e:0e:8d:94:92:d4:dd:4f:52:dc:96:a1:8d:
                    06:e4:57:ac:b3:2b:4c:c9:06:de:f8:52:6b:9f:87:
                    13:f3:87:aa:5f:56:f4:8a:9d:d8:89:93:5f:e7:2b:
                    42:59:80:d1:a6:0f:99:2a:4e:ee:13:2d:ac:8b:c3:
                    54:23:6b:ff:ec:1d:65:cb:01:e2:f4:cb:15:3d:94:
                    3c:71:ae:1f:68:c9:f4:ff:80:56:4e:ee:80:d9:f2:
                    94:da:ef:21:af:71:ea:d4:fc:39:ad:12:e9:52:ea:
                    0e:99:80:6b:21:0a:e3:e1:90:63:12:8f:31:53:cd:
                    de:74:2c:17:f2:15:35:51:d0:39:e4:30:47:54:dc:
                    da:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:00:14:61:D6:6A:B3:11:D1:D4:8D:0A:B2:93:F9:79:02:85:52:10
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:21:05:89:aa:ac:ac:e8:8b:94:b3:b0:dd:56:96:ed:09:30:
         e2:0e:52:da:7c:10:98:cb:35:28:ed:2d:1e:a5:30:62:04:50:
         f4:87:68:66:f9:ad:8a:23:58:cc:ea:58:5c:01:65:5b:95:4f:
         3f:ca:37:5c:f5:b3:67:15:ef:2b:fc:52:97:f3:ec:c4:a3:fb:
         20:2b:a7:5c:93:89:84:ce:f6:2b:aa:4e:f9:3f:65:82:9a:44:
         cf:43:7f:c7:b1:c7:12:a5:a1:02:22:bf:d5:83:04:a1:ad:63:
         24:57:89:a1:d7:a9:f9:cd:8d:6a:2c:e3:3a:cb:ec:00:3a:af:
         f4:0f:3d:46:53:34:8c:35:1d:df:bd:ad:44:72:80:d6:4d:08:
         b7:20:b9:46:18:08:cb:81:ab:85:10:3e:8a:bd:26:0a:d2:eb:
         cd:9f:64:dd:38:9b:66:4d:d3:3e:56:8c:10:78:96:86:ae:c3:
         d3:4f:59:9a:c5:09:62:f9:94:e6:0a:c0:4e:91:0b:c6:4e:d8:
         eb:28:37:cb:d2:08:c3:94:71:34:2d:74:73:01:89:1e:6f:f4:
         05:3f:a6:92:b6:33:0e:e0:94:4a:9c:50:39:9f:6b:da:d2:4c:
         e9:b8:b1:c5:cd:76:55:2f:38:eb:50:fa:32:2f:a6:46:54:6c:
         ba:6a:43:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2R5KO2C/yQ9QHcII5UE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjYwMzAyMDAwMDU4WhcNMjYwMzAzMDAwMDU4WjAzMTEwLwYDVQQD
EyhkNzAwMTQ2MWQ2NmFiMzExZDFkNDhkMGFiMjkzZjk3OTAyODU1MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/5H1borxI4F03636TPzZjqf+t+e
PsDxRWdJ2hqOUX1TPAYAMw426kiDCkBHWbuxAW/v/QOC7OcGHmoCk4S51vp9lChG
t2WtbVfGDn7oKejn6+afk80nl3yJ5Ue0uVFVTeCJIMPR8WgO2u6eCthcvocVsmMm
IoCFO34OjZSS1N1PUtyWoY0G5FessytMyQbe+FJrn4cT84eqX1b0ip3YiZNf5ytC
WYDRpg+ZKk7uEy2si8NUI2v/7B1lywHi9MsVPZQ8ca4faMn0/4BWTu6A2fKU2u8h
r3Hq1Pw5rRLpUuoOmYBrIQrj4ZBjEo8xU83edCwX8hU1UdA55DBHVNzaYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcAFGHWarMR0dSNCrKT+XkChVIQMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHCEFiaqs
rOiLlLOw3VaW7Qkw4g5S2nwQmMs1KO0tHqUwYgRQ9IdoZvmtiiNYzOpYXAFlW5VP
P8o3XPWzZxXvK/xSl/PsxKP7ICunXJOJhM72K6pO+T9lgppEz0N/x7HHEqWhAiK/
1YMEoa1jJFeJodep+c2NaizjOsvsADqv9A89RlM0jDUd372tRHKA1k0ItyC5RhgI
y4GrhRA+ir0mCtLrzZ9k3TibZk3TPlaMEHiWhq7D009ZmsUJYvmU5grATpELxk7Y
6yg3y9IIw5RxNC10cwGJHm/0BT+mkrYzDuCUSpxQOZ9r2tJM6bixxc12VS8461D6
Mi+mRlRsumpDxA==
-----END CERTIFICATE-----