Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          wD9H442T0iYiUydm5i8vzvPykkKRnBK5hEj0TUhNS9A=
Subject key identifier:   58:48:83:8C:AE:9F:34:97:B3:91:49:7B:27:0C:B4:E6:3D:5F:72:49
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019D371BB90C6627BF161B045D7BC08A8420
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          07FB
Signing time:             Sun 29 Mar 2026 01:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:56 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: tcmLehAXyjzfiFpwjNXus+Bgdn+Qu9YrDazvJ8/b3hk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:b9:0c:66:27:bf:16:1b:04:5d:7b:c0:8a:84:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Mar 29 01:00:56 2026 GMT
            Not After : Mar 30 01:00:56 2026 GMT
        Subject: CN=5848838cae9f3497b391497b270cb4e63d5f7249
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4c:d4:8f:bc:4f:8a:c2:1c:13:b9:1e:4a:6f:
                    8a:c8:e5:8c:ed:47:6b:32:2e:4b:89:26:09:c4:76:
                    4a:bc:73:a6:d7:a3:83:f0:2f:a1:97:de:97:e5:96:
                    b8:b9:66:84:c9:94:cb:bd:4f:35:04:ed:f4:12:e2:
                    51:ef:61:ba:71:ff:f5:48:7b:b0:5c:f9:66:02:94:
                    0d:4c:02:c1:b0:02:a5:52:8c:65:d4:3f:df:04:fd:
                    35:9f:ff:bc:72:b8:36:be:7e:ac:cb:30:a9:f2:5a:
                    27:90:16:98:ec:5f:82:b6:5c:92:8a:ea:32:f4:f2:
                    44:06:9d:8b:fb:62:f0:10:00:10:86:e1:8c:85:c4:
                    f5:b0:97:73:4d:8f:4f:6f:c5:0c:ab:3b:69:c1:9d:
                    2d:de:5a:f2:95:60:70:fe:44:35:e8:ab:5f:95:bc:
                    e7:c1:68:e4:d0:67:44:5f:71:be:b4:71:f9:28:3a:
                    f8:03:db:1d:e4:7b:70:d3:b8:64:9d:fa:45:09:de:
                    39:42:1e:0a:e5:8f:ac:b8:dd:21:ce:41:a5:10:2f:
                    b3:19:ef:33:c9:c5:c9:c3:d8:63:36:c1:cd:71:db:
                    7e:c0:92:90:50:c1:cf:c2:19:f7:87:7a:ea:43:74:
                    85:bf:58:88:cb:9b:22:fd:e3:55:be:ce:11:9e:73:
                    af:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:48:83:8C:AE:9F:34:97:B3:91:49:7B:27:0C:B4:E6:3D:5F:72:49
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:c1:6d:23:23:a6:15:b8:59:2b:37:a9:c3:21:88:39:bc:6c:
         10:cf:77:27:47:b9:4c:a7:c4:c0:48:b0:cc:35:2c:64:ff:76:
         ec:0e:d4:31:76:df:07:2d:99:b5:9a:9e:94:83:00:61:cd:5d:
         bc:f8:4f:6b:2a:6e:8c:8c:21:15:9a:12:23:e8:4e:fa:5e:dc:
         90:88:59:20:aa:79:58:8a:78:7c:d1:84:26:60:08:32:8d:29:
         41:da:06:4d:ec:f6:50:bc:2e:f5:a5:d7:54:9c:44:ad:50:fa:
         4d:b9:96:3d:77:f2:6b:ec:63:0f:35:7a:7d:ef:74:be:21:e3:
         f1:5c:c8:cb:23:d9:63:68:de:c6:a6:16:35:c9:28:d8:ec:1c:
         18:44:5b:3e:18:60:b0:7b:1d:d6:9c:b1:7f:47:00:7e:1b:40:
         b9:96:df:ef:48:97:98:c3:ee:be:80:3d:ba:83:b6:c6:1f:5f:
         ee:b8:88:58:d3:33:72:6a:38:6b:1f:94:24:1f:52:e0:7a:04:
         0b:71:0f:ef:29:a1:7c:ec:a4:aa:f3:c0:50:ba:14:b2:4d:0c:
         37:10:9f:7d:4b:41:08:cd:9e:28:c8:ac:94:79:34:30:3c:59:
         1b:22:a1:a8:50:c3:9c:cf:d0:5a:c1:57:03:73:4f:ca:bb:99:
         16:1a:79:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G7kMZie/FhsEXXvAioQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjYwMzI5MDEwMDU2WhcNMjYwMzMwMDEwMDU2WjAzMTEwLwYDVQQD
Eyg1ODQ4ODM4Y2FlOWYzNDk3YjM5MTQ5N2IyNzBjYjRlNjNkNWY3MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkzUj7xPisIcE7keSm+KyOWM7Udr
Mi5LiSYJxHZKvHOm16OD8C+hl96X5Za4uWaEyZTLvU81BO30EuJR72G6cf/1SHuw
XPlmApQNTALBsAKlUoxl1D/fBP01n/+8crg2vn6syzCp8lonkBaY7F+CtlySiuoy
9PJEBp2L+2LwEAAQhuGMhcT1sJdzTY9Pb8UMqztpwZ0t3lrylWBw/kQ16Ktflbzn
wWjk0GdEX3G+tHH5KDr4A9sd5Htw07hknfpFCd45Qh4K5Y+suN0hzkGlEC+zGe8z
ycXJw9hjNsHNcdt+wJKQUMHPwhn3h3rqQ3SFv1iIy5si/eNVvs4RnnOvHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhIg4yunzSXs5FJeycMtOY9X3JJMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOcFtIyOm
FbhZKzepwyGIObxsEM93J0e5TKfEwEiwzDUsZP927A7UMXbfBy2ZtZqelIMAYc1d
vPhPaypujIwhFZoSI+hO+l7ckIhZIKp5WIp4fNGEJmAIMo0pQdoGTez2ULwu9aXX
VJxErVD6TbmWPXfya+xjDzV6fe90viHj8VzIyyPZY2jexqYWNcko2OwcGERbPhhg
sHsd1pyxf0cAfhtAuZbf70iXmMPuvoA9uoO2xh9f7riIWNMzcmo4ax+UJB9S4HoE
C3EP7ymhfOykqvPAULoUsk0MNxCffUtBCM2eKMislHk0MDxZGyKhqFDDnM/QWsFX
A3NPyruZFhp5Jg==
-----END CERTIFICATE-----