Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
File:                     N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft (raw, json)
Hash identifier:          6vEWoFqQjTz74vmSBy2516iAOd2sIzxFI/PdvAhFZSE=
Subject key identifier:   BB:3A:7C:4F:C1:37:8F:4F:59:4F:2C:5D:8E:1E:AE:0D:3E:47:96:74
Authority key identifier: 37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9
Certificate issuer:       /CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
Certificate serial:       019D382E7225383011F02F44715D25701167
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
Manifest number:          0D99
Signing time:             Sun 29 Mar 2026 06:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:01 +0000
Files and hashes:         1: N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl (hash: Kk8Tq6BuLv5z736H5NldJ5dV1k118Vl8/IG6dMUCJr0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:72:25:38:30:11:f0:2f:44:71:5d:25:70:11:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
        Validity
            Not Before: Mar 29 06:01:01 2026 GMT
            Not After : Mar 30 06:01:01 2026 GMT
        Subject: CN=bb3a7c4fc1378f4f594f2c5d8e1eae0d3e479674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:60:bd:5a:5e:fa:20:95:8b:4e:2a:af:25:3b:
                    f6:f4:22:8c:6e:64:e4:9d:36:84:9f:0a:59:e8:ae:
                    6b:ab:42:81:40:bd:d3:e5:bb:72:9f:cc:31:cc:a8:
                    a1:58:67:39:81:af:ee:c6:1a:8b:85:81:61:58:97:
                    27:e2:bc:43:70:a0:08:75:4e:bf:af:a0:83:60:05:
                    c9:20:23:38:8f:67:1c:9b:13:e8:f9:9d:d5:0a:14:
                    03:11:20:87:af:fa:f8:69:6d:44:93:a0:85:bd:00:
                    81:a4:5b:e5:b8:10:ec:74:0a:ef:08:8f:06:4c:87:
                    01:26:60:c5:1a:86:db:3a:17:ba:ad:2d:de:1b:a5:
                    2d:d0:f0:d2:15:fd:3a:f0:93:89:5d:8a:eb:e7:b0:
                    c9:9e:f6:d8:a5:71:6b:bf:2c:de:ae:43:57:64:7a:
                    1e:6b:70:84:e1:f5:51:52:96:23:5e:2a:a9:34:7a:
                    97:24:72:52:c7:5a:e0:5f:5c:38:e2:cb:af:81:b4:
                    74:bc:f1:ee:46:e5:ec:32:8e:0b:ed:eb:90:b9:11:
                    7f:8c:ab:9c:fc:e0:ab:73:37:96:a4:0f:f7:f8:d5:
                    c4:09:df:bd:b1:6c:48:59:e3:b3:65:77:e8:63:eb:
                    d0:1f:5a:53:b8:22:07:7d:f6:44:05:2b:b7:24:fb:
                    82:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:3A:7C:4F:C1:37:8F:4F:59:4F:2C:5D:8E:1E:AE:0D:3E:47:96:74
            X509v3 Authority Key Identifier:
                keyid:37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:43:9b:2b:00:63:2d:fc:d3:e2:de:1e:49:4e:5d:66:ac:93:
         dc:f5:d8:39:20:b2:20:f8:1b:7f:32:1c:6c:ad:78:19:41:88:
         44:fc:4b:14:bf:25:cd:d2:87:07:d8:f7:24:78:55:95:c2:41:
         9a:a6:99:23:78:f7:83:52:46:57:58:ed:a0:25:cb:43:e6:78:
         a2:be:82:07:c8:b3:6d:94:08:a2:b5:83:da:a3:e3:62:23:9e:
         1c:14:f4:bf:cf:dc:8c:17:f4:39:e7:17:82:5d:eb:7a:2b:7f:
         4e:42:8e:36:c4:01:3a:9c:f5:2d:50:4f:47:99:d0:e4:08:ee:
         08:4c:39:f6:07:ca:7c:93:27:0a:b0:e7:ce:08:bd:98:28:4d:
         e7:ce:de:ce:99:25:2a:ad:82:d4:ec:4b:a2:82:d4:81:77:d1:
         80:5b:4a:35:51:ab:07:cb:71:07:ac:78:90:9c:c3:91:5f:90:
         79:62:c5:75:6a:a9:0b:43:b9:fb:a0:74:cc:12:14:e9:eb:13:
         98:cb:73:bf:3f:25:a5:e6:2f:93:7a:a8:d2:62:c9:94:00:87:
         f9:87:c6:9b:73:0d:b2:93:26:e6:36:1d:23:18:4e:56:b8:d0:
         0a:6a:a2:06:e0:36:b9:aa:fa:76:24:7b:f9:04:08:b5:67:f2:
         be:bf:bf:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LnIlODAR8C9EcV0lcBFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NzFiZDZlMmRkYTVmYTMwNTdjNGJjMjgzZmFmNzEzYTkx
NWE1ZDkwHhcNMjYwMzI5MDYwMTAxWhcNMjYwMzMwMDYwMTAxWjAzMTEwLwYDVQQD
EyhiYjNhN2M0ZmMxMzc4ZjRmNTk0ZjJjNWQ4ZTFlYWUwZDNlNDc5Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomC9Wl76IJWLTiqvJTv29CKMbmTk
nTaEnwpZ6K5rq0KBQL3T5btyn8wxzKihWGc5ga/uxhqLhYFhWJcn4rxDcKAIdU6/
r6CDYAXJICM4j2ccmxPo+Z3VChQDESCHr/r4aW1Ek6CFvQCBpFvluBDsdArvCI8G
TIcBJmDFGobbOhe6rS3eG6Ut0PDSFf068JOJXYrr57DJnvbYpXFrvyzerkNXZHoe
a3CE4fVRUpYjXiqpNHqXJHJSx1rgX1w44suvgbR0vPHuRuXsMo4L7euQuRF/jKuc
/OCrczeWpA/3+NXECd+9sWxIWeOzZXfoY+vQH1pTuCIHffZEBSu3JPuCvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLs6fE/BN49PWU8sXY4erg0+R5Z0MB8GA1UdIwQY
MBaAFDdxvW4t2l+jBXxLwoP69xOpFaXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAt
OWRjZjZiM2MwNzk3LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAtOWRjZjZiM2MwNzk3
LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo0ObKwBj
LfzT4t4eSU5dZqyT3PXYOSCyIPgbfzIcbK14GUGIRPxLFL8lzdKHB9j3JHhVlcJB
mqaZI3j3g1JGV1jtoCXLQ+Z4or6CB8izbZQIorWD2qPjYiOeHBT0v8/cjBf0OecX
gl3reit/TkKONsQBOpz1LVBPR5nQ5AjuCEw59gfKfJMnCrDnzgi9mChN587ezpkl
Kq2C1OxLooLUgXfRgFtKNVGrB8txB6x4kJzDkV+QeWLFdWqpC0O5+6B0zBIU6esT
mMtzvz8lpeYvk3qo0mLJlACH+YfGm3MNspMm5jYdIxhOVrjQCmqiBuA2uar6diR7
+QQItWfyvr+/8A==
-----END CERTIFICATE-----