Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft
File:                     3mshhKwi402MRNprhFSbunH9VT0.mft (raw, json)
Hash identifier:          9FaqRQxGvkwuPKcXuQzRMiqDO4MqdPKWP03md5Emqpw=
Subject key identifier:   6F:C4:A8:99:24:77:F9:01:BA:F6:C7:2B:59:7C:8D:D3:15:50:48:A8
Authority key identifier: DE:6B:21:84:AC:22:E3:4D:8C:44:DA:6B:84:54:9B:BA:71:FD:55:3D
Certificate issuer:       /CN=de6b2184ac22e34d8c44da6b84549bba71fd553d
Certificate serial:       019D39E57D1A4073501CFAF39C4772D98702
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft
Manifest number:          01BA
Signing time:             Sun 29 Mar 2026 14:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:34 +0000
Files and hashes:         1: 3mshhKwi402MRNprhFSbunH9VT0.crl (hash: qoP2TXFuikVtisIOQDL3J5ipZInDa9aZhjiPom2olAs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:7d:1a:40:73:50:1c:fa:f3:9c:47:72:d9:87:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de6b2184ac22e34d8c44da6b84549bba71fd553d
        Validity
            Not Before: Mar 29 14:00:34 2026 GMT
            Not After : Mar 30 14:00:34 2026 GMT
        Subject: CN=6fc4a8992477f901baf6c72b597c8dd3155048a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:db:b6:cc:fe:74:34:1b:8f:79:98:47:b8:da:
                    5a:38:b9:c7:e0:54:a2:f0:33:26:a8:3c:0f:e4:d2:
                    d1:9b:97:03:87:d3:df:27:cb:ad:13:26:99:5a:bb:
                    f1:fe:48:af:45:16:92:b1:3b:46:12:fb:f0:c9:52:
                    14:20:be:5a:c2:b6:fb:95:2e:95:10:97:fb:7a:6c:
                    79:d9:28:ab:e9:75:06:f3:e0:8d:a8:c7:e7:ce:02:
                    89:b5:b2:55:18:0c:93:4d:18:d7:8a:15:ec:63:8e:
                    53:f5:3c:c8:75:7d:3d:22:f6:b9:89:e1:88:a0:35:
                    a8:80:17:5b:57:c2:b1:57:87:b9:a8:1e:35:82:0c:
                    56:db:93:54:00:e2:6f:df:02:1a:ad:f7:33:67:ba:
                    d5:8e:70:83:cb:99:56:dd:7a:3f:03:02:ea:8b:e4:
                    72:94:54:cf:74:92:c7:73:63:56:7b:25:ee:59:66:
                    0c:3a:33:af:f8:f4:d7:23:20:b8:e2:46:43:4c:df:
                    cb:27:f1:d5:df:0e:a9:18:2d:26:3f:f4:dd:6a:a1:
                    7b:fd:57:c8:1b:09:d0:a7:19:ee:71:f9:7b:c5:cb:
                    d5:ed:54:37:b0:2f:00:e4:e9:d9:57:da:ab:31:59:
                    e3:2e:ad:f4:b5:8e:76:3f:c5:67:36:3f:a0:4d:10:
                    27:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C4:A8:99:24:77:F9:01:BA:F6:C7:2B:59:7C:8D:D3:15:50:48:A8
            X509v3 Authority Key Identifier:
                keyid:DE:6B:21:84:AC:22:E3:4D:8C:44:DA:6B:84:54:9B:BA:71:FD:55:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:8d:b7:c3:5d:ba:4f:f9:4f:62:ac:ad:62:47:25:67:43:4c:
         8e:42:42:c5:81:71:a7:ec:45:27:99:eb:15:52:b4:42:3b:35:
         df:ea:1e:c2:ec:62:f0:61:a8:d7:89:7f:52:ac:4d:5e:d6:e5:
         9b:3e:9b:38:8f:90:9d:ce:69:41:07:23:4b:75:6e:82:4e:52:
         22:e0:37:8c:ef:b4:64:86:3b:ab:92:3d:f7:8e:d2:63:fa:f2:
         36:4e:10:ec:4d:a2:cd:60:08:08:b0:47:03:f0:49:be:96:80:
         b6:6f:37:3f:f1:f4:c2:f7:be:45:a5:b7:b1:63:45:f4:07:a0:
         08:2d:c3:3f:b4:14:21:99:32:05:1c:db:3c:8f:41:dc:6d:85:
         7a:db:6d:ec:b5:2f:3a:b8:77:62:f8:9a:8e:30:d0:f7:3e:01:
         76:e2:e4:42:18:c0:2c:8a:f4:f1:7d:86:56:83:e1:4b:16:67:
         b4:da:7d:d6:36:8f:3f:74:3f:e7:4f:1f:e8:ec:52:c5:41:b5:
         a7:90:59:50:1a:a2:24:da:8d:38:36:5e:df:42:63:0c:46:85:
         e7:04:b9:cf:ca:51:2d:59:20:57:74:50:be:76:dc:9b:7c:4a:
         62:43:0b:10:01:bb:3a:fb:ae:17:68:c8:0f:e1:f1:c1:94:be:
         7b:3f:b1:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055X0aQHNQHPrznEdy2YcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNmIyMTg0YWMyMmUzNGQ4YzQ0ZGE2Yjg0NTQ5YmJhNzFm
ZDU1M2QwHhcNMjYwMzI5MTQwMDM0WhcNMjYwMzMwMTQwMDM0WjAzMTEwLwYDVQQD
Eyg2ZmM0YTg5OTI0NzdmOTAxYmFmNmM3MmI1OTdjOGRkMzE1NTA0OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttu2zP50NBuPeZhHuNpaOLnH4FSi
8DMmqDwP5NLRm5cDh9PfJ8utEyaZWrvx/kivRRaSsTtGEvvwyVIUIL5awrb7lS6V
EJf7emx52Sir6XUG8+CNqMfnzgKJtbJVGAyTTRjXihXsY45T9TzIdX09Iva5ieGI
oDWogBdbV8KxV4e5qB41ggxW25NUAOJv3wIarfczZ7rVjnCDy5lW3Xo/AwLqi+Ry
lFTPdJLHc2NWeyXuWWYMOjOv+PTXIyC44kZDTN/LJ/HV3w6pGC0mP/TdaqF7/VfI
GwnQpxnucfl7xcvV7VQ3sC8A5OnZV9qrMVnjLq30tY52P8VnNj+gTRAnnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/EqJkkd/kBuvbHK1l8jdMVUEioMB8GA1UdIwQY
MBaAFN5rIYSsIuNNjETaa4RUm7px/VU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wYTg2ZmMtZGUwOC00MjM0LWE1YzQt
MTE2NTBjZGI5YzkxLzEvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8wYTg2ZmMtZGUwOC00MjM0LWE1YzQtMTE2NTBjZGI5Yzkx
LzEvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU423w126
T/lPYqytYkclZ0NMjkJCxYFxp+xFJ5nrFVK0Qjs13+oewuxi8GGo14l/UqxNXtbl
mz6bOI+Qnc5pQQcjS3Vugk5SIuA3jO+0ZIY7q5I9947SY/ryNk4Q7E2izWAICLBH
A/BJvpaAtm83P/H0wve+RaW3sWNF9AegCC3DP7QUIZkyBRzbPI9B3G2Fettt7LUv
Orh3YviajjDQ9z4BduLkQhjALIr08X2GVoPhSxZntNp91jaPP3Q/508f6OxSxUG1
p5BZUBqiJNqNODZe30JjDEaF5wS5z8pRLVkgV3RQvnbcm3xKYkMLEAG7OvuuF2jI
D+HxwZS+ez+xVA==
-----END CERTIFICATE-----