Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
File:                     3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json)
Hash identifier:          DdWlvUN3jOc37CotEGzroclg0xon6+fQMEeA2kR1FyE=
Subject key identifier:   CB:8C:F6:6E:A6:05:93:6F:CD:59:37:77:8D:C8:A4:9D:98:71:A5:F5
Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
Certificate issuer:       /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Certificate serial:       019D39AF2A8C4A13C071F4208A42886D8E00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
Manifest number:          0491
Signing time:             Sun 29 Mar 2026 13:01:14 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:14 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:14 +0000
Files and hashes:         1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: jwf5mxhP2ccwv7WnQdjW8P2ClYhwl+0wRdYTeImKRx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:2a:8c:4a:13:c0:71:f4:20:8a:42:88:6d:8e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
        Validity
            Not Before: Mar 29 13:01:14 2026 GMT
            Not After : Mar 30 13:01:14 2026 GMT
        Subject: CN=cb8cf66ea605936fcd5937778dc8a49d9871a5f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c0:3c:56:5d:31:6b:b3:90:83:3d:f5:4f:2e:
                    f2:26:ea:d2:38:9c:07:35:20:35:08:1b:6f:84:dd:
                    41:91:8e:80:26:83:bb:21:60:a9:0d:27:d6:70:55:
                    c8:aa:cb:76:50:a4:bd:84:a9:81:bf:7c:8e:05:a1:
                    78:d4:cd:75:5e:91:e9:8a:6c:e8:0c:33:ae:f2:6e:
                    7b:94:15:c2:39:05:f6:a0:44:9f:f5:e5:97:ab:c9:
                    b9:a4:0a:5a:ec:0d:60:99:86:a3:e1:8d:65:19:c6:
                    8d:b9:61:35:2d:ed:6e:11:6f:fc:d8:49:29:78:ee:
                    5a:a3:30:14:f6:e8:82:21:68:ea:d1:dc:67:5b:4c:
                    28:a7:b8:72:3d:1d:4f:f1:54:f4:db:10:8b:d3:ad:
                    29:85:f1:38:9c:c8:b9:49:59:f7:52:38:f8:22:93:
                    ef:17:cb:1c:37:2b:fe:2f:61:18:28:42:56:d9:c7:
                    76:fa:7c:f3:dc:eb:10:18:2b:c4:46:33:46:6d:d1:
                    09:4d:e0:9e:cd:1b:7d:b3:eb:82:43:fd:95:31:65:
                    2b:24:22:fd:72:3c:5b:38:98:c1:7e:ac:48:5c:99:
                    3e:94:3d:1a:6c:81:2c:e2:b1:11:d3:d6:4c:60:00:
                    b0:0e:23:78:fe:65:06:aa:7d:40:a9:e6:16:27:be:
                    25:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:8C:F6:6E:A6:05:93:6F:CD:59:37:77:8D:C8:A4:9D:98:71:A5:F5
            X509v3 Authority Key Identifier:
                keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:f9:84:1c:a2:44:ac:6b:7b:60:9f:5c:9d:a5:f1:48:87:50:
         97:b0:c8:5b:43:85:ba:89:4d:fa:bc:e0:48:76:a5:71:c1:f4:
         e5:92:5d:07:a2:90:14:46:af:e0:55:5c:88:38:cb:70:34:d4:
         bc:2f:08:4d:84:49:6a:10:3d:ec:97:55:dc:2a:05:6d:b5:a4:
         ea:4c:e7:54:8d:90:09:8e:4d:a1:2f:4c:87:7a:ad:66:99:7c:
         ca:7b:9f:12:7c:0b:c0:b4:cf:03:0e:56:85:fc:61:e4:b6:7a:
         fd:53:6c:1a:9d:99:0f:2b:07:3b:60:2f:62:f1:27:b8:1b:0f:
         75:0b:82:3f:10:11:5e:a4:19:cc:c5:c2:8b:91:32:50:e7:c0:
         0d:98:37:32:94:ba:9c:d3:43:34:38:ca:cb:ef:ee:7e:16:20:
         e4:8b:94:c8:85:98:d2:be:5e:73:6d:5b:18:47:53:4c:5a:80:
         76:e9:b0:49:81:06:11:a2:cf:19:c0:50:69:08:fe:22:24:06:
         77:73:a7:62:bf:d9:04:46:64:47:18:cb:23:cd:18:58:90:3d:
         11:e9:fd:21:0d:65:f9:e3:2f:81:57:21:c7:ab:2e:61:a4:22:
         5f:a0:45:d0:e4:c1:bf:6c:d4:37:f3:e4:f8:33:39:5c:d8:57:
         8a:b4:74:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ryqMShPAcfQgikKIbY4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm
M2M5ODQwHhcNMjYwMzI5MTMwMTE0WhcNMjYwMzMwMTMwMTE0WjAzMTEwLwYDVQQD
EyhjYjhjZjY2ZWE2MDU5MzZmY2Q1OTM3Nzc4ZGM4YTQ5ZDk4NzFhNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcA8Vl0xa7OQgz31Ty7yJurSOJwH
NSA1CBtvhN1BkY6AJoO7IWCpDSfWcFXIqst2UKS9hKmBv3yOBaF41M11XpHpimzo
DDOu8m57lBXCOQX2oESf9eWXq8m5pApa7A1gmYaj4Y1lGcaNuWE1Le1uEW/82Ekp
eO5aozAU9uiCIWjq0dxnW0wop7hyPR1P8VT02xCL060phfE4nMi5SVn3Ujj4IpPv
F8scNyv+L2EYKEJW2cd2+nzz3OsQGCvERjNGbdEJTeCezRt9s+uCQ/2VMWUrJCL9
cjxbOJjBfqxIXJk+lD0abIEs4rER09ZMYACwDiN4/mUGqn1AqeYWJ74lOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuM9m6mBZNvzVk3d43IpJ2YcaX1MB8GA1UdIwQY
MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt
MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0
LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/mEHKJE
rGt7YJ9cnaXxSIdQl7DIW0OFuolN+rzgSHalccH05ZJdB6KQFEav4FVciDjLcDTU
vC8ITYRJahA97JdV3CoFbbWk6kznVI2QCY5NoS9Mh3qtZpl8ynufEnwLwLTPAw5W
hfxh5LZ6/VNsGp2ZDysHO2AvYvEnuBsPdQuCPxARXqQZzMXCi5EyUOfADZg3MpS6
nNNDNDjKy+/ufhYg5IuUyIWY0r5ec21bGEdTTFqAdumwSYEGEaLPGcBQaQj+IiQG
d3OnYr/ZBEZkRxjLI80YWJA9Een9IQ1l+eMvgVchx6suYaQiX6BF0OTBv2zUN/Pk
+DM5XNhXirR06w==
-----END CERTIFICATE-----