Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          q/4lS8NslZmAGj2sOlG99RFjnmWBLzKsoSzqVgMkWR4=
Subject key identifier:   3C:D4:AD:47:2B:D3:FC:D3:1E:BB:AD:93:13:E0:17:3D:F6:47:A6:38
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019D3A8AEF967998D777277BD06E54C25B9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          1110
Signing time:             Sun 29 Mar 2026 17:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 17:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 17:01:16 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: lJyVXkafEe0tcAgFkV5BK7nX31WnSusnKA7qQsvYOdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:ef:96:79:98:d7:77:27:7b:d0:6e:54:c2:5b:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Mar 29 17:01:16 2026 GMT
            Not After : Mar 30 17:01:16 2026 GMT
        Subject: CN=3cd4ad472bd3fcd31ebbad9313e0173df647a638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:83:26:9d:9c:89:6c:1d:72:b1:31:00:b7:30:
                    b1:a2:6c:d9:96:13:d0:11:65:e9:26:95:57:4f:9a:
                    9b:84:fe:29:6d:2b:71:29:31:d2:1a:4e:61:d1:46:
                    32:b1:25:6e:3f:e2:41:fe:1e:65:16:47:7b:8e:9d:
                    05:3f:50:1f:fb:d4:3a:14:2e:1c:fe:d5:91:49:84:
                    84:a2:fb:23:a8:ea:9b:26:a8:74:78:69:90:6c:7e:
                    d0:80:d1:34:bc:89:4a:ba:45:5a:d5:b3:1f:93:a6:
                    60:db:48:8f:6d:35:06:08:8d:59:82:91:fe:8e:16:
                    86:60:e0:2e:16:5d:e0:1b:98:61:77:c6:43:3f:e9:
                    4c:27:f5:31:ec:00:4d:56:a5:c1:84:3d:99:7f:e5:
                    78:a9:5b:53:30:6e:8c:d5:94:a6:93:85:f3:b7:3d:
                    ca:45:48:d4:41:14:c7:7c:6c:bc:ee:80:4e:68:64:
                    26:9d:cd:07:38:95:0d:95:b2:3b:1a:39:f8:ac:47:
                    61:ee:4b:cd:2d:c0:82:e5:51:39:99:ea:eb:42:65:
                    29:c5:ac:70:9c:0b:31:90:55:64:46:65:29:83:22:
                    98:8a:de:aa:4f:59:57:f8:fc:9a:1d:d7:f0:00:df:
                    a7:d8:f7:90:6f:74:a8:fe:5b:f7:45:71:96:2d:c2:
                    67:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D4:AD:47:2B:D3:FC:D3:1E:BB:AD:93:13:E0:17:3D:F6:47:A6:38
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:4e:64:15:04:dd:57:df:fb:f0:92:67:ce:14:49:50:ab:5b:
         3a:90:92:07:7d:fb:92:89:ad:9a:20:fd:56:68:3c:ee:b1:0c:
         e7:21:f0:39:f0:5a:15:ae:e6:f6:63:12:78:25:02:04:ac:a5:
         e7:3e:f0:88:09:dd:0a:b8:7c:cb:a4:70:ca:4a:10:0a:59:7d:
         d8:88:2d:1a:aa:33:24:0a:15:bf:4c:01:ae:b0:c4:4c:d1:05:
         6d:dd:6b:4e:ef:6b:a8:d2:0c:2e:ff:c4:d4:62:92:79:68:f8:
         44:5d:e7:85:d7:7b:07:02:2c:b5:18:4b:32:d8:cb:93:61:15:
         75:85:ef:34:8b:52:3e:ed:1b:0c:b9:7f:d5:db:b2:69:bb:2e:
         37:d5:32:7e:d2:c6:eb:d5:57:50:2b:21:3c:ae:93:bf:f8:ec:
         63:91:c8:5d:c8:d0:4a:6c:97:2d:17:62:a6:1b:f4:1b:ac:44:
         bd:49:f0:22:45:df:94:e6:7c:9f:c3:a5:60:c3:a7:73:3f:ef:
         56:4b:78:94:9c:4f:0e:31:cc:62:ce:95:f8:34:d8:7c:eb:74:
         f5:ba:8c:0e:79:83:cf:2e:0c:93:99:e3:82:13:90:58:44:49:
         f2:5c:b4:20:27:7b:71:77:15:6c:b0:f4:a7:6a:5c:69:0e:70:
         ee:8b:2d:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06iu+WeZjXdyd70G5UwluaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjYwMzI5MTcwMTE2WhcNMjYwMzMwMTcwMTE2WjAzMTEwLwYDVQQD
EygzY2Q0YWQ0NzJiZDNmY2QzMWViYmFkOTMxM2UwMTczZGY2NDdhNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYMmnZyJbB1ysTEAtzCxomzZlhPQ
EWXpJpVXT5qbhP4pbStxKTHSGk5h0UYysSVuP+JB/h5lFkd7jp0FP1Af+9Q6FC4c
/tWRSYSEovsjqOqbJqh0eGmQbH7QgNE0vIlKukVa1bMfk6Zg20iPbTUGCI1ZgpH+
jhaGYOAuFl3gG5hhd8ZDP+lMJ/Ux7ABNVqXBhD2Zf+V4qVtTMG6M1ZSmk4Xztz3K
RUjUQRTHfGy87oBOaGQmnc0HOJUNlbI7Gjn4rEdh7kvNLcCC5VE5merrQmUpxaxw
nAsxkFVkRmUpgyKYit6qT1lX+PyaHdfwAN+n2PeQb3So/lv3RXGWLcJn8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzUrUcr0/zTHrutkxPgFz32R6Y4MB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZk5kFQTd
V9/78JJnzhRJUKtbOpCSB337komtmiD9Vmg87rEM5yHwOfBaFa7m9mMSeCUCBKyl
5z7wiAndCrh8y6RwykoQCll92IgtGqozJAoVv0wBrrDETNEFbd1rTu9rqNIMLv/E
1GKSeWj4RF3nhdd7BwIstRhLMtjLk2EVdYXvNItSPu0bDLl/1duyabsuN9UyftLG
69VXUCshPK6Tv/jsY5HIXcjQSmyXLRdiphv0G6xEvUnwIkXflOZ8n8OlYMOncz/v
Vkt4lJxPDjHMYs6V+DTYfOt09bqMDnmDzy4Mk5njghOQWERJ8ly0ICd7cXcVbLD0
p2pcaQ5w7ostJg==
-----END CERTIFICATE-----