Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          vtioSiw2ckMCWT32mD6+iddBlw+iS5mtMLb6s+hx8g8=
Subject key identifier:   A5:3B:06:FE:FD:39:41:42:E0:CF:E6:45:24:2E:7B:16:FF:32:70:E1
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019ED3BE36549D73D1938D042A7C8E6056B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          13D3
Signing time:             Wed 17 Jun 2026 04:01:58 +0000
Manifest this update:     Wed 17 Jun 2026 04:01:58 +0000
Manifest next update:     Thu 18 Jun 2026 04:01:58 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: oW8sRFLs5zQOE1ndrq2ts98dX3aix7nMM96MfPbNZpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 17 Jun 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:d3:be:36:54:9d:73:d1:93:8d:04:2a:7c:8e:60:56:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Jun 17 04:01:58 2026 GMT
            Not After : Jun 18 04:01:58 2026 GMT
        Subject: CN=a53b06fefd394142e0cfe645242e7b16ff3270e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9c:ea:82:27:84:55:74:dc:78:86:2c:32:20:
                    d3:5b:7c:c3:42:ea:ac:b6:c8:ac:22:27:95:78:e9:
                    93:b2:ce:4e:45:01:a8:f4:4e:15:ad:0a:b7:0c:13:
                    d9:c5:d7:96:fc:96:b2:39:11:f6:ab:1a:d6:48:50:
                    d3:d3:4b:71:64:b9:d3:3a:ea:a5:46:1e:18:60:6f:
                    21:7b:25:c3:5c:f3:d8:13:e8:be:bf:38:9c:17:64:
                    0e:c1:e7:4e:fa:9d:9a:92:13:e9:42:0f:4f:db:7c:
                    47:53:91:b9:f8:87:a7:d8:b9:6d:9c:cc:a4:35:9b:
                    d3:b4:49:e9:c8:58:24:8b:de:09:52:90:3e:ba:7b:
                    77:d0:5a:c4:25:35:d5:bd:20:69:cf:98:38:2f:33:
                    6c:bd:a4:40:5a:cb:8f:7a:fe:1c:dc:e8:2a:48:f1:
                    e4:28:14:20:ae:34:6f:b2:51:d3:e5:25:13:32:fe:
                    0b:0a:4e:18:32:af:b1:24:e5:44:4e:17:2c:3b:db:
                    ee:a1:51:fa:0b:96:22:c9:63:51:ad:6b:5a:8b:64:
                    24:80:ae:ec:30:68:ae:d7:30:a6:fe:9c:f5:63:5a:
                    90:ff:c5:c2:6e:99:fe:4d:02:14:bb:cf:d9:22:1d:
                    79:76:69:7f:06:1b:d1:2d:b6:b1:fe:d8:24:7e:9c:
                    5a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:3B:06:FE:FD:39:41:42:E0:CF:E6:45:24:2E:7B:16:FF:32:70:E1
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:4a:f7:6c:bd:76:26:12:a0:4a:a5:74:11:b6:63:b6:b8:42:
         cc:8a:31:c6:1c:4f:20:fc:dc:74:37:df:a9:82:10:78:90:5c:
         5d:de:46:48:b2:ac:47:34:b5:db:cd:e7:fd:2e:07:0a:95:02:
         20:d4:ed:64:8a:1b:93:2e:f4:46:34:74:1d:af:79:40:fb:79:
         0e:31:01:2a:12:a7:64:c5:48:42:a3:d2:79:80:0c:cb:c0:c5:
         dc:ef:07:0c:db:e4:25:86:84:87:c4:02:d4:da:cc:f7:95:5c:
         68:9d:33:74:4e:aa:fd:02:c2:3e:18:e9:13:3c:35:f6:c2:68:
         bb:08:ad:65:a3:ba:67:83:76:8d:14:8b:f7:51:cc:42:51:22:
         eb:b8:b7:ec:b0:b8:80:4b:ed:ee:a7:60:4d:44:aa:34:7d:68:
         ac:c0:dc:c4:63:d3:0b:55:86:f2:98:5a:e3:83:0b:4b:e8:16:
         a8:41:fa:f5:2c:1f:f4:a9:30:4e:aa:5e:0d:21:4e:e6:e1:5b:
         bd:81:9c:4c:a9:16:af:d3:d3:b6:b0:b8:23:f0:32:02:39:fd:
         63:6e:8f:4f:d6:37:d7:4c:6b:64:8d:80:af:2d:3d:dd:5a:55:
         d5:70:b8:b9:51:ff:04:26:c0:0f:a3:d2:9a:5c:80:54:af:2a:
         b4:fa:20:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7TvjZUnXPRk40EKnyOYFa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwNjE3MDQwMTU4WhcNMjYwNjE4MDQwMTU4WjAzMTEwLwYDVQQD
EyhhNTNiMDZmZWZkMzk0MTQyZTBjZmU2NDUyNDJlN2IxNmZmMzI3MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJzqgieEVXTceIYsMiDTW3zDQuqs
tsisIieVeOmTss5ORQGo9E4VrQq3DBPZxdeW/JayORH2qxrWSFDT00txZLnTOuql
Rh4YYG8heyXDXPPYE+i+vzicF2QOwedO+p2akhPpQg9P23xHU5G5+Ien2LltnMyk
NZvTtEnpyFgki94JUpA+unt30FrEJTXVvSBpz5g4LzNsvaRAWsuPev4c3OgqSPHk
KBQgrjRvslHT5SUTMv4LCk4YMq+xJOVEThcsO9vuoVH6C5YiyWNRrWtai2QkgK7s
MGiu1zCm/pz1Y1qQ/8XCbpn+TQIUu8/ZIh15dml/BhvRLbax/tgkfpxa1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKU7Bv79OUFC4M/mRSQuexb/MnDhMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPkr3bL12
JhKgSqV0EbZjtrhCzIoxxhxPIPzcdDffqYIQeJBcXd5GSLKsRzS1283n/S4HCpUC
INTtZIobky70RjR0Ha95QPt5DjEBKhKnZMVIQqPSeYAMy8DF3O8HDNvkJYaEh8QC
1NrM95VcaJ0zdE6q/QLCPhjpEzw19sJouwitZaO6Z4N2jRSL91HMQlEi67i37LC4
gEvt7qdgTUSqNH1orMDcxGPTC1WG8pha44MLS+gWqEH69Swf9KkwTqpeDSFO5uFb
vYGcTKkWr9PTtrC4I/AyAjn9Y26PT9Y310xrZI2Ary093VpV1XC4uVH/BCbAD6PS
mlyAVK8qtPogSw==
-----END CERTIFICATE-----