Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          +sWKbH337Ts83yGKl3FpH/A0Otp6/kAWsjAy25VRxm4=
Subject key identifier:   F6:FF:6E:3B:E1:4E:E1:E5:21:20:40:D4:D3:51:9C:FA:87:6B:BC:89
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       019CAA58496E693CB059CBAD5DD6C19BA1BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          1147
Signing time:             Sun 01 Mar 2026 17:00:38 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:38 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:38 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: eAFnL8SyHertIsTIGq/7+hCrWWEAug5cjZrDQZzRtww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:49:6e:69:3c:b0:59:cb:ad:5d:d6:c1:9b:a1:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Mar  1 17:00:38 2026 GMT
            Not After : Mar  2 17:00:38 2026 GMT
        Subject: CN=f6ff6e3be14ee1e5212040d4d3519cfa876bbc89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:51:33:7c:51:7e:b1:a1:ef:98:d5:d9:fe:6a:
                    a5:41:2a:50:f5:76:82:bf:a0:d0:63:8a:fe:db:09:
                    24:01:49:c2:a5:50:cf:f4:6c:7e:47:bb:d3:10:d9:
                    f5:a7:a3:b6:ab:f7:75:e2:26:5e:dd:7a:d5:4b:2a:
                    0c:c6:01:f3:65:19:fc:89:44:cc:79:91:86:e7:26:
                    91:03:2b:d3:fa:8f:3d:b4:db:56:2d:95:a4:51:f1:
                    cb:7c:bd:d9:63:c5:5b:a8:06:35:c7:76:74:4f:5e:
                    13:3e:6a:1b:99:f3:ae:7c:10:3f:0f:b8:3f:db:b1:
                    95:96:da:81:2d:4a:c2:cb:a9:76:48:1c:c3:4a:ca:
                    70:6b:18:91:e8:e0:2d:63:38:54:6a:a3:0d:c4:1c:
                    93:f8:a1:bd:32:d2:03:8f:19:40:cf:c0:b4:bc:d7:
                    8a:e1:9b:04:5d:91:0d:8d:af:b2:c7:ec:63:b1:74:
                    f0:d9:b9:bc:7d:97:64:3a:6f:d2:4c:54:7c:0c:aa:
                    7c:2d:64:4d:d1:86:db:f2:df:4d:ef:3f:02:f1:4a:
                    ac:d0:5e:3a:15:1e:fa:31:a8:8d:05:94:0a:be:5e:
                    c2:43:e7:9d:2f:66:33:62:68:78:d9:68:01:10:68:
                    34:7d:22:0a:cd:51:c9:74:3c:9c:f4:c9:de:6f:71:
                    36:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:FF:6E:3B:E1:4E:E1:E5:21:20:40:D4:D3:51:9C:FA:87:6B:BC:89
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:b6:94:74:47:b8:81:ab:a5:bc:e1:45:51:32:20:cc:2b:cc:
         dc:82:16:7a:fc:3e:bc:42:85:3e:3d:6d:59:8d:a1:56:9d:d8:
         ba:21:0d:a8:9f:88:78:34:20:1c:67:0d:0a:28:b2:24:1e:4b:
         6b:51:a3:5a:1a:4f:89:8d:98:23:9b:27:f3:f9:04:62:2a:c1:
         1a:df:c9:91:32:50:d4:2e:32:74:cc:57:3c:cb:ff:97:45:3e:
         42:95:31:dd:a6:89:75:96:d3:63:63:e5:2d:ba:53:ce:0d:21:
         9e:79:72:04:fe:11:03:65:4b:c9:cf:2c:7c:6c:06:b3:80:2e:
         7a:83:45:5f:bb:80:4c:bd:ae:dd:28:de:93:13:07:11:59:fc:
         6a:35:d1:89:34:0b:c3:e3:db:bb:0a:4b:8b:ea:c5:e0:ab:58:
         e1:ac:c4:16:96:24:95:d0:89:27:34:46:5a:cb:52:d4:5c:22:
         5e:80:93:99:9e:43:c4:cb:d1:f5:db:ce:98:53:cb:ee:2e:bc:
         08:c7:fa:67:f0:6f:ae:8d:dd:1d:c9:e6:96:70:5f:c0:3e:19:
         c7:59:29:4f:c5:c2:14:31:b1:96:07:12:0b:c1:0f:c6:4b:b4:
         aa:c4:9f:30:24:de:a6:b3:37:48:eb:57:f8:05:28:65:5c:28:
         5d:36:11:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWEluaTywWcutXdbBm6G9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjYwMzAxMTcwMDM4WhcNMjYwMzAyMTcwMDM4WjAzMTEwLwYDVQQD
EyhmNmZmNmUzYmUxNGVlMWU1MjEyMDQwZDRkMzUxOWNmYTg3NmJiYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlEzfFF+saHvmNXZ/mqlQSpQ9XaC
v6DQY4r+2wkkAUnCpVDP9Gx+R7vTENn1p6O2q/d14iZe3XrVSyoMxgHzZRn8iUTM
eZGG5yaRAyvT+o89tNtWLZWkUfHLfL3ZY8VbqAY1x3Z0T14TPmobmfOufBA/D7g/
27GVltqBLUrCy6l2SBzDSspwaxiR6OAtYzhUaqMNxByT+KG9MtIDjxlAz8C0vNeK
4ZsEXZENja+yx+xjsXTw2bm8fZdkOm/STFR8DKp8LWRN0Ybb8t9N7z8C8Uqs0F46
FR76MaiNBZQKvl7CQ+edL2YzYmh42WgBEGg0fSIKzVHJdDyc9Mneb3E2mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPb/bjvhTuHlISBA1NNRnPqHa7yJMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI7aUdEe4
gaulvOFFUTIgzCvM3IIWevw+vEKFPj1tWY2hVp3YuiENqJ+IeDQgHGcNCiiyJB5L
a1GjWhpPiY2YI5sn8/kEYirBGt/JkTJQ1C4ydMxXPMv/l0U+QpUx3aaJdZbTY2Pl
LbpTzg0hnnlyBP4RA2VLyc8sfGwGs4AueoNFX7uATL2u3SjekxMHEVn8ajXRiTQL
w+PbuwpLi+rF4KtY4azEFpYkldCJJzRGWstS1FwiXoCTmZ5DxMvR9dvOmFPL7i68
CMf6Z/Bvro3dHcnmlnBfwD4Zx1kpT8XCFDGxlgcSC8EPxku0qsSfMCTeprM3SOtX
+AUoZVwoXTYRRA==
-----END CERTIFICATE-----