Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          +AW9hlInvRUb0gHzw4fMW5sxcC7b+BQRiE1HJnwmoPo=
Subject key identifier:   3C:F5:AE:7A:90:24:89:E3:6A:D9:F9:78:31:A4:02:E1:D7:12:B6:57
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       019EBD35917D8753F68948852DB61B512A42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0B65
Signing time:             Fri 12 Jun 2026 19:01:04 +0000
Manifest this update:     Fri 12 Jun 2026 19:01:04 +0000
Manifest next update:     Sat 13 Jun 2026 19:01:04 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: dQCRwUr6V+F3b3GogC8n1nBlBq5GMJqT1vKWkXgH2oo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 19:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bd:35:91:7d:87:53:f6:89:48:85:2d:b6:1b:51:2a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Jun 12 19:01:04 2026 GMT
            Not After : Jun 13 19:01:04 2026 GMT
        Subject: CN=3cf5ae7a902489e36ad9f97831a402e1d712b657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:e0:23:d1:6d:ef:cf:9a:17:ff:35:1d:4c:41:
                    fb:be:24:2d:8b:ce:20:3e:e8:57:51:07:20:d8:71:
                    b2:f9:e9:c8:55:f9:71:ab:5f:d6:5d:8d:bc:98:c6:
                    35:34:3f:7c:fe:a1:28:90:81:1c:f1:a1:74:49:62:
                    0a:79:82:92:1d:b0:89:fe:60:35:b8:df:84:7e:69:
                    d0:99:4c:69:f9:5d:d4:db:ed:d5:22:5b:36:64:ca:
                    d9:6a:0f:72:ce:cd:ca:d3:02:c4:28:97:55:c4:8c:
                    45:d0:45:2e:9e:45:d0:89:d0:ff:4e:67:27:b9:3e:
                    c2:05:be:97:1c:10:cb:04:59:4b:64:d7:7f:fa:e6:
                    30:c1:17:5d:a8:59:57:66:07:b9:eb:fe:5c:37:2c:
                    47:ca:c9:2a:f9:40:2b:3d:a8:d6:73:9c:43:c3:5f:
                    8f:c2:a7:ca:31:f5:7f:44:0d:77:21:fb:bb:ef:08:
                    58:89:ea:76:96:05:17:e3:8e:ce:f6:58:13:54:41:
                    4e:c5:ec:c2:39:dc:e4:66:d6:b0:55:b8:b3:0d:cc:
                    85:a2:26:0a:86:8b:58:42:1e:c6:47:e4:d2:59:28:
                    bb:aa:00:57:71:b9:1c:69:56:1e:75:6c:7e:f8:5d:
                    fe:e0:64:8d:e8:3e:02:8b:a4:7f:d0:e8:fa:af:95:
                    b9:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:F5:AE:7A:90:24:89:E3:6A:D9:F9:78:31:A4:02:E1:D7:12:B6:57
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:96:04:58:91:05:a6:18:2f:bf:b0:f4:19:10:71:a4:4f:e5:
         d7:64:65:05:41:4f:da:f9:88:dd:a5:a8:19:3a:12:5a:0b:bc:
         56:cb:3b:c9:e8:9b:ee:01:2a:f4:68:d1:a2:b9:e6:35:e7:84:
         f8:d1:8c:08:b7:28:2b:96:9c:9e:aa:05:e2:07:03:b3:aa:0c:
         06:84:8a:7d:3d:fe:4e:0e:2d:c4:cb:e0:a4:86:33:fa:be:85:
         7c:4c:e3:23:53:cc:97:c8:2e:0f:f7:2c:67:e6:66:f8:58:99:
         03:1c:42:d0:12:94:b0:ae:10:67:08:8d:d5:f1:0b:c2:dc:7d:
         97:9a:03:4a:db:60:df:da:e1:6f:81:dc:28:8f:71:a4:41:59:
         3a:f0:5b:29:57:34:0b:49:af:86:ff:6d:0a:d8:85:91:36:c5:
         4c:14:2d:8b:8f:b5:dc:1b:85:b6:2e:76:e1:23:d9:23:ae:74:
         04:24:20:6a:c4:96:af:3c:b0:5a:c3:0a:11:51:b1:6f:90:a1:
         7e:ca:ae:b4:e0:78:20:b8:2e:82:2d:9a:31:a8:e1:ba:7e:8b:
         fa:04:ec:9c:a7:c2:eb:a8:99:0e:17:f4:5d:b8:b9:9b:1e:19:
         ac:c7:89:e5:6c:c2:9e:c7:21:87:50:71:e9:d6:7a:44:d9:8e:
         19:d6:a7:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ69NZF9h1P2iUiFLbYbUSpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjYwNjEyMTkwMTA0WhcNMjYwNjEzMTkwMTA0WjAzMTEwLwYDVQQD
EygzY2Y1YWU3YTkwMjQ4OWUzNmFkOWY5NzgzMWE0MDJlMWQ3MTJiNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uAj0W3vz5oX/zUdTEH7viQti84g
PuhXUQcg2HGy+enIVflxq1/WXY28mMY1ND98/qEokIEc8aF0SWIKeYKSHbCJ/mA1
uN+EfmnQmUxp+V3U2+3VIls2ZMrZag9yzs3K0wLEKJdVxIxF0EUunkXQidD/Tmcn
uT7CBb6XHBDLBFlLZNd/+uYwwRddqFlXZge56/5cNyxHyskq+UArPajWc5xDw1+P
wqfKMfV/RA13Ifu77whYiep2lgUX447O9lgTVEFOxezCOdzkZtawVbizDcyFoiYK
hotYQh7GR+TSWSi7qgBXcbkcaVYedWx++F3+4GSN6D4Ci6R/0Oj6r5W5MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDz1rnqQJInjatn5eDGkAuHXErZXMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAipYEWJEF
phgvv7D0GRBxpE/l12RlBUFP2vmI3aWoGToSWgu8Vss7yeib7gEq9GjRornmNeeE
+NGMCLcoK5acnqoF4gcDs6oMBoSKfT3+Tg4txMvgpIYz+r6FfEzjI1PMl8guD/cs
Z+Zm+FiZAxxC0BKUsK4QZwiN1fELwtx9l5oDSttg39rhb4HcKI9xpEFZOvBbKVc0
C0mvhv9tCtiFkTbFTBQti4+13BuFti524SPZI650BCQgasSWrzywWsMKEVGxb5Ch
fsqutOB4ILgugi2aMajhun6L+gTsnKfC66iZDhf0Xbi5mx4ZrMeJ5WzCnschh1Bx
6dZ6RNmOGdanmg==
-----END CERTIFICATE-----