Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          RtFlvLWwIQNuSj0f8LgSNrSF3tJFjxIn9a1TKEh0ruc=
Subject key identifier:   5B:CC:60:28:09:9A:B7:73:17:9C:17:64:72:3E:11:8A:1D:60:BE:F5
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       019D38D2E7A4DE3D663D8F86A2A92A1BA2B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          159D
Signing time:             Sun 29 Mar 2026 09:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:38 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: FUcQnmB9GDVnWMB3+1IKfb38punP0C62z+fuznErU+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:e7:a4:de:3d:66:3d:8f:86:a2:a9:2a:1b:a2:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Mar 29 09:00:38 2026 GMT
            Not After : Mar 30 09:00:38 2026 GMT
        Subject: CN=5bcc6028099ab773179c1764723e118a1d60bef5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1c:48:ab:69:2a:01:dc:34:e2:a8:f5:ea:d9:
                    2d:b0:4e:bf:08:a3:f6:6b:c3:21:ae:59:14:f2:82:
                    04:e4:42:31:a7:ed:35:55:12:bf:64:4d:93:33:ca:
                    49:c8:47:df:8f:4f:2a:35:5b:2e:36:3d:8b:e1:63:
                    e5:36:86:41:e7:54:7f:66:a8:76:dc:61:09:8d:b4:
                    87:94:fc:05:f8:33:d3:38:be:0c:db:ab:cf:ee:4f:
                    16:0c:ed:7b:94:82:19:65:dd:a6:6c:61:47:35:40:
                    d6:2f:a7:09:8c:e6:f2:30:96:b0:8b:99:9f:8e:ca:
                    da:df:c4:21:73:35:4a:2c:36:26:a1:f4:16:cd:5e:
                    e2:b9:f1:77:f1:ac:ed:a8:68:7b:93:87:ed:15:0a:
                    00:c3:fa:e3:97:32:d9:63:94:01:df:21:19:91:b9:
                    30:83:81:77:80:cf:22:80:3a:60:7d:6b:6b:b6:90:
                    a0:ba:ac:cb:53:01:e5:d3:d0:58:6e:ba:23:94:66:
                    2a:46:ec:8b:e5:73:c0:48:89:4c:b6:8e:cd:39:8e:
                    7f:91:e5:fb:af:26:f1:28:21:8a:d6:e7:d2:8d:8b:
                    a6:93:e3:21:86:46:ba:94:d8:d4:88:02:51:28:bb:
                    f3:e2:13:94:80:cb:b0:a8:1a:e0:e5:00:a0:6b:cf:
                    5f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CC:60:28:09:9A:B7:73:17:9C:17:64:72:3E:11:8A:1D:60:BE:F5
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:2a:e4:e5:f0:49:a8:45:65:cf:b5:8c:90:79:58:87:77:0b:
         60:37:74:81:8b:cc:0e:13:ab:3d:d4:e9:aa:53:c7:a7:e6:b2:
         96:9a:fd:42:60:76:f0:d8:02:41:b5:da:bc:84:41:fe:d8:e8:
         97:9e:c3:1b:1e:34:d7:b7:b2:cf:d7:5b:6a:ab:d3:43:76:c7:
         e4:13:28:45:76:a9:74:f2:46:22:00:aa:20:46:0a:d2:e6:c7:
         e7:02:a2:a6:20:50:f4:5a:cd:26:d9:dd:a7:02:aa:f3:8d:f1:
         b9:f1:a1:3a:7e:3d:60:c2:8b:81:f5:33:49:9c:7f:5e:93:93:
         5a:c1:bc:9a:c3:4d:6d:2b:3c:be:e9:65:c0:62:b6:46:d4:3c:
         14:d9:c2:01:20:46:e7:60:19:a2:52:c4:00:59:01:c6:b4:56:
         01:09:75:b9:47:e5:e8:66:59:6d:64:3f:a7:80:f2:d0:ec:d8:
         85:c9:cf:b9:40:51:2b:32:56:04:ba:6e:7d:f0:cf:f6:fc:03:
         81:a4:60:18:78:28:fb:db:d2:40:e4:ae:a2:13:3d:0f:85:31:
         75:d2:93:77:ff:23:a3:12:43:ae:59:29:20:d3:2c:a5:59:9f:
         ca:00:0b:c9:3a:42:35:f3:d1:38:1b:6a:1f:5d:d8:1e:57:46:
         06:be:27:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uek3j1mPY+GoqkqG6KyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjYwMzI5MDkwMDM4WhcNMjYwMzMwMDkwMDM4WjAzMTEwLwYDVQQD
Eyg1YmNjNjAyODA5OWFiNzczMTc5YzE3NjQ3MjNlMTE4YTFkNjBiZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBxIq2kqAdw04qj16tktsE6/CKP2
a8MhrlkU8oIE5EIxp+01VRK/ZE2TM8pJyEffj08qNVsuNj2L4WPlNoZB51R/Zqh2
3GEJjbSHlPwF+DPTOL4M26vP7k8WDO17lIIZZd2mbGFHNUDWL6cJjObyMJawi5mf
jsra38QhczVKLDYmofQWzV7iufF38aztqGh7k4ftFQoAw/rjlzLZY5QB3yEZkbkw
g4F3gM8igDpgfWtrtpCguqzLUwHl09BYbrojlGYqRuyL5XPASIlMto7NOY5/keX7
rybxKCGK1ufSjYumk+Mhhka6lNjUiAJRKLvz4hOUgMuwqBrg5QCga89fDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvMYCgJmrdzF5wXZHI+EYodYL71MB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASSrk5fBJ
qEVlz7WMkHlYh3cLYDd0gYvMDhOrPdTpqlPHp+aylpr9QmB28NgCQbXavIRB/tjo
l57DGx4017eyz9dbaqvTQ3bH5BMoRXapdPJGIgCqIEYK0ubH5wKipiBQ9FrNJtnd
pwKq843xufGhOn49YMKLgfUzSZx/XpOTWsG8msNNbSs8vullwGK2RtQ8FNnCASBG
52AZolLEAFkBxrRWAQl1uUfl6GZZbWQ/p4Dy0OzYhcnPuUBRKzJWBLpuffDP9vwD
gaRgGHgo+9vSQOSuohM9D4UxddKTd/8joxJDrlkpINMspVmfygALyTpCNfPROBtq
H13YHldGBr4n1g==
-----END CERTIFICATE-----