Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
File:                     PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft (raw, json)
Hash identifier:          UYOOhA5DHYH2llI6SD5QY/3INwrVF/6yRYDXZRKtTBg=
Subject key identifier:   08:FE:30:CC:DD:42:1C:38:F3:C7:7F:C2:ED:15:80:88:45:48:ED:95
Authority key identifier: 3F:21:77:A3:E8:6C:83:9C:FD:19:3D:BB:46:ED:A8:08:7D:82:14:1A
Certificate issuer:       /CN=3f2177a3e86c839cfd193dbb46eda8087d82141a
Certificate serial:       019D38655FC9BB8F57E79352233A88E5F39C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PyF3o-hsg5z9GT27Ru2oCH2CFBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
Manifest number:          157D
Signing time:             Sun 29 Mar 2026 07:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:00 +0000
Files and hashes:         1: PyF3o-hsg5z9GT27Ru2oCH2CFBo.crl (hash: WHSXoKpsnno7uA9+YK49jBPuOmLbt+rabhBDGTANM98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PyF3o-hsg5z9GT27Ru2oCH2CFBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:5f:c9:bb:8f:57:e7:93:52:23:3a:88:e5:f3:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f2177a3e86c839cfd193dbb46eda8087d82141a
        Validity
            Not Before: Mar 29 07:01:00 2026 GMT
            Not After : Mar 30 07:01:00 2026 GMT
        Subject: CN=08fe30ccdd421c38f3c77fc2ed1580884548ed95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1d:af:ac:64:6e:4c:57:ee:f6:1a:8a:7c:a4:
                    bd:3d:04:e8:71:3a:1a:97:a0:f6:04:65:d4:d6:5d:
                    c7:46:d6:60:a1:58:e3:ee:3d:74:ba:64:07:17:1c:
                    ba:ed:b2:18:3b:5e:d7:2e:19:51:96:b5:78:3c:2d:
                    b1:24:b1:54:1c:9d:97:89:b4:8d:1b:e2:22:90:cb:
                    33:d3:ce:f6:8a:00:94:8f:2c:7e:04:0b:cf:dd:72:
                    11:a4:c2:02:c2:00:18:41:e6:a0:b8:b7:58:77:ce:
                    7b:f8:74:50:95:3f:dd:15:b2:4f:0e:ec:8d:96:a0:
                    9c:ac:ed:3b:31:83:23:64:f1:cf:4a:60:87:52:19:
                    17:0f:1b:d1:ec:a0:d8:b7:7a:ec:00:04:d4:00:31:
                    cc:2b:8b:53:74:08:0c:9f:b6:36:af:de:6e:49:39:
                    a5:5c:8e:46:db:ef:7b:e9:80:29:bd:c5:18:ea:ac:
                    48:b3:8f:dd:19:15:cc:0d:5b:d8:9a:d7:49:b2:d1:
                    9b:8e:14:9f:1b:17:e1:7d:b6:5b:d0:c0:a3:fa:6d:
                    36:9d:ec:5f:0a:9e:fb:76:a5:d1:e5:b5:b8:4c:7f:
                    ee:81:6e:0b:02:8f:fa:5e:4b:59:85:4e:25:b7:66:
                    8d:b5:02:69:cb:98:27:be:78:10:e6:4f:31:6d:a0:
                    1c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:FE:30:CC:DD:42:1C:38:F3:C7:7F:C2:ED:15:80:88:45:48:ED:95
            X509v3 Authority Key Identifier:
                keyid:3F:21:77:A3:E8:6C:83:9C:FD:19:3D:BB:46:ED:A8:08:7D:82:14:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyF3o-hsg5z9GT27Ru2oCH2CFBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:51:97:f1:b4:b1:c7:c6:ce:ae:9c:7f:46:7e:6c:a6:0f:dd:
         60:b3:19:1c:fc:05:51:46:c4:5c:9c:31:a0:32:8c:c4:9a:63:
         ce:76:94:2d:a4:fe:49:da:07:06:67:20:1d:23:39:ce:c6:70:
         df:fd:81:11:e4:64:e1:89:f1:c6:31:d1:d8:36:22:61:6b:ae:
         4f:8b:e5:f5:d5:40:e8:7a:36:57:94:97:ad:24:3e:5d:a6:65:
         3d:7d:e3:4f:d6:b4:b8:a5:51:8c:de:e5:94:e5:d3:0e:48:c9:
         44:60:91:e5:9e:d0:55:30:5c:7c:d2:52:dc:c1:5e:cc:3b:21:
         8d:12:30:e1:93:f4:20:df:8b:d6:9e:58:40:17:d4:96:91:b7:
         10:50:81:d1:ea:95:57:65:7d:03:d0:d5:42:20:06:48:4f:46:
         a3:43:15:64:91:a0:de:0c:ba:05:a3:23:51:9b:0f:c3:0d:14:
         fb:42:72:7a:f7:5f:1f:18:9a:33:d8:ae:7b:e8:4b:b1:a2:02:
         e6:b3:be:08:b1:2a:55:d6:f2:2e:21:35:e5:11:d3:45:3e:0b:
         16:e0:65:59:97:02:43:90:cb:68:8a:07:8a:10:84:19:1f:7b:
         37:fe:83:18:1a:d9:ad:6c:af:b2:23:8b:d3:34:aa:72:5c:4b:
         20:e0:e8:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZV/Ju49X55NSIzqI5fOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjE3N2EzZTg2YzgzOWNmZDE5M2RiYjQ2ZWRhODA4N2Q4
MjE0MWEwHhcNMjYwMzI5MDcwMTAwWhcNMjYwMzMwMDcwMTAwWjAzMTEwLwYDVQQD
EygwOGZlMzBjY2RkNDIxYzM4ZjNjNzdmYzJlZDE1ODA4ODQ1NDhlZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx2vrGRuTFfu9hqKfKS9PQTocToa
l6D2BGXU1l3HRtZgoVjj7j10umQHFxy67bIYO17XLhlRlrV4PC2xJLFUHJ2XibSN
G+IikMsz0872igCUjyx+BAvP3XIRpMICwgAYQeaguLdYd857+HRQlT/dFbJPDuyN
lqCcrO07MYMjZPHPSmCHUhkXDxvR7KDYt3rsAATUADHMK4tTdAgMn7Y2r95uSTml
XI5G2+976YApvcUY6qxIs4/dGRXMDVvYmtdJstGbjhSfGxfhfbZb0MCj+m02nexf
Cp77dqXR5bW4TH/ugW4LAo/6XktZhU4lt2aNtQJpy5gnvngQ5k8xbaAcNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAj+MMzdQhw488d/wu0VgIhFSO2VMB8GA1UdIwQY
MBaAFD8hd6PobIOc/Rk9u0btqAh9ghQaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlGM28taHNnNXo5R1QyN1J1Mm9DSDJDRkJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yY2Y5MjYtODEwZS00MTFlLWJkNWIt
MTYxZTUxM2ViZGMyLzEvUHlGM28taHNnNXo5R1QyN1J1Mm9DSDJDRkJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yY2Y5MjYtODEwZS00MTFlLWJkNWItMTYxZTUxM2ViZGMy
LzEvUHlGM28taHNnNXo5R1QyN1J1Mm9DSDJDRkJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVGX8bSx
x8bOrpx/Rn5spg/dYLMZHPwFUUbEXJwxoDKMxJpjznaULaT+SdoHBmcgHSM5zsZw
3/2BEeRk4YnxxjHR2DYiYWuuT4vl9dVA6Ho2V5SXrSQ+XaZlPX3jT9a0uKVRjN7l
lOXTDkjJRGCR5Z7QVTBcfNJS3MFezDshjRIw4ZP0IN+L1p5YQBfUlpG3EFCB0eqV
V2V9A9DVQiAGSE9Go0MVZJGg3gy6BaMjUZsPww0U+0JyevdfHxiaM9iue+hLsaIC
5rO+CLEqVdbyLiE15RHTRT4LFuBlWZcCQ5DLaIoHihCEGR97N/6DGBrZrWyvsiOL
0zSqclxLIODolQ==
-----END CERTIFICATE-----