Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          Ib2l3SnbVcfNrgKISHs5lZkh1PO3z0b6qWl4Rk6Woi0=
Subject key identifier:   F5:93:29:61:B5:5C:0B:5B:3A:67:45:F1:2D:58:23:9B:53:AC:7B:65
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019D3865F4E359408B572439C2B090A77460
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0920
Signing time:             Sun 29 Mar 2026 07:01:38 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:38 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:38 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: ymTGOG3nb0OuOv/J3jQ9SDKUC7RSDxYTzv4kGZVgreA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f4:e3:59:40:8b:57:24:39:c2:b0:90:a7:74:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Mar 29 07:01:38 2026 GMT
            Not After : Mar 30 07:01:38 2026 GMT
        Subject: CN=f5932961b55c0b5b3a6745f12d58239b53ac7b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:14:fb:2e:8b:ba:d7:05:4b:51:c8:c8:eb:ef:
                    4e:9c:99:29:66:eb:7b:17:db:bf:b7:93:e1:bd:93:
                    54:2d:f4:36:03:fb:15:83:5e:a1:0c:ef:d6:a4:97:
                    6d:10:22:fc:ab:85:fa:0a:a7:fb:77:68:73:40:32:
                    79:10:09:d1:69:26:a2:b5:a0:ff:47:ae:ab:2c:da:
                    e9:65:58:04:40:60:fa:b7:d3:e9:c2:be:b5:2c:4a:
                    46:4c:5d:bd:81:e1:59:79:21:d2:fb:5a:9d:ec:70:
                    e1:ab:5c:b5:54:cd:a7:ce:49:24:7c:83:10:ae:32:
                    1a:d7:d6:37:52:56:14:ea:a4:1f:5b:f4:44:70:4b:
                    c3:17:ad:6b:2f:ad:ac:19:a2:c1:c9:05:35:ce:6e:
                    c2:f3:36:e8:9c:c0:6a:c3:05:02:6b:09:96:9f:af:
                    c9:0b:c1:9a:dd:3c:ad:96:ad:00:5a:97:48:f0:da:
                    4c:4a:6e:be:b1:31:82:fc:21:09:ec:cf:ad:fd:4f:
                    aa:2d:d6:18:9e:1c:1b:9d:d6:92:d7:31:06:7e:7c:
                    9a:02:f1:a3:36:0c:29:f7:1b:4a:48:4b:6d:60:df:
                    34:d0:54:40:bf:b3:04:ca:b1:10:f6:1f:6b:c3:6c:
                    f5:bf:5e:a4:53:36:b1:94:9a:c2:0d:7f:d4:53:b3:
                    95:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:93:29:61:B5:5C:0B:5B:3A:67:45:F1:2D:58:23:9B:53:AC:7B:65
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:a1:d5:f0:b1:94:f0:61:72:b8:09:92:1b:f1:1f:36:67:c3:
         fc:25:a9:7c:bc:28:eb:a8:f2:7a:9f:52:0b:8f:c6:5f:77:df:
         c9:e9:a2:01:1e:56:dd:87:a7:d0:e9:6d:79:43:ad:0a:0a:7f:
         7a:61:d1:d4:23:33:3e:33:60:73:91:6f:af:e0:e9:ce:83:0c:
         4d:c9:81:c5:f2:5b:6f:ab:b9:88:73:27:1c:d1:73:50:51:b3:
         d4:85:6a:3d:a3:e7:75:1f:01:30:d9:3a:f6:6f:07:d2:d5:37:
         64:95:c2:b6:df:36:31:fd:7a:9f:e8:c9:eb:4a:42:d3:34:ab:
         c5:c4:be:df:f3:ef:8b:60:89:db:2b:16:66:ef:99:79:ed:36:
         93:49:5a:7d:d6:66:ef:cc:a7:b3:cf:7e:f6:c1:f3:c8:2c:5b:
         76:1c:ff:1a:6c:b6:6a:5c:55:08:5d:c7:d8:57:ed:03:50:b2:
         cb:7a:4a:3b:22:89:f0:50:00:d7:24:1d:7f:f7:40:c8:66:6d:
         da:b2:32:00:1c:fe:d3:ac:f1:d3:79:85:91:f7:33:21:6a:6a:
         dd:89:55:06:61:a9:79:7f:31:13:88:dd:9d:5a:f5:f9:6d:65:
         f0:4e:39:ce:22:1b:39:dc:1a:e3:d9:52:c8:2f:36:39:6a:5f:
         8f:50:a6:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfTjWUCLVyQ5wrCQp3RgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjYwMzI5MDcwMTM4WhcNMjYwMzMwMDcwMTM4WjAzMTEwLwYDVQQD
EyhmNTkzMjk2MWI1NWMwYjViM2E2NzQ1ZjEyZDU4MjM5YjUzYWM3YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxT7Lou61wVLUcjI6+9OnJkpZut7
F9u/t5PhvZNULfQ2A/sVg16hDO/WpJdtECL8q4X6Cqf7d2hzQDJ5EAnRaSaitaD/
R66rLNrpZVgEQGD6t9Ppwr61LEpGTF29geFZeSHS+1qd7HDhq1y1VM2nzkkkfIMQ
rjIa19Y3UlYU6qQfW/REcEvDF61rL62sGaLByQU1zm7C8zbonMBqwwUCawmWn6/J
C8Ga3Tytlq0AWpdI8NpMSm6+sTGC/CEJ7M+t/U+qLdYYnhwbndaS1zEGfnyaAvGj
Ngwp9xtKSEttYN800FRAv7MEyrEQ9h9rw2z1v16kUzaxlJrCDX/UU7OVFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWTKWG1XAtbOmdF8S1YI5tTrHtlMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlqHV8LGU
8GFyuAmSG/EfNmfD/CWpfLwo66jyep9SC4/GX3ffyemiAR5W3Yen0OlteUOtCgp/
emHR1CMzPjNgc5Fvr+DpzoMMTcmBxfJbb6u5iHMnHNFzUFGz1IVqPaPndR8BMNk6
9m8H0tU3ZJXCtt82Mf16n+jJ60pC0zSrxcS+3/Pvi2CJ2ysWZu+Zee02k0lafdZm
78yns89+9sHzyCxbdhz/Gmy2alxVCF3H2FftA1Cyy3pKOyKJ8FAA1yQdf/dAyGZt
2rIyABz+06zx03mFkfczIWpq3YlVBmGpeX8xE4jdnVr1+W1l8E45ziIbOdwa49lS
yC82OWpfj1CmSQ==
-----END CERTIFICATE-----