Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          c78UcaJCaxRjDn9ch1w+ndsNp37RmkE2ULj47qUB57w=
Subject key identifier:   39:A3:DF:F2:EE:F5:33:7B:54:5C:79:8F:13:97:53:B6:D0:7A:85:4D
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019D386601B3DABD32740B9CE60A3FD88915
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          1030
Signing time:             Sun 29 Mar 2026 07:01:42 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:42 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:42 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: cCL4QWnBTNPSpqu9OQFCpJB0EhL9XV4II3meOjFh+lA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:01:b3:da:bd:32:74:0b:9c:e6:0a:3f:d8:89:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Mar 29 07:01:42 2026 GMT
            Not After : Mar 30 07:01:42 2026 GMT
        Subject: CN=39a3dff2eef5337b545c798f139753b6d07a854d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:69:a2:91:84:db:85:f0:71:8d:bf:e3:29:68:
                    f7:43:5e:a4:0b:73:24:46:65:c6:4a:0f:57:7c:61:
                    65:49:09:71:78:cf:25:5b:36:29:3c:90:29:5e:3f:
                    45:d0:fa:51:5e:2e:10:54:c4:cc:e2:d1:6b:56:03:
                    7b:27:98:99:95:c3:25:1d:a4:76:82:97:31:95:09:
                    71:fa:1e:d9:ff:bb:c6:2c:f8:f9:9c:56:6b:d7:1c:
                    81:b8:36:7c:b0:e7:29:c2:63:b0:00:7e:b2:8d:d7:
                    ba:c9:b5:44:a1:99:1b:2d:53:28:2b:2c:df:e9:42:
                    a6:47:af:60:4f:63:01:15:d5:c9:43:3e:5b:c6:f8:
                    8f:92:c3:55:08:d2:b2:ec:1b:70:79:30:b4:df:a1:
                    7d:1b:53:32:a9:39:26:7f:4c:66:f2:53:77:4a:6e:
                    8d:f9:72:4f:85:73:92:1c:d8:57:23:4c:ea:15:b1:
                    50:7c:49:37:0a:05:a7:21:c7:43:a2:d0:fb:c3:89:
                    8d:c3:e9:1c:28:12:44:44:c7:84:45:ff:3f:3f:10:
                    2e:a6:b1:d1:18:93:a5:6e:f3:e4:cb:42:d3:ea:28:
                    8d:aa:65:b7:2a:af:b2:6a:ae:85:e2:ab:1e:bd:96:
                    2a:2a:f5:c9:d5:32:93:fa:5a:4e:6c:94:c6:a6:fc:
                    1e:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:A3:DF:F2:EE:F5:33:7B:54:5C:79:8F:13:97:53:B6:D0:7A:85:4D
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ff:ff:95:67:2e:5c:6b:c2:e7:c1:e7:36:93:07:1e:89:b8:
         7a:cb:dd:6b:06:05:0a:f4:c5:5c:f3:0a:4d:d8:c3:6d:4c:a6:
         98:e8:9a:a6:19:ba:e3:7a:8c:08:da:d9:99:80:b1:8d:44:ad:
         61:6d:f9:88:cc:a5:f6:4e:bf:ae:e2:90:8e:14:43:f6:8d:92:
         06:38:09:d5:3e:50:a3:d9:f3:f1:49:ef:d3:9a:72:05:6b:7a:
         74:89:71:92:3f:19:cd:94:61:5b:ea:86:ab:ad:a8:76:1b:6f:
         5f:94:c1:da:c6:9e:38:9b:5b:04:bc:53:c3:e0:b4:7b:f0:a8:
         61:c3:a3:d1:71:fd:d1:e7:d2:23:d8:a6:47:45:a9:1e:e7:31:
         8d:08:ad:43:31:5f:5a:0b:c2:ce:a3:48:d4:2f:18:4e:a1:40:
         46:22:da:02:bf:76:a7:e0:05:c8:78:55:a7:2b:97:74:43:ea:
         48:d9:d3:d9:d1:ff:b4:6d:ea:31:3c:b2:86:ac:e1:79:0e:ef:
         d9:0b:85:97:61:24:d3:57:eb:4e:b4:d8:bd:b8:c1:bf:40:8b:
         0d:cd:af:66:48:d7:d7:b8:fe:48:52:02:8d:4b:f8:2e:65:92:
         ec:4e:c9:e4:d1:6a:41:8e:00:da:f9:a5:cc:0c:33:c4:8e:d8:
         26:5b:6d:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgGz2r0ydAuc5go/2IkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwMzI5MDcwMTQyWhcNMjYwMzMwMDcwMTQyWjAzMTEwLwYDVQQD
EygzOWEzZGZmMmVlZjUzMzdiNTQ1Yzc5OGYxMzk3NTNiNmQwN2E4NTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGmikYTbhfBxjb/jKWj3Q16kC3Mk
RmXGSg9XfGFlSQlxeM8lWzYpPJApXj9F0PpRXi4QVMTM4tFrVgN7J5iZlcMlHaR2
gpcxlQlx+h7Z/7vGLPj5nFZr1xyBuDZ8sOcpwmOwAH6yjde6ybVEoZkbLVMoKyzf
6UKmR69gT2MBFdXJQz5bxviPksNVCNKy7BtweTC036F9G1MyqTkmf0xm8lN3Sm6N
+XJPhXOSHNhXI0zqFbFQfEk3CgWnIcdDotD7w4mNw+kcKBJERMeERf8/PxAuprHR
GJOlbvPky0LT6iiNqmW3Kq+yaq6F4qsevZYqKvXJ1TKT+lpObJTGpvwebQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmj3/Lu9TN7VFx5jxOXU7bQeoVNMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPf//lWcu
XGvC58HnNpMHHom4esvdawYFCvTFXPMKTdjDbUymmOiaphm643qMCNrZmYCxjUSt
YW35iMyl9k6/ruKQjhRD9o2SBjgJ1T5Qo9nz8Unv05pyBWt6dIlxkj8ZzZRhW+qG
q62odhtvX5TB2saeOJtbBLxTw+C0e/CoYcOj0XH90efSI9imR0WpHucxjQitQzFf
WgvCzqNI1C8YTqFARiLaAr92p+AFyHhVpyuXdEPqSNnT2dH/tG3qMTyyhqzheQ7v
2QuFl2Ek01frTrTYvbjBv0CLDc2vZkjX17j+SFICjUv4LmWS7E7J5NFqQY4A2vml
zAwzxI7YJlttkA==
-----END CERTIFICATE-----