Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          km3LIIPgMvL0zi8JtSBrNoI9YAO+kWNm3FixPXdnJ2g=
Subject key identifier:   90:07:97:12:F0:22:BE:19:CD:44:16:E0:F7:27:7C:10:6B:55:4E:49
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019D38667EDD4F0DC6183E167462469FD403
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          09B5
Signing time:             Sun 29 Mar 2026 07:02:14 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:14 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:14 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: GhOTFQFDEwjfvFkxw0j3xCQZ8k3R62E4RmFGl7S1vNc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:7e:dd:4f:0d:c6:18:3e:16:74:62:46:9f:d4:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Mar 29 07:02:14 2026 GMT
            Not After : Mar 30 07:02:14 2026 GMT
        Subject: CN=90079712f022be19cd4416e0f7277c106b554e49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:69:a4:bb:ce:ea:b9:82:ae:74:ef:67:ad:c9:
                    1a:d1:53:31:3d:1a:b9:ff:ec:57:03:a4:fa:42:c9:
                    7e:68:32:31:6c:5f:1e:7d:d7:a3:de:10:fa:87:d0:
                    44:e2:04:02:e6:c2:cb:aa:26:64:fd:f6:37:df:7f:
                    65:e7:96:88:5b:45:e4:0a:95:57:9b:39:2c:71:e6:
                    cd:92:ae:8b:38:bc:a4:cb:68:05:c1:58:44:53:b5:
                    7d:5d:f1:1f:34:d7:0e:d0:97:30:f8:4a:e7:8e:e3:
                    6e:99:5d:7c:f0:6b:9c:8c:8d:d1:3d:40:3e:55:2d:
                    16:dd:f4:33:fa:74:fe:32:8e:0a:6b:01:06:42:c5:
                    27:95:60:20:cb:d4:81:bb:6b:00:d8:d5:1a:56:e4:
                    8e:f1:ea:02:3b:01:48:c7:fb:93:c0:a2:1e:75:8e:
                    ea:7a:ee:e6:d9:28:df:94:0b:be:ec:92:3e:ff:21:
                    a4:89:26:ab:68:bc:7c:58:0c:26:2b:90:23:97:dd:
                    9c:5a:1b:cf:30:e9:f0:06:72:a5:66:5f:29:24:ce:
                    e3:ca:5a:d2:02:bd:70:41:c8:c3:ac:c8:07:a5:df:
                    21:f7:fe:90:96:05:36:6b:46:94:0c:d9:de:15:0b:
                    dc:9e:6f:e3:ac:43:21:cc:36:87:b7:dd:70:6f:26:
                    23:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:07:97:12:F0:22:BE:19:CD:44:16:E0:F7:27:7C:10:6B:55:4E:49
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:33:10:35:ad:6a:cf:b4:58:8b:51:08:12:02:6c:12:78:3b:
         97:27:c3:77:b8:44:9b:e7:2a:d2:d7:f9:81:95:c3:9e:cd:39:
         ba:e3:b3:bc:9c:71:a8:ed:33:cb:55:10:63:2c:16:b3:92:12:
         06:2e:30:16:d0:73:16:a6:84:7a:49:47:3e:45:89:6c:08:0d:
         d9:cc:c3:08:5e:84:16:69:47:40:d1:df:33:f0:9e:7b:be:fe:
         cf:c5:b5:20:10:a2:c2:10:71:00:f1:e3:83:a2:d6:fb:87:32:
         33:44:cb:c1:52:76:50:50:d2:9a:e4:d5:bb:af:b0:0c:a2:69:
         cc:e4:e1:f5:54:91:b9:7d:04:36:7a:46:3d:f0:7d:3c:f4:1d:
         6d:6e:77:3a:8f:0a:5d:0e:e5:3e:d2:e6:06:88:f8:ef:db:ff:
         e8:b0:91:c1:fb:7a:c7:fc:e0:ad:9a:2f:30:f3:ad:8d:92:66:
         07:a5:ab:3d:f1:a9:03:ff:8e:35:19:af:a0:df:23:ab:e1:19:
         50:42:38:2c:a7:0c:5b:42:28:d4:e6:38:06:94:9f:1e:18:ee:
         98:b5:db:4f:5b:a3:b6:14:5a:3c:e0:10:3f:8c:03:6e:8e:62:
         a1:24:33:73:69:89:95:f7:9a:6d:7e:c9:3f:31:67:ee:de:bc:
         93:a4:b5:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zn7dTw3GGD4WdGJGn9QDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwMzI5MDcwMjE0WhcNMjYwMzMwMDcwMjE0WjAzMTEwLwYDVQQD
Eyg5MDA3OTcxMmYwMjJiZTE5Y2Q0NDE2ZTBmNzI3N2MxMDZiNTU0ZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2mku87quYKudO9nrcka0VMxPRq5
/+xXA6T6Qsl+aDIxbF8efdej3hD6h9BE4gQC5sLLqiZk/fY3339l55aIW0XkCpVX
mzkscebNkq6LOLyky2gFwVhEU7V9XfEfNNcO0Jcw+ErnjuNumV188GucjI3RPUA+
VS0W3fQz+nT+Mo4KawEGQsUnlWAgy9SBu2sA2NUaVuSO8eoCOwFIx/uTwKIedY7q
eu7m2SjflAu+7JI+/yGkiSaraLx8WAwmK5Ajl92cWhvPMOnwBnKlZl8pJM7jylrS
Ar1wQcjDrMgHpd8h9/6QlgU2a0aUDNneFQvcnm/jrEMhzDaHt91wbyYj1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAHlxLwIr4ZzUQW4PcnfBBrVU5JMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADTMQNa1q
z7RYi1EIEgJsEng7lyfDd7hEm+cq0tf5gZXDns05uuOzvJxxqO0zy1UQYywWs5IS
Bi4wFtBzFqaEeklHPkWJbAgN2czDCF6EFmlHQNHfM/Cee77+z8W1IBCiwhBxAPHj
g6LW+4cyM0TLwVJ2UFDSmuTVu6+wDKJpzOTh9VSRuX0ENnpGPfB9PPQdbW53Oo8K
XQ7lPtLmBoj479v/6LCRwft6x/zgrZovMPOtjZJmB6WrPfGpA/+ONRmvoN8jq+EZ
UEI4LKcMW0Io1OY4BpSfHhjumLXbT1ujthRaPOAQP4wDbo5ioSQzc2mJlfeabX7J
PzFn7t68k6S1xQ==
-----END CERTIFICATE-----