Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          yzmDJDn/qKSyPyMfwVKG5830WRLKreOotxIDyDdaVaQ=
Subject key identifier:   0E:ED:08:C3:BB:6A:39:88:B6:5D:33:96:03:10:BE:DF:57:E2:81:8F
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019D98F4D1995E990DE4F1EE7DE8C7EADCB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          1330
Signing time:             Fri 17 Apr 2026 01:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:14 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: tnke+cEUG6++6vNZqaMkPQvDtoox3MXr8KLjSeeunSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d1:99:5e:99:0d:e4:f1:ee:7d:e8:c7:ea:dc:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Apr 17 01:01:14 2026 GMT
            Not After : Apr 18 01:01:14 2026 GMT
        Subject: CN=0eed08c3bb6a3988b65d33960310bedf57e2818f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7e:fb:2a:05:9a:04:e0:1b:77:78:39:b7:c9:
                    52:d7:ae:fc:58:a5:25:3c:e0:5a:ac:82:ed:c9:4d:
                    10:57:6c:05:6d:aa:56:59:60:ac:f9:ff:c7:e9:26:
                    74:ed:d1:0e:89:ea:e4:fa:a5:47:a8:de:bc:d7:2d:
                    3f:48:30:73:cf:93:6c:c6:52:1d:5c:79:9d:e4:f1:
                    f7:b3:f0:67:f8:7d:24:f8:46:15:8d:4e:e5:7c:f0:
                    e8:e9:84:6d:34:eb:de:85:3f:12:78:56:08:5d:dd:
                    ce:e0:bb:4c:c7:ab:4e:50:e3:b7:1e:99:f2:e4:2b:
                    32:c6:4d:e5:eb:57:91:21:5e:39:68:87:31:4b:d2:
                    2e:3b:ab:e8:f4:07:94:de:9c:71:06:2a:21:49:07:
                    2f:a5:b0:ef:31:af:6b:04:67:31:35:74:d5:fb:7f:
                    4c:a5:40:07:25:74:52:0b:4f:ed:5b:70:7b:2a:0e:
                    36:63:df:2f:b1:0c:dc:e9:25:6b:6f:93:31:31:74:
                    fd:e8:6c:f5:2a:9d:61:74:33:1a:4c:52:17:31:62:
                    18:ef:a0:5f:c0:1b:6c:14:41:9e:33:64:59:74:d7:
                    29:c4:98:bf:64:69:33:08:3b:21:c0:52:a4:67:44:
                    75:90:93:3e:a9:f2:e4:ac:b1:ec:fd:01:b9:7e:1e:
                    7d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:ED:08:C3:BB:6A:39:88:B6:5D:33:96:03:10:BE:DF:57:E2:81:8F
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:c1:d4:91:e6:5b:c7:83:69:f3:00:2a:d5:6b:7d:68:c4:2b:
         a6:77:64:cf:90:70:f7:71:11:f0:78:aa:b9:30:8c:a2:ed:62:
         ca:c2:79:bd:60:96:6c:51:be:d0:a3:01:54:ea:b7:f5:dd:05:
         44:1e:49:bf:e3:33:9f:30:12:9e:a1:c7:80:15:28:c0:eb:8d:
         7a:2f:d7:9c:3c:90:08:8f:a4:79:7c:58:c1:d8:7b:f0:34:2d:
         a0:48:df:1f:5a:c3:0b:82:d3:9b:92:ec:af:0b:7a:4c:b8:88:
         a0:be:a9:88:d6:ea:1f:14:9d:61:61:90:ed:28:90:d9:6a:2a:
         41:3d:02:30:57:5f:f9:6e:02:79:43:69:4b:6f:18:ee:56:ce:
         21:78:d7:b6:19:49:22:a6:7d:87:6b:79:29:9d:59:61:e3:c2:
         d0:46:89:40:b9:cf:6e:2a:f7:c1:40:72:05:8b:da:de:3d:be:
         c8:b8:78:6d:4a:f8:f5:8d:18:01:07:9d:fb:0e:29:d4:9a:9c:
         68:48:36:f0:bb:24:8e:b9:35:db:76:9a:87:0f:9f:a2:72:be:
         6d:07:c0:cd:f9:c0:5b:6c:2c:57:80:e8:47:00:fa:f2:be:54:
         40:d8:67:32:52:3c:51:9a:08:37:6d:32:fa:19:82:b3:aa:93:
         a7:06:cd:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NGZXpkN5PHufejH6ty5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjYwNDE3MDEwMTE0WhcNMjYwNDE4MDEwMTE0WjAzMTEwLwYDVQQD
EygwZWVkMDhjM2JiNmEzOTg4YjY1ZDMzOTYwMzEwYmVkZjU3ZTI4MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH77KgWaBOAbd3g5t8lS1678WKUl
POBarILtyU0QV2wFbapWWWCs+f/H6SZ07dEOierk+qVHqN681y0/SDBzz5NsxlId
XHmd5PH3s/Bn+H0k+EYVjU7lfPDo6YRtNOvehT8SeFYIXd3O4LtMx6tOUOO3Hpny
5Csyxk3l61eRIV45aIcxS9IuO6vo9AeU3pxxBiohSQcvpbDvMa9rBGcxNXTV+39M
pUAHJXRSC0/tW3B7Kg42Y98vsQzc6SVrb5MxMXT96Gz1Kp1hdDMaTFIXMWIY76Bf
wBtsFEGeM2RZdNcpxJi/ZGkzCDshwFKkZ0R1kJM+qfLkrLHs/QG5fh59wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7tCMO7ajmItl0zlgMQvt9X4oGPMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfMHUkeZb
x4Np8wAq1Wt9aMQrpndkz5Bw93ER8HiquTCMou1iysJ5vWCWbFG+0KMBVOq39d0F
RB5Jv+MznzASnqHHgBUowOuNei/XnDyQCI+keXxYwdh78DQtoEjfH1rDC4LTm5Ls
rwt6TLiIoL6piNbqHxSdYWGQ7SiQ2WoqQT0CMFdf+W4CeUNpS28Y7lbOIXjXthlJ
IqZ9h2t5KZ1ZYePC0EaJQLnPbir3wUByBYva3j2+yLh4bUr49Y0YAQed+w4p1Jqc
aEg28Lskjrk123aahw+fonK+bQfAzfnAW2wsV4DoRwD68r5UQNhnMlI8UZoIN20y
+hmCs6qTpwbNoA==
-----END CERTIFICATE-----