Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
File:                     DW3GbMOENrasMel-cS0hlAfIPPQ.mft (raw, json)
Hash identifier:          XXy4WtItk/Y/vJlKLQaCV0R5gkwIxZzfBKzJr5J3TWc=
Subject key identifier:   92:C8:F8:B2:E2:11:B3:2A:75:4D:0A:D5:7B:1C:12:75:68:AF:C8:B5
Authority key identifier: 0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4
Certificate issuer:       /CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
Certificate serial:       019D37C04536DF549C3786A6DA595AFA6808
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
Manifest number:          0712
Signing time:             Sun 29 Mar 2026 04:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:40 +0000
Files and hashes:         1: DW3GbMOENrasMel-cS0hlAfIPPQ.crl (hash: RPgL7z9xg8Be4+57f7bQEgEh69BW7Qymi3tTCrKze4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:45:36:df:54:9c:37:86:a6:da:59:5a:fa:68:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
        Validity
            Not Before: Mar 29 04:00:40 2026 GMT
            Not After : Mar 30 04:00:40 2026 GMT
        Subject: CN=92c8f8b2e211b32a754d0ad57b1c127568afc8b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:64:d9:96:70:d6:15:9e:1b:80:4f:fb:1b:ed:
                    dc:ef:5b:46:2d:66:8b:42:13:0e:57:23:f8:28:be:
                    68:5a:65:08:27:27:7b:70:6a:cc:7b:86:f8:71:c0:
                    fa:eb:84:73:d1:77:cd:79:96:98:9a:a1:05:c5:35:
                    87:7f:af:21:75:b1:3e:9a:8c:64:36:29:72:07:fd:
                    69:32:c9:7e:49:7f:d5:01:86:6f:53:a1:42:57:66:
                    0b:dc:1b:88:24:84:70:3a:0b:da:13:fb:d2:69:b2:
                    5d:ba:f9:e5:f2:f4:05:56:15:83:55:bd:df:3a:fc:
                    64:c1:db:6c:b7:5f:cc:fb:0b:42:4f:a6:0b:8d:89:
                    65:b3:7a:d4:2c:d6:cf:a1:1c:66:2e:94:99:cf:4e:
                    f9:b0:99:c9:1a:f9:04:1c:6c:56:b8:4d:b9:89:62:
                    4d:94:72:41:37:e5:bd:01:b8:63:00:28:d5:00:33:
                    cb:43:f9:b6:91:96:62:76:5d:35:9c:7b:b1:2c:e4:
                    ae:f5:b0:02:63:f2:92:d0:94:4a:0d:49:4c:fa:3b:
                    6d:ae:06:51:15:2a:10:32:f9:37:6b:4d:a7:ca:31:
                    69:b7:eb:0c:b9:63:33:f2:ae:c7:bb:72:5b:dd:66:
                    a8:85:54:50:7a:55:dc:ec:92:cb:98:de:08:af:9c:
                    6d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:C8:F8:B2:E2:11:B3:2A:75:4D:0A:D5:7B:1C:12:75:68:AF:C8:B5
            X509v3 Authority Key Identifier:
                keyid:0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:14:a4:9f:62:f1:5a:ac:38:15:aa:13:38:6b:2c:0c:7c:32:
         27:eb:c1:1d:77:6d:25:35:c3:5b:bb:fa:58:4f:9f:48:e6:08:
         8e:b1:80:37:09:8d:de:da:5b:ef:98:de:44:f0:4e:bc:27:c2:
         68:c6:0c:af:58:54:b9:9c:2d:95:c1:fe:24:77:ac:3c:cb:b2:
         d7:1e:20:6d:a9:40:4c:88:2f:9f:e5:3d:ee:26:33:18:b4:b6:
         43:99:53:9c:05:72:52:b1:ac:0e:cc:7a:af:15:df:d7:3c:63:
         a5:4a:dc:1d:4d:0d:1c:90:84:86:21:08:39:49:1d:8f:0b:83:
         05:57:00:30:7a:81:62:44:ea:17:3c:68:5f:a7:1e:ed:4a:e3:
         ce:f3:a9:d8:ec:0a:fa:e5:3b:48:8e:03:7b:ad:0e:4b:88:df:
         2b:41:96:53:55:71:26:46:81:22:20:6a:7c:6b:c0:4c:83:44:
         32:bf:95:fd:cf:e9:29:f7:97:90:f1:b8:e7:70:b3:fb:cd:be:
         7d:ed:7b:d9:bb:d8:e5:0b:f1:16:72:db:ec:89:5b:0a:92:1b:
         3f:0f:d6:a6:c8:cd:16:6f:9b:b9:c9:1e:0e:56:ca:e6:a5:d9:
         c8:dd:d0:36:52:7d:50:67:73:ca:6e:92:08:bc:ac:9e:a1:58:
         fa:bb:1b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wEU231ScN4am2lla+mgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmRjNjZjYzM4NDM2YjZhYzMxZTk3ZTcxMmQyMTk0MDdj
ODNjZjQwHhcNMjYwMzI5MDQwMDQwWhcNMjYwMzMwMDQwMDQwWjAzMTEwLwYDVQQD
Eyg5MmM4ZjhiMmUyMTFiMzJhNzU0ZDBhZDU3YjFjMTI3NTY4YWZjOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWTZlnDWFZ4bgE/7G+3c71tGLWaL
QhMOVyP4KL5oWmUIJyd7cGrMe4b4ccD664Rz0XfNeZaYmqEFxTWHf68hdbE+moxk
NilyB/1pMsl+SX/VAYZvU6FCV2YL3BuIJIRwOgvaE/vSabJduvnl8vQFVhWDVb3f
Ovxkwdtst1/M+wtCT6YLjYlls3rULNbPoRxmLpSZz075sJnJGvkEHGxWuE25iWJN
lHJBN+W9AbhjACjVADPLQ/m2kZZidl01nHuxLOSu9bACY/KS0JRKDUlM+jttrgZR
FSoQMvk3a02nyjFpt+sMuWMz8q7Hu3Jb3WaohVRQelXc7JLLmN4Ir5xtFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLI+LLiEbMqdU0K1XscEnVor8i1MB8GA1UdIwQY
MBaAFA1txmzDhDa2rDHpfnEtIZQHyDz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEt
OWRkNTIzMTNhZTdjLzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEtOWRkNTIzMTNhZTdj
LzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRSkn2Lx
Wqw4FaoTOGssDHwyJ+vBHXdtJTXDW7v6WE+fSOYIjrGANwmN3tpb75jeRPBOvCfC
aMYMr1hUuZwtlcH+JHesPMuy1x4gbalATIgvn+U97iYzGLS2Q5lTnAVyUrGsDsx6
rxXf1zxjpUrcHU0NHJCEhiEIOUkdjwuDBVcAMHqBYkTqFzxoX6ce7UrjzvOp2OwK
+uU7SI4De60OS4jfK0GWU1VxJkaBIiBqfGvATINEMr+V/c/pKfeXkPG453Cz+82+
fe172bvY5QvxFnLb7IlbCpIbPw/WpsjNFm+buckeDlbK5qXZyN3QNlJ9UGdzym6S
CLysnqFY+rsbNg==
-----END CERTIFICATE-----