Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          2lPfVXUC11DsQATmHSzLccuNO4bfkjfXKoeHkQ4nlT8=
Subject key identifier:   F8:C5:37:DF:89:40:D6:80:34:9F:8D:63:66:CF:DA:B3:DD:A5:01:85
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019CAB6BD46E99CD9453901BFABD6DE34DC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          12B5
Signing time:             Sun 01 Mar 2026 22:01:36 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:36 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:36 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: PIsvoXMsl8MM29INZ3nNZgIFSPWl//rZsKBqHp6Virk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:d4:6e:99:cd:94:53:90:1b:fa:bd:6d:e3:4d:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Mar  1 22:01:36 2026 GMT
            Not After : Mar  2 22:01:36 2026 GMT
        Subject: CN=f8c537df8940d680349f8d6366cfdab3dda50185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:93:80:52:10:d7:9d:88:45:03:9d:f7:ba:ea:
                    1c:a6:67:d1:b5:57:41:1c:21:1d:1f:97:5f:42:0e:
                    c8:54:fc:40:0c:ce:0a:be:66:22:0e:0a:e2:a7:22:
                    f9:88:23:34:50:6c:1f:e8:a0:f3:af:26:b6:77:aa:
                    85:c6:11:9e:cd:0d:f7:9a:fd:a9:17:66:83:19:69:
                    06:24:ef:e5:3f:a4:70:23:cb:c4:4e:46:16:f9:bc:
                    b0:18:28:16:06:ff:bf:dc:11:6b:9d:7b:c6:fb:e3:
                    fd:a3:1a:5c:89:15:3a:fd:41:2a:1a:69:c5:fb:6f:
                    d0:f8:18:07:82:c6:8e:56:19:40:05:07:96:72:33:
                    37:68:f0:70:8a:d9:c4:3b:b9:2b:9b:d5:c6:59:21:
                    7d:92:95:39:58:b0:86:d6:65:20:b2:6f:bb:a1:b0:
                    02:0e:56:04:48:0f:df:a2:f9:e6:50:e8:57:a0:44:
                    49:2a:b4:f2:3d:58:42:16:0b:a9:3f:2d:02:65:0b:
                    36:55:86:b5:9d:b0:0c:a9:32:e6:7c:38:0c:ae:92:
                    9a:75:f3:45:e3:6e:b6:1a:42:60:55:05:24:6a:b7:
                    7b:94:b3:4a:52:27:15:fa:4f:72:4a:93:85:9e:ca:
                    97:b8:51:5e:0b:23:e1:24:3c:97:6e:51:8f:38:9d:
                    b3:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:C5:37:DF:89:40:D6:80:34:9F:8D:63:66:CF:DA:B3:DD:A5:01:85
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:8e:cf:ec:ed:ce:43:e7:99:a2:ce:e7:21:85:15:f7:49:c1:
         90:d4:6c:3f:11:c4:8c:75:3b:15:1e:08:33:ee:41:ba:1d:a2:
         e7:51:83:e8:ae:97:ae:6a:9b:73:fa:41:24:84:a5:7a:b0:fb:
         9a:c2:fc:03:9f:75:cd:9a:77:be:00:a3:1f:70:a3:63:a3:fd:
         31:a0:60:56:90:f0:7c:41:f5:15:ba:ab:79:19:2e:8d:60:6d:
         ac:eb:c7:1f:39:e5:c8:f5:8f:b5:39:3d:96:a0:eb:d2:87:54:
         bb:b1:18:30:6d:f7:f0:ac:78:a4:d6:b7:4b:f3:b3:81:7c:15:
         af:49:6c:8a:7c:8b:b6:3b:df:d7:64:84:96:15:bb:9a:fa:cb:
         e7:be:1c:9f:61:f4:7f:2d:a2:02:96:f0:c8:50:af:69:18:df:
         20:12:d9:1f:3d:04:ad:2d:2e:72:b0:57:75:6e:73:3a:e2:d3:
         c6:7a:78:7d:c0:08:fc:b4:6d:14:59:e2:12:e9:cf:bd:4f:40:
         05:89:89:43:49:e4:68:c3:19:e0:3f:27:fa:2e:25:92:56:86:
         9d:84:59:04:a1:a9:55:33:50:95:29:0a:4d:a8:01:11:27:e1:
         ee:13:5f:6d:79:75:1e:d2:48:0e:08:fa:ad:5f:b9:94:67:25:
         f1:4c:34:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9Rumc2UU5Ab+r1t403FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwMzAxMjIwMTM2WhcNMjYwMzAyMjIwMTM2WjAzMTEwLwYDVQQD
EyhmOGM1MzdkZjg5NDBkNjgwMzQ5ZjhkNjM2NmNmZGFiM2RkYTUwMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5OAUhDXnYhFA533uuocpmfRtVdB
HCEdH5dfQg7IVPxADM4KvmYiDgripyL5iCM0UGwf6KDzrya2d6qFxhGezQ33mv2p
F2aDGWkGJO/lP6RwI8vETkYW+bywGCgWBv+/3BFrnXvG++P9oxpciRU6/UEqGmnF
+2/Q+BgHgsaOVhlABQeWcjM3aPBwitnEO7krm9XGWSF9kpU5WLCG1mUgsm+7obAC
DlYESA/fovnmUOhXoERJKrTyPVhCFgupPy0CZQs2VYa1nbAMqTLmfDgMrpKadfNF
4262GkJgVQUkard7lLNKUicV+k9ySpOFnsqXuFFeCyPhJDyXblGPOJ2zNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjFN9+JQNaANJ+NY2bP2rPdpQGFMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGo7P7O3O
Q+eZos7nIYUV90nBkNRsPxHEjHU7FR4IM+5Buh2i51GD6K6Xrmqbc/pBJISlerD7
msL8A591zZp3vgCjH3CjY6P9MaBgVpDwfEH1FbqreRkujWBtrOvHHznlyPWPtTk9
lqDr0odUu7EYMG338Kx4pNa3S/OzgXwVr0lsinyLtjvf12SElhW7mvrL574cn2H0
fy2iApbwyFCvaRjfIBLZHz0ErS0ucrBXdW5zOuLTxnp4fcAI/LRtFFniEunPvU9A
BYmJQ0nkaMMZ4D8n+i4lklaGnYRZBKGpVTNQlSkKTagBESfh7hNfbXl1HtJIDgj6
rV+5lGcl8Uw0Ig==
-----END CERTIFICATE-----