Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
File:                     3tRskpaCjJwCVTCqaEFgmt8FaaA.mft (raw, json)
Hash identifier:          XC2ZD/5bRBPGh5i0njeRzlgEuGU5qMvN+7vIKGDH0Y8=
Subject key identifier:   9E:7A:FD:1C:F6:E8:3C:0F:C6:42:EE:2C:1C:15:05:B5:78:39:13:44
Authority key identifier: DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0
Certificate issuer:       /CN=ded46c9296828c9c025530aa6841609adf0569a0
Certificate serial:       019D378981DDC665EE071CEA457D642B16C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
Manifest number:          05A6
Signing time:             Sun 29 Mar 2026 03:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:51 +0000
Files and hashes:         1: 3tRskpaCjJwCVTCqaEFgmt8FaaA.crl (hash: kalQcFJJx/M2JK/qtcNRnKYdKuLIGH3LoOD2P+7KTSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:81:dd:c6:65:ee:07:1c:ea:45:7d:64:2b:16:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ded46c9296828c9c025530aa6841609adf0569a0
        Validity
            Not Before: Mar 29 03:00:51 2026 GMT
            Not After : Mar 30 03:00:51 2026 GMT
        Subject: CN=9e7afd1cf6e83c0fc642ee2c1c1505b578391344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b8:51:df:a1:ef:3d:2a:ce:dd:48:ba:3e:91:
                    66:54:4f:19:80:0a:d3:a6:e3:65:e0:71:c0:ad:39:
                    6d:9c:89:8f:16:d0:d8:5c:b9:20:f9:69:89:b3:8a:
                    03:96:aa:e1:53:a7:9e:bb:00:fc:80:ed:c6:68:a1:
                    be:16:8b:d9:2d:0f:f1:98:0e:33:36:bc:c8:40:37:
                    a3:5a:20:c3:e7:be:0e:f7:43:d6:59:e3:87:01:46:
                    73:2c:06:43:58:bd:79:73:ff:53:05:63:47:2f:3b:
                    f5:4b:d8:35:65:e3:f9:36:22:df:da:82:d8:94:82:
                    9d:a8:1a:97:8c:dd:59:6f:3d:b6:81:bc:0f:00:b6:
                    91:61:88:af:3f:50:d2:0e:e1:9b:0d:23:7d:40:13:
                    61:bc:ba:0d:13:4b:ba:29:2a:cc:9f:df:2c:51:e1:
                    29:96:e1:05:c3:06:7f:55:ad:9c:de:23:93:5c:0c:
                    7a:f1:fd:33:8d:aa:17:ad:20:46:1e:ba:a1:d7:dd:
                    71:19:15:4a:3d:52:3b:98:2d:f5:3b:ba:c9:58:a1:
                    a2:c9:86:2c:6b:da:b9:7b:23:5e:ea:f5:6a:a3:d7:
                    46:27:66:e2:66:21:75:15:0f:c9:fe:d4:08:7d:a2:
                    75:7f:79:7f:2e:52:c3:4c:26:7b:5b:cf:f4:03:82:
                    dc:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:7A:FD:1C:F6:E8:3C:0F:C6:42:EE:2C:1C:15:05:B5:78:39:13:44
            X509v3 Authority Key Identifier:
                keyid:DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:15:8a:8c:e1:06:34:88:62:e4:80:dc:c1:87:66:b9:9b:88:
         09:f8:b1:62:2e:b3:48:b9:40:dd:13:e1:7d:ad:b2:c7:1e:ed:
         2c:2c:60:18:f3:a7:25:e8:ab:66:26:fd:a4:29:5e:c3:e0:dc:
         52:88:04:3a:07:ce:ab:af:e6:f1:0f:28:b2:e8:da:87:8f:36:
         37:a6:97:fa:51:9d:86:f9:ff:e2:db:c0:eb:4c:07:fc:e8:e8:
         80:b5:02:5f:71:01:21:02:53:86:6b:6f:67:ba:f3:df:be:81:
         d0:e4:46:ff:60:c1:c6:8d:6e:c2:9a:2f:94:2b:93:ec:30:e2:
         cd:33:28:b1:d5:05:1d:ab:38:9c:c7:8e:e6:1a:a8:60:1b:a0:
         41:a9:c3:85:fa:e2:19:3e:d0:49:f4:23:94:39:03:5d:98:f2:
         de:17:fa:7f:b3:29:15:20:c5:65:52:cd:b3:7f:de:cc:f0:ce:
         8b:94:c9:79:53:d9:fc:e6:49:45:a0:2b:a1:7c:79:c9:e3:6b:
         bd:05:4b:34:7e:42:bb:38:d5:d3:e4:67:d2:3b:c5:b1:87:74:
         5e:c2:85:49:b6:1b:7b:9a:b7:a2:29:8d:14:92:cf:ae:5e:f6:
         0e:bd:7b:4c:e2:44:44:2a:3c:da:49:93:46:12:5a:81:d7:9e:
         49:56:a2:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iYHdxmXuBxzqRX1kKxbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDQ2YzkyOTY4MjhjOWMwMjU1MzBhYTY4NDE2MDlhZGYw
NTY5YTAwHhcNMjYwMzI5MDMwMDUxWhcNMjYwMzMwMDMwMDUxWjAzMTEwLwYDVQQD
Eyg5ZTdhZmQxY2Y2ZTgzYzBmYzY0MmVlMmMxYzE1MDViNTc4MzkxMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7hR36HvPSrO3Ui6PpFmVE8ZgArT
puNl4HHArTltnImPFtDYXLkg+WmJs4oDlqrhU6eeuwD8gO3GaKG+FovZLQ/xmA4z
NrzIQDejWiDD574O90PWWeOHAUZzLAZDWL15c/9TBWNHLzv1S9g1ZeP5NiLf2oLY
lIKdqBqXjN1Zbz22gbwPALaRYYivP1DSDuGbDSN9QBNhvLoNE0u6KSrMn98sUeEp
luEFwwZ/Va2c3iOTXAx68f0zjaoXrSBGHrqh191xGRVKPVI7mC31O7rJWKGiyYYs
a9q5eyNe6vVqo9dGJ2biZiF1FQ/J/tQIfaJ1f3l/LlLDTCZ7W8/0A4LcYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ56/Rz26DwPxkLuLBwVBbV4ORNEMB8GA1UdIwQY
MBaAFN7UbJKWgoycAlUwqmhBYJrfBWmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2Et
YTAwMDdiZDVhY2U3LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2EtYTAwMDdiZDVhY2U3
LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhWKjOEG
NIhi5IDcwYdmuZuICfixYi6zSLlA3RPhfa2yxx7tLCxgGPOnJeirZib9pClew+Dc
UogEOgfOq6/m8Q8osujah482N6aX+lGdhvn/4tvA60wH/OjogLUCX3EBIQJThmtv
Z7rz376B0ORG/2DBxo1uwpovlCuT7DDizTMosdUFHas4nMeO5hqoYBugQanDhfri
GT7QSfQjlDkDXZjy3hf6f7MpFSDFZVLNs3/ezPDOi5TJeVPZ/OZJRaAroXx5yeNr
vQVLNH5CuzjV0+Rn0jvFsYd0XsKFSbYbe5q3oimNFJLPrl72Dr17TOJERCo82kmT
RhJagdeeSVaipg==
-----END CERTIFICATE-----