Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft
File:                     i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft (raw, json)
Hash identifier:          uQZ4EK4ofYYUIvFY3LrBNGu8xb7Uj61FNbe/WgAbfgI=
Subject key identifier:   3F:48:EA:B4:62:7A:17:6E:FB:25:77:DF:98:00:43:C3:33:48:74:1F
Authority key identifier: 8B:7B:E7:A4:76:06:AB:38:39:1F:B2:15:42:B5:F4:06:1F:02:A8:52
Certificate issuer:       /CN=8b7be7a47606ab38391fb21542b5f4061f02a852
Certificate serial:       019D38657997483B5C6D4DF63A7FD0973AE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft
Manifest number:          0F08
Signing time:             Sun 29 Mar 2026 07:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:07 +0000
Files and hashes:         1: i3vnpHYGqzg5H7IVQrX0Bh8CqFI.crl (hash: 2zoXiKnU5k3UKhhr6vS1SJ0fKnp3rrxdeevpoTEv974=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:79:97:48:3b:5c:6d:4d:f6:3a:7f:d0:97:3a:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b7be7a47606ab38391fb21542b5f4061f02a852
        Validity
            Not Before: Mar 29 07:01:07 2026 GMT
            Not After : Mar 30 07:01:07 2026 GMT
        Subject: CN=3f48eab4627a176efb2577df980043c33348741f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:80:f9:c0:2c:dd:62:6a:20:49:84:29:4b:bf:
                    6a:bc:8c:c7:c7:e7:d4:b0:67:6b:ab:91:01:2a:85:
                    49:26:54:f5:e3:31:8c:56:95:17:9d:03:fd:98:dd:
                    11:ee:26:54:e3:5c:b4:ab:b7:02:23:6c:8d:ce:91:
                    5d:20:02:2c:3a:f8:e3:e2:58:a7:23:1b:11:77:08:
                    b0:fb:e2:66:7d:4f:2c:d2:8b:b9:9b:eb:9f:90:3d:
                    9a:f7:13:97:b2:37:0e:d9:fa:0a:97:c3:c7:24:f4:
                    ad:97:14:f2:76:5d:69:f1:e1:03:02:00:6f:be:1b:
                    c1:b7:34:78:e7:18:32:4f:2a:a2:88:40:53:68:04:
                    e3:43:ce:65:6b:c8:52:86:08:92:e9:d4:d5:9f:0f:
                    10:2c:9f:60:22:bf:5f:7b:03:db:d8:d0:a5:79:65:
                    e1:22:b0:59:9a:d6:f0:94:b2:05:b4:03:93:9a:b0:
                    2c:72:49:5b:e8:57:d2:94:3a:b9:ec:44:34:64:8f:
                    6c:23:f9:ac:2b:8a:5e:86:a1:15:ca:76:a8:73:95:
                    b0:0e:14:cc:3e:c0:0b:65:c2:91:b9:44:1d:90:5e:
                    65:f4:d0:57:04:70:3d:13:63:c8:52:21:5b:43:ab:
                    8d:66:a4:2c:16:f9:6d:72:3b:25:11:d8:81:f4:47:
                    57:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:48:EA:B4:62:7A:17:6E:FB:25:77:DF:98:00:43:C3:33:48:74:1F
            X509v3 Authority Key Identifier:
                keyid:8B:7B:E7:A4:76:06:AB:38:39:1F:B2:15:42:B5:F4:06:1F:02:A8:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/247c5d-a272-482b-9c8e-37fe395d42f0/1/i3vnpHYGqzg5H7IVQrX0Bh8CqFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:e9:f5:17:80:a4:91:5c:64:65:84:75:0e:e8:c1:62:19:05:
         90:d8:07:24:88:62:4d:37:2e:f1:18:ba:0f:9b:4b:72:ae:a6:
         36:8d:08:82:27:b3:2d:26:19:a4:42:bd:8e:ef:e5:4c:db:bf:
         5b:60:00:a8:90:59:b3:8b:19:a3:d6:cb:e4:57:70:d2:50:c7:
         fa:b7:3e:d0:69:0d:0b:41:95:62:e6:cb:66:4d:9f:f3:e1:6a:
         ab:7b:e9:1f:1b:11:ac:6a:3c:7f:89:26:79:21:1e:26:de:ae:
         c1:15:92:78:c2:c5:d4:49:8c:54:7e:f7:61:26:8f:d9:fd:39:
         60:16:57:f7:2a:cf:28:ba:a7:eb:24:df:c0:96:08:f1:72:dc:
         74:fb:fe:a7:a3:fe:90:7c:a2:24:9c:c1:96:8a:42:2f:17:69:
         b5:0c:9b:ba:02:83:80:d2:5d:9d:12:53:ba:9e:45:eb:8c:60:
         30:ff:e2:68:42:4c:8a:05:6d:c8:6c:9d:1f:5a:78:6b:f7:13:
         91:30:de:52:8e:4e:3b:01:42:30:8e:9b:ee:e3:f8:c8:18:42:
         ed:69:34:9a:09:40:75:96:bb:4d:c5:04:e3:d8:dc:63:4c:62:
         87:84:bd:eb:c0:19:d2:63:9d:1a:5b:12:3f:da:db:23:10:35:
         b3:39:c7:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXmXSDtcbU32On/QlzrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2JlN2E0NzYwNmFiMzgzOTFmYjIxNTQyYjVmNDA2MWYw
MmE4NTIwHhcNMjYwMzI5MDcwMTA3WhcNMjYwMzMwMDcwMTA3WjAzMTEwLwYDVQQD
EygzZjQ4ZWFiNDYyN2ExNzZlZmIyNTc3ZGY5ODAwNDNjMzMzNDg3NDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYD5wCzdYmogSYQpS79qvIzHx+fU
sGdrq5EBKoVJJlT14zGMVpUXnQP9mN0R7iZU41y0q7cCI2yNzpFdIAIsOvjj4lin
IxsRdwiw++JmfU8s0ou5m+ufkD2a9xOXsjcO2foKl8PHJPStlxTydl1p8eEDAgBv
vhvBtzR45xgyTyqiiEBTaATjQ85la8hShgiS6dTVnw8QLJ9gIr9fewPb2NCleWXh
IrBZmtbwlLIFtAOTmrAscklb6FfSlDq57EQ0ZI9sI/msK4pehqEVynaoc5WwDhTM
PsALZcKRuUQdkF5l9NBXBHA9E2PIUiFbQ6uNZqQsFvltcjslEdiB9EdXlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9I6rRiehdu+yV335gAQ8MzSHQfMB8GA1UdIwQY
MBaAFIt756R2Bqs4OR+yFUK19AYfAqhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTN2bnBIWUdxemc1SDdJVlFyWDBCaDhDcUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yNDdjNWQtYTI3Mi00ODJiLTljOGUt
MzdmZTM5NWQ0MmYwLzEvaTN2bnBIWUdxemc1SDdJVlFyWDBCaDhDcUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yNDdjNWQtYTI3Mi00ODJiLTljOGUtMzdmZTM5NWQ0MmYw
LzEvaTN2bnBIWUdxemc1SDdJVlFyWDBCaDhDcUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOn1F4Ck
kVxkZYR1DujBYhkFkNgHJIhiTTcu8Ri6D5tLcq6mNo0IgiezLSYZpEK9ju/lTNu/
W2AAqJBZs4sZo9bL5Fdw0lDH+rc+0GkNC0GVYubLZk2f8+Fqq3vpHxsRrGo8f4km
eSEeJt6uwRWSeMLF1EmMVH73YSaP2f05YBZX9yrPKLqn6yTfwJYI8XLcdPv+p6P+
kHyiJJzBlopCLxdptQybugKDgNJdnRJTup5F64xgMP/iaEJMigVtyGydH1p4a/cT
kTDeUo5OOwFCMI6b7uP4yBhC7Wk0mglAdZa7TcUE49jcY0xih4S968AZ0mOdGlsS
P9rbIxA1sznHLA==
-----END CERTIFICATE-----