Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          jXctB+XO9XOK+rFvmL4E9HdDmlcCZ96lJDuxeGs4mSg=
Subject key identifier:   44:53:5D:B4:03:57:C4:60:CE:D7:18:36:45:01:94:EC:97:64:D8:D9
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       019D99D016AB43647EF9E2640AC04211D1CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          11C3
Signing time:             Fri 17 Apr 2026 05:00:44 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:44 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:44 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: 0KftwA2DcvfNoulscnJxJwBFmAGdKnL8c0Nz7QPcTcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:16:ab:43:64:7e:f9:e2:64:0a:c0:42:11:d1:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Apr 17 05:00:44 2026 GMT
            Not After : Apr 18 05:00:44 2026 GMT
        Subject: CN=44535db40357c460ced71836450194ec9764d8d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a8:be:54:3f:72:70:70:eb:d5:a6:b0:94:11:
                    dc:d6:dd:60:7c:9a:d0:bc:e3:94:7f:bc:f4:19:ed:
                    50:e3:8a:35:d9:90:36:79:f8:4e:04:a2:d0:f0:31:
                    9f:9e:55:c9:e4:49:6c:c3:8d:8b:7d:09:1d:4c:d1:
                    bb:59:45:6f:c1:4b:49:f7:2a:1a:0f:11:27:f9:df:
                    c1:7f:25:67:61:ba:7a:2a:ba:b1:df:52:61:ec:3a:
                    af:ea:1b:db:1d:80:f1:af:56:3a:f9:36:1b:06:0e:
                    46:11:14:f7:0f:80:0c:ef:c9:e0:7d:3c:d8:2e:10:
                    2b:08:43:0f:0a:03:4f:6c:b8:42:45:d8:2d:06:28:
                    86:29:19:77:ab:f4:d1:7c:63:aa:5a:42:bf:b1:08:
                    ff:ea:0d:ee:30:20:48:56:1e:0a:36:36:6c:27:b0:
                    c6:81:b3:de:b2:71:90:b7:bb:44:d4:b1:9c:70:a1:
                    d5:d6:d1:bc:bb:56:9d:87:13:44:66:c4:07:cc:81:
                    e8:19:fe:0d:4a:2d:b4:0b:78:e3:9f:54:36:9e:d1:
                    1d:79:f0:07:1f:d8:86:1a:87:6b:50:69:c3:cf:bb:
                    60:b7:4f:9b:c4:a6:9a:e3:ad:0a:d0:7d:90:f0:a5:
                    b8:ea:69:0d:e2:e0:8c:12:49:d6:62:96:d0:c3:d8:
                    33:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:53:5D:B4:03:57:C4:60:CE:D7:18:36:45:01:94:EC:97:64:D8:D9
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:ed:ef:1d:21:2c:f1:3a:a0:03:c6:26:6d:3f:7e:9e:5c:85:
         13:67:34:b8:0e:3c:99:12:0b:27:81:a0:7f:b7:4f:0b:cc:26:
         36:f7:ec:4d:3a:f8:93:6f:eb:7d:93:f4:13:03:e1:e8:62:6a:
         d2:34:81:47:a0:b2:73:81:db:53:28:f6:e7:55:d3:76:13:17:
         27:e2:5a:49:95:dc:bd:10:6e:36:78:0d:ad:22:f1:6d:65:51:
         71:a2:78:5d:08:73:ee:bf:c4:f3:cc:09:f7:3b:e7:34:73:91:
         3a:19:33:ba:13:7e:45:fe:7d:ab:b1:3d:00:d7:77:27:e2:1b:
         62:5b:2c:ef:b5:7c:bb:69:1b:9e:07:1d:13:09:f4:7b:56:fd:
         d1:42:75:79:d8:77:b4:d6:d6:98:59:9e:ea:ae:6e:b7:d7:17:
         53:36:6a:33:a8:bb:4e:c0:c3:ba:fd:ff:ab:02:3f:d4:f3:26:
         0a:c6:79:97:c4:24:b1:68:df:89:c2:23:49:74:1e:1d:68:06:
         04:43:6f:5c:69:9b:0f:d9:ce:6a:c3:00:ff:ca:30:42:5e:0e:
         f2:52:5c:39:c2:1b:36:32:55:2a:1f:01:bf:12:86:a8:16:01:
         f7:9f:5d:22:d2:b6:21:f3:26:f0:c7:8a:b1:04:d1:b7:74:12:
         77:93:68:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0BarQ2R++eJkCsBCEdHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjYwNDE3MDUwMDQ0WhcNMjYwNDE4MDUwMDQ0WjAzMTEwLwYDVQQD
Eyg0NDUzNWRiNDAzNTdjNDYwY2VkNzE4MzY0NTAxOTRlYzk3NjRkOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqi+VD9ycHDr1aawlBHc1t1gfJrQ
vOOUf7z0Ge1Q44o12ZA2efhOBKLQ8DGfnlXJ5Elsw42LfQkdTNG7WUVvwUtJ9yoa
DxEn+d/BfyVnYbp6Krqx31Jh7Dqv6hvbHYDxr1Y6+TYbBg5GERT3D4AM78ngfTzY
LhArCEMPCgNPbLhCRdgtBiiGKRl3q/TRfGOqWkK/sQj/6g3uMCBIVh4KNjZsJ7DG
gbPesnGQt7tE1LGccKHV1tG8u1adhxNEZsQHzIHoGf4NSi20C3jjn1Q2ntEdefAH
H9iGGodrUGnDz7tgt0+bxKaa460K0H2Q8KW46mkN4uCMEknWYpbQw9gzgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERTXbQDV8RgztcYNkUBlOyXZNjZMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuu3vHSEs
8TqgA8YmbT9+nlyFE2c0uA48mRILJ4Ggf7dPC8wmNvfsTTr4k2/rfZP0EwPh6GJq
0jSBR6Cyc4HbUyj251XTdhMXJ+JaSZXcvRBuNngNrSLxbWVRcaJ4XQhz7r/E88wJ
9zvnNHOROhkzuhN+Rf59q7E9ANd3J+IbYlss77V8u2kbngcdEwn0e1b90UJ1edh3
tNbWmFme6q5ut9cXUzZqM6i7TsDDuv3/qwI/1PMmCsZ5l8QksWjficIjSXQeHWgG
BENvXGmbD9nOasMA/8owQl4O8lJcOcIbNjJVKh8BvxKGqBYB959dItK2IfMm8MeK
sQTRt3QSd5NoGg==
-----END CERTIFICATE-----