Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          lN05mae+AEqpv5gOymbmPBBnvosRhlLt+Ip8QvDvxgQ=
Subject key identifier:   49:3C:E8:A1:86:3C:66:E6:0B:E8:36:92:7C:F2:2A:0F:32:71:8D:05
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       019D389C1DA18F9C8C5AEDCF5DCEBCD32373
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          0723
Signing time:             Sun 29 Mar 2026 08:00:48 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:48 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:48 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: 0iv6uaZlXIE058FmEcWaGp8wUAZDRVXIV56YJxmsUdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:1d:a1:8f:9c:8c:5a:ed:cf:5d:ce:bc:d3:23:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Mar 29 08:00:48 2026 GMT
            Not After : Mar 30 08:00:48 2026 GMT
        Subject: CN=493ce8a1863c66e60be836927cf22a0f32718d05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:cc:4f:78:d7:51:36:24:20:fa:ed:cc:a0:9b:
                    c2:3a:42:31:30:6d:47:33:bd:b8:f1:54:b5:ab:b1:
                    d8:2c:e6:fe:e5:e6:26:20:0a:6e:ef:22:45:cb:24:
                    1d:71:bd:6e:75:35:07:16:30:7d:78:d0:b5:3c:1e:
                    fa:27:eb:0e:06:5a:d4:cb:83:f2:7b:7d:84:b5:a0:
                    8b:e6:24:86:83:06:8c:a8:7e:81:7d:4f:58:d8:43:
                    84:02:14:e1:b2:61:43:ef:26:81:d4:e9:a6:b9:8d:
                    23:70:a0:13:74:0c:c3:9f:94:79:16:fb:b7:9f:46:
                    0a:93:d2:e0:eb:c3:34:bb:37:17:7b:31:49:3f:70:
                    c4:2c:7d:47:35:c4:46:8f:9a:ae:88:2d:ec:d8:e2:
                    84:6b:ae:9c:7f:13:95:79:cd:38:3d:1f:c7:09:06:
                    60:c6:2a:da:8c:e8:e2:8e:66:1c:4f:0d:de:6d:6b:
                    9d:b8:16:e0:7f:e7:50:69:98:d9:6e:f4:db:6b:a5:
                    33:2a:72:ab:0a:6c:3c:91:b0:29:ab:c1:97:e9:e7:
                    92:0f:5a:f3:87:bd:1f:8e:2c:f5:a2:9b:0b:bf:a1:
                    d6:5f:e8:96:11:e4:ad:cc:cb:67:12:92:d4:3b:6b:
                    da:fd:b5:a0:a7:6a:ad:97:50:c4:af:f5:bd:08:31:
                    cb:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:3C:E8:A1:86:3C:66:E6:0B:E8:36:92:7C:F2:2A:0F:32:71:8D:05
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:bf:a0:36:12:e0:8f:d0:10:99:24:56:89:72:32:75:fa:f4:
         ae:27:0d:ca:9c:8b:fb:57:33:e7:59:e2:3e:51:83:74:5c:be:
         15:dd:6c:87:ad:7d:3f:83:5c:c7:a9:8f:de:31:24:e9:5b:cb:
         3f:cb:98:4f:49:1a:8b:85:3c:df:7f:6a:7c:49:28:2c:27:bd:
         8b:85:35:5a:c4:77:ff:4d:6c:e7:7f:e6:9d:d9:fd:0f:7b:05:
         d9:38:a5:9c:9d:e8:a6:ee:a9:7c:2c:6f:72:5e:01:b2:81:5c:
         12:c3:96:01:66:a5:e5:c1:90:50:b8:72:48:fb:e1:11:2d:9c:
         23:2b:6d:eb:13:60:0f:94:d8:1a:f8:6f:a7:fb:6c:65:8b:94:
         d8:2f:c0:73:46:61:b0:99:83:09:33:40:32:04:7b:84:bb:2e:
         13:6f:6f:ca:8d:bd:4b:64:8f:fd:f0:f6:eb:56:23:2b:03:f5:
         3e:03:75:c9:07:75:56:dc:8a:6b:c3:12:46:72:c4:c3:b4:ef:
         dc:2a:ea:4f:27:18:71:e3:d2:c9:f1:68:c7:dd:4a:cd:c1:4f:
         df:6f:9b:ca:83:3c:69:57:69:2c:c5:c6:b7:01:e1:f5:71:92:
         7c:d2:ca:85:78:b7:60:a4:29:35:d8:34:47:4a:9b:95:4a:48:
         99:8c:59:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nB2hj5yMWu3PXc680yNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjYwMzI5MDgwMDQ4WhcNMjYwMzMwMDgwMDQ4WjAzMTEwLwYDVQQD
Eyg0OTNjZThhMTg2M2M2NmU2MGJlODM2OTI3Y2YyMmEwZjMyNzE4ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMxPeNdRNiQg+u3MoJvCOkIxMG1H
M7248VS1q7HYLOb+5eYmIApu7yJFyyQdcb1udTUHFjB9eNC1PB76J+sOBlrUy4Py
e32EtaCL5iSGgwaMqH6BfU9Y2EOEAhThsmFD7yaB1OmmuY0jcKATdAzDn5R5Fvu3
n0YKk9Lg68M0uzcXezFJP3DELH1HNcRGj5quiC3s2OKEa66cfxOVec04PR/HCQZg
xirajOjijmYcTw3ebWuduBbgf+dQaZjZbvTba6UzKnKrCmw8kbApq8GX6eeSD1rz
h70fjiz1opsLv6HWX+iWEeStzMtnEpLUO2va/bWgp2qtl1DEr/W9CDHLCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEk86KGGPGbmC+g2knzyKg8ycY0FMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaL+gNhLg
j9AQmSRWiXIydfr0ricNypyL+1cz51niPlGDdFy+Fd1sh619P4Ncx6mP3jEk6VvL
P8uYT0kai4U8339qfEkoLCe9i4U1WsR3/01s53/mndn9D3sF2TilnJ3opu6pfCxv
cl4BsoFcEsOWAWal5cGQULhySPvhES2cIytt6xNgD5TYGvhvp/tsZYuU2C/Ac0Zh
sJmDCTNAMgR7hLsuE29vyo29S2SP/fD261YjKwP1PgN1yQd1VtyKa8MSRnLEw7Tv
3CrqTycYcePSyfFox91KzcFP32+byoM8aVdpLMXGtwHh9XGSfNLKhXi3YKQpNdg0
R0qblUpImYxZew==
-----END CERTIFICATE-----