Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          RADA9SkUuT5BXsDrLHrOiAf+X+/BAp75wb8ICyF2zZc=
Subject key identifier:   FA:3F:80:78:A1:B8:92:A0:DE:BC:54:B9:22:7F:B5:16:78:39:6E:84
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019D38665680C2181737EB4B6B57D7670D1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0B5B
Signing time:             Sun 29 Mar 2026 07:02:04 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:04 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:04 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: nh9cNSCgHcrDsemdzJBOiOCftfVKXd5Ncy7w4/pmDfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:56:80:c2:18:17:37:eb:4b:6b:57:d7:67:0d:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Mar 29 07:02:04 2026 GMT
            Not After : Mar 30 07:02:04 2026 GMT
        Subject: CN=fa3f8078a1b892a0debc54b9227fb51678396e84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:68:27:0e:ec:f8:b9:ad:3d:f6:9d:6b:1f:3f:
                    e9:bd:f9:1c:ff:4a:9c:60:48:22:98:b7:67:9e:d6:
                    ed:59:d7:94:17:b5:5e:30:bd:8f:e2:38:7a:8b:a6:
                    91:87:dd:8a:a7:b3:62:ff:d2:04:f3:8a:d8:0f:f9:
                    70:19:31:23:01:dd:0d:a0:15:9a:2e:19:b1:d8:0e:
                    78:89:14:2b:57:ac:78:1a:69:6b:86:6c:30:00:f8:
                    2b:02:3a:67:1b:2a:e6:fd:53:c1:99:8f:00:44:b6:
                    2e:d3:5a:d5:42:39:4f:42:c1:8e:fe:b7:f8:8e:4b:
                    54:77:f2:ee:e7:70:4d:79:e1:a1:e2:7b:e1:bc:79:
                    81:e1:42:36:c4:1f:6c:2f:67:c5:1c:ef:a9:d6:a2:
                    c0:f5:b6:85:31:e0:b8:81:06:91:b3:40:a6:d8:3b:
                    d1:42:1c:e2:91:da:18:3c:e5:ce:2e:87:72:03:bf:
                    d3:9c:c1:4c:81:c3:d5:4f:0f:1f:cd:00:12:77:e0:
                    e7:78:4a:36:e4:58:63:5e:02:04:da:1c:91:bf:9c:
                    11:31:a8:ee:d0:37:1e:d5:d6:f3:bf:39:08:38:13:
                    d3:5a:d9:79:34:99:67:a5:f3:0e:af:a2:a9:75:25:
                    5e:ca:c3:c3:ff:87:2d:66:62:cd:c0:29:3e:37:c0:
                    69:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:3F:80:78:A1:B8:92:A0:DE:BC:54:B9:22:7F:B5:16:78:39:6E:84
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:a5:4f:65:79:de:51:18:64:f7:21:c3:8e:6b:88:40:8d:96:
         c0:83:0c:71:ad:10:27:cc:7b:a6:e5:47:49:80:0b:ff:bf:ef:
         b2:de:bf:8c:ba:ca:c1:3c:58:24:52:cb:94:d8:67:76:e3:4c:
         79:cd:6b:c7:56:6e:a1:a6:fe:ee:f1:7f:9d:f9:d4:73:0a:32:
         f4:1c:21:27:4d:40:49:01:e9:94:54:8f:fb:59:f0:1e:67:f6:
         5b:dc:87:2d:2b:60:a2:b3:5e:69:fd:88:d0:b9:90:5e:f0:36:
         eb:ee:0f:b3:9c:5a:09:1a:28:91:a0:10:c6:dc:7c:ee:e6:c0:
         fb:78:fa:59:56:1c:97:86:e2:e8:ba:c7:3f:18:3e:93:5f:7b:
         c0:93:60:50:f5:bd:07:58:ce:4a:29:ed:87:86:6c:19:7d:31:
         45:25:60:51:31:fd:ad:aa:c8:8f:23:32:f7:ee:0a:4b:fb:ac:
         f3:8e:ae:bb:3e:cd:4f:42:74:c1:0b:48:2c:63:30:3e:a1:3e:
         39:0a:ca:50:4e:09:e3:1c:37:76:a7:a8:9a:47:1b:5a:15:a4:
         ac:63:00:bf:f4:67:51:13:e4:3a:3a:87:82:51:6a:2f:4b:36:
         b9:3f:1b:c9:d0:9a:ba:ec:c2:fd:c5:da:aa:75:9b:92:b4:61:
         7c:78:32:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlaAwhgXN+tLa1fXZw0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjYwMzI5MDcwMjA0WhcNMjYwMzMwMDcwMjA0WjAzMTEwLwYDVQQD
EyhmYTNmODA3OGExYjg5MmEwZGViYzU0YjkyMjdmYjUxNjc4Mzk2ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2gnDuz4ua099p1rHz/pvfkc/0qc
YEgimLdnntbtWdeUF7VeML2P4jh6i6aRh92Kp7Ni/9IE84rYD/lwGTEjAd0NoBWa
Lhmx2A54iRQrV6x4GmlrhmwwAPgrAjpnGyrm/VPBmY8ARLYu01rVQjlPQsGO/rf4
jktUd/Lu53BNeeGh4nvhvHmB4UI2xB9sL2fFHO+p1qLA9baFMeC4gQaRs0Cm2DvR
QhzikdoYPOXOLodyA7/TnMFMgcPVTw8fzQASd+DneEo25FhjXgIE2hyRv5wRMaju
0Dce1dbzvzkIOBPTWtl5NJlnpfMOr6KpdSVeysPD/4ctZmLNwCk+N8BpKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPo/gHihuJKg3rxUuSJ/tRZ4OW6EMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUqVPZXne
URhk9yHDjmuIQI2WwIMMca0QJ8x7puVHSYAL/7/vst6/jLrKwTxYJFLLlNhnduNM
ec1rx1Zuoab+7vF/nfnUcwoy9BwhJ01ASQHplFSP+1nwHmf2W9yHLStgorNeaf2I
0LmQXvA26+4Ps5xaCRookaAQxtx87ubA+3j6WVYcl4bi6LrHPxg+k197wJNgUPW9
B1jOSinth4ZsGX0xRSVgUTH9rarIjyMy9+4KS/us846uuz7NT0J0wQtILGMwPqE+
OQrKUE4J4xw3dqeomkcbWhWkrGMAv/RnURPkOjqHglFqL0s2uT8bydCauuzC/cXa
qnWbkrRhfHgypQ==
-----END CERTIFICATE-----