Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          DP3rPybwl3sWWD0+4nrr/EpFcGi/5uVuX+kCgiSFHN0=
Subject key identifier:   E0:F9:71:D4:BC:5E:72:6B:F6:A9:EB:2E:42:A1:30:2C:D3:D0:64:8F
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       019D386638BBFDCF21B885F74B395695ED4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:01:56 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:56 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:56 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: 1reuuC89XUJnvS2o29k5kIiHuhBWx6ZlRa8ixjdp2Cc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:38:bb:fd:cf:21:b8:85:f7:4b:39:56:95:ed:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Mar 29 07:01:56 2026 GMT
            Not After : Mar 30 07:01:56 2026 GMT
        Subject: CN=e0f971d4bc5e726bf6a9eb2e42a1302cd3d0648f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:78:05:22:b3:b5:fd:f9:48:9a:7a:fb:15:68:
                    2e:2c:66:fd:8d:7b:2c:a3:6c:03:65:65:09:e5:66:
                    86:0a:fe:ac:49:a9:23:bf:83:8f:1d:76:8b:d8:ce:
                    fa:3f:47:15:08:4a:39:a2:47:67:ea:35:b5:ea:07:
                    eb:ba:06:76:3b:e2:91:ae:82:96:f5:af:56:8c:b8:
                    63:b3:2a:1f:4d:a1:78:da:2d:37:d6:a5:45:38:7a:
                    26:68:10:bd:d4:be:58:14:ed:9e:17:42:0e:20:45:
                    22:b6:dc:2a:ea:08:d3:77:d9:0a:15:1d:41:5b:0a:
                    fd:65:4a:49:d3:8b:93:fa:7b:fd:2b:8b:12:77:7a:
                    5a:7f:61:b8:19:d8:36:06:b9:09:71:cb:c1:29:1c:
                    66:44:46:d1:da:1a:e1:7f:05:c5:b5:db:bd:49:09:
                    78:46:f6:7e:94:c3:03:b3:a4:cd:0c:df:4e:4d:41:
                    43:03:89:8e:48:d5:a5:29:b7:6a:b1:65:aa:33:23:
                    2a:e8:b2:96:7f:cd:4d:3c:4b:04:1c:44:1c:89:d8:
                    91:c9:40:ae:01:cd:b0:95:1c:f0:c6:d5:70:73:d9:
                    b4:42:aa:25:0c:3a:a3:82:76:56:0d:f7:fc:e6:a7:
                    43:a5:1f:5e:14:e2:4a:95:72:a9:16:6b:9e:91:47:
                    56:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F9:71:D4:BC:5E:72:6B:F6:A9:EB:2E:42:A1:30:2C:D3:D0:64:8F
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:ae:61:42:5f:50:ee:09:de:4c:fa:96:d5:0d:44:2e:86:7d:
         d4:5f:a2:80:bc:dd:4d:13:05:b5:06:33:55:f6:91:55:0f:69:
         cb:0e:90:0b:fd:5f:57:e2:ef:3d:99:71:af:61:86:6a:4e:83:
         4e:4b:c3:ef:b8:70:a5:6f:c3:a3:7a:e4:d8:03:36:fb:2f:07:
         fd:9f:a0:f0:be:d5:c9:46:74:7c:86:89:ad:68:63:d5:5e:5f:
         77:bb:64:a1:ff:b6:98:22:eb:94:d0:bd:75:61:55:96:84:3d:
         fe:87:67:57:1f:5b:bc:50:24:aa:fa:83:05:b2:85:ed:50:9f:
         8d:70:d0:b2:7a:fc:55:6a:e8:72:ae:a3:83:65:9a:0b:e1:5e:
         59:15:46:02:97:f8:34:d7:92:3b:75:47:6f:bf:74:38:c0:5a:
         f9:ec:00:4e:69:6e:65:e3:9e:ed:60:44:34:f7:b8:a4:a4:6f:
         32:01:1f:84:0b:c7:71:34:d4:93:5d:4c:f5:da:c5:b9:f3:34:
         f8:c0:cb:98:5f:5c:63:cd:f5:94:26:ed:c1:e1:e3:94:75:51:
         d3:b7:19:4a:60:95:3d:59:6c:99:49:bb:51:54:6b:38:2e:ae:
         87:6f:c2:32:11:c6:45:2f:12:02:3d:ea:fa:5d:34:c8:c4:ed:
         cd:50:3b:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zji7/c8huIX3SzlWle1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjYwMzI5MDcwMTU2WhcNMjYwMzMwMDcwMTU2WjAzMTEwLwYDVQQD
EyhlMGY5NzFkNGJjNWU3MjZiZjZhOWViMmU0MmExMzAyY2QzZDA2NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApngFIrO1/flImnr7FWguLGb9jXss
o2wDZWUJ5WaGCv6sSakjv4OPHXaL2M76P0cVCEo5okdn6jW16gfrugZ2O+KRroKW
9a9WjLhjsyofTaF42i031qVFOHomaBC91L5YFO2eF0IOIEUittwq6gjTd9kKFR1B
Wwr9ZUpJ04uT+nv9K4sSd3paf2G4Gdg2BrkJccvBKRxmREbR2hrhfwXFtdu9SQl4
RvZ+lMMDs6TNDN9OTUFDA4mOSNWlKbdqsWWqMyMq6LKWf81NPEsEHEQcidiRyUCu
Ac2wlRzwxtVwc9m0QqolDDqjgnZWDff85qdDpR9eFOJKlXKpFmuekUdW0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOD5cdS8XnJr9qnrLkKhMCzT0GSPMB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYK5hQl9Q
7gneTPqW1Q1ELoZ91F+igLzdTRMFtQYzVfaRVQ9pyw6QC/1fV+LvPZlxr2GGak6D
TkvD77hwpW/Do3rk2AM2+y8H/Z+g8L7VyUZ0fIaJrWhj1V5fd7tkof+2mCLrlNC9
dWFVloQ9/odnVx9bvFAkqvqDBbKF7VCfjXDQsnr8VWrocq6jg2WaC+FeWRVGApf4
NNeSO3VHb790OMBa+ewATmluZeOe7WBENPe4pKRvMgEfhAvHcTTUk11M9drFufM0
+MDLmF9cY831lCbtweHjlHVR07cZSmCVPVlsmUm7UVRrOC6uh2/CMhHGRS8SAj3q
+l00yMTtzVA7AA==
-----END CERTIFICATE-----