Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          npvZ7Y/pb4imactrLxXGFiQnxa7DzMizkoJvhmo/p5c=
Subject key identifier:   37:6D:D7:2E:C6:1A:1E:A7:39:CD:94:6B:70:40:F7:70:86:CB:6C:1D
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019D371B6812CCCA0DA7DDDF736C80459FED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0C60
Signing time:             Sun 29 Mar 2026 01:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:36 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: vsHFV/09yyzKnES3XxEakwwLQP2mA/7JSOQ2DhRCA3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:68:12:cc:ca:0d:a7:dd:df:73:6c:80:45:9f:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Mar 29 01:00:36 2026 GMT
            Not After : Mar 30 01:00:36 2026 GMT
        Subject: CN=376dd72ec61a1ea739cd946b7040f77086cb6c1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b2:bd:7e:9a:bf:f1:b9:8f:4d:66:d3:2c:bd:
                    4e:42:5f:60:68:7e:11:05:60:a7:9b:ff:3d:fb:cb:
                    3b:49:d3:51:0c:a6:db:40:8c:b5:10:e5:f2:17:b7:
                    24:2d:4a:ea:34:ce:4d:05:a3:3f:9f:2a:87:bd:3f:
                    d4:63:72:6c:86:9e:f7:9b:d9:af:4d:d7:68:c8:e5:
                    9c:59:42:29:4a:a1:81:dd:f3:59:2d:06:21:ec:43:
                    00:32:1e:dd:b9:a2:c2:9b:c3:eb:e2:9a:c6:78:92:
                    91:89:e9:df:65:da:98:03:44:0b:64:24:43:2e:8f:
                    4c:23:f2:a1:f6:55:f7:5c:31:8c:52:ff:32:82:df:
                    1b:6d:3c:8a:79:9e:c7:c2:0e:8e:22:d3:d9:b9:a6:
                    e6:57:ee:c1:dc:01:1f:23:2a:9d:f5:d1:c2:ce:dd:
                    25:95:6e:7d:67:9a:74:18:47:57:50:a5:bb:ac:5e:
                    73:5c:ed:cc:a6:a8:3a:7a:dd:f3:16:da:60:05:9f:
                    a7:b5:22:5d:3d:d3:f0:54:ed:40:5a:c7:d9:56:81:
                    73:13:3e:c4:7a:53:63:0c:d5:74:40:a5:30:86:d7:
                    c7:60:06:5e:ae:42:89:20:64:bd:61:87:06:6b:3e:
                    cd:11:c8:bc:2c:5c:9a:37:18:23:45:95:50:be:f2:
                    a9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:6D:D7:2E:C6:1A:1E:A7:39:CD:94:6B:70:40:F7:70:86:CB:6C:1D
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:55:e0:28:aa:5f:f4:9b:7e:4d:17:07:dd:3b:54:80:12:8d:
         6f:35:aa:65:ce:87:fc:1b:d6:3f:07:2d:ff:20:65:4d:b9:55:
         cf:17:c7:b6:25:6e:d2:a7:ea:6c:22:e5:c9:b5:01:3c:20:5a:
         25:24:4f:55:a4:6e:6f:d3:b3:a1:fe:72:75:6f:fe:fb:10:d5:
         43:1c:dd:00:7b:d7:02:80:e1:41:70:8a:16:52:31:58:db:db:
         ea:fb:40:bb:d4:07:0b:76:80:93:b5:db:36:71:c6:69:88:2e:
         c1:dd:fc:ff:0d:7f:bc:45:d9:1b:af:b7:d1:a6:7a:83:5f:83:
         da:32:1d:d0:8e:39:da:be:0d:31:a5:4b:17:05:d7:01:15:62:
         b2:20:c8:c8:fb:15:4b:5d:90:71:02:2b:9d:4e:3e:07:a7:b9:
         48:35:3f:db:9a:10:a3:87:a6:25:fb:96:8e:09:1e:a7:47:23:
         11:96:01:be:2b:60:dd:a7:7b:68:79:68:5a:af:51:24:b5:ab:
         4e:74:b1:64:82:9c:b3:1d:5f:f1:0b:64:d7:d7:fe:bb:f9:5a:
         73:7e:51:d3:bd:e5:8d:3f:10:47:3c:5d:91:75:21:ec:79:e0:
         15:01:46:c9:11:9c:1e:f8:ba:29:00:83:02:02:ee:84:b1:bc:
         0b:6f:ae:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G2gSzMoNp93fc2yARZ/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjYwMzI5MDEwMDM2WhcNMjYwMzMwMDEwMDM2WjAzMTEwLwYDVQQD
EygzNzZkZDcyZWM2MWExZWE3MzljZDk0NmI3MDQwZjc3MDg2Y2I2YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrK9fpq/8bmPTWbTLL1OQl9gaH4R
BWCnm/89+8s7SdNRDKbbQIy1EOXyF7ckLUrqNM5NBaM/nyqHvT/UY3Jshp73m9mv
TddoyOWcWUIpSqGB3fNZLQYh7EMAMh7duaLCm8Pr4prGeJKRienfZdqYA0QLZCRD
Lo9MI/Kh9lX3XDGMUv8ygt8bbTyKeZ7Hwg6OItPZuabmV+7B3AEfIyqd9dHCzt0l
lW59Z5p0GEdXUKW7rF5zXO3Mpqg6et3zFtpgBZ+ntSJdPdPwVO1AWsfZVoFzEz7E
elNjDNV0QKUwhtfHYAZerkKJIGS9YYcGaz7NEci8LFyaNxgjRZVQvvKpBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdt1y7GGh6nOc2Ua3BA93CGy2wdMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATlXgKKpf
9Jt+TRcH3TtUgBKNbzWqZc6H/BvWPwct/yBlTblVzxfHtiVu0qfqbCLlybUBPCBa
JSRPVaRub9Ozof5ydW/++xDVQxzdAHvXAoDhQXCKFlIxWNvb6vtAu9QHC3aAk7Xb
NnHGaYguwd38/w1/vEXZG6+30aZ6g1+D2jId0I452r4NMaVLFwXXARVisiDIyPsV
S12QcQIrnU4+B6e5SDU/25oQo4emJfuWjgkep0cjEZYBvitg3ad7aHloWq9RJLWr
TnSxZIKcsx1f8Qtk19f+u/lac35R073ljT8QRzxdkXUh7HngFQFGyRGcHvi6KQCD
AgLuhLG8C2+uHg==
-----END CERTIFICATE-----