Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
File:                     3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft (raw, json)
Hash identifier:          gYR2XefedfqSiUpV8AS+9B5Of0hRzDUXQFuQXytnarc=
Subject key identifier:   30:EC:3A:58:27:D6:FC:D8:83:05:0E:67:3E:10:2D:5E:26:F7:C7:87
Authority key identifier: DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14
Certificate issuer:       /CN=dd3873303d2d6e238a5bd85ed5867b643158fc14
Certificate serial:       019D3977E63D472BD61827823C491B585F0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
Manifest number:          024B
Signing time:             Sun 29 Mar 2026 12:00:52 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:52 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:52 +0000
Files and hashes:         1: 3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl (hash: kP9tFvmJfFWR9UfJHIoifpLASRkXGdAm9BRp/vtl0jE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 12:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:e6:3d:47:2b:d6:18:27:82:3c:49:1b:58:5f:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd3873303d2d6e238a5bd85ed5867b643158fc14
        Validity
            Not Before: Mar 29 12:00:52 2026 GMT
            Not After : Mar 30 12:00:52 2026 GMT
        Subject: CN=30ec3a5827d6fcd883050e673e102d5e26f7c787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f4:13:fb:4a:7f:55:13:6e:b4:26:c1:86:d3:
                    79:b3:c0:ef:7c:02:19:68:2b:9e:37:16:8d:f3:93:
                    33:1c:74:6f:10:77:6f:46:a3:29:a4:64:da:75:0a:
                    59:c4:b9:6b:95:ff:52:8a:05:e4:74:80:03:60:f5:
                    8e:04:b6:3d:aa:b6:c7:dc:83:d5:18:75:f2:72:95:
                    c6:0b:10:c9:7a:f9:7e:7e:28:e4:6d:96:28:62:2e:
                    78:34:a6:92:68:ab:93:22:f7:62:bb:b0:15:d7:4f:
                    6f:9d:4d:28:cb:f4:81:a2:71:08:f0:6d:ba:54:2e:
                    38:b2:cf:c5:39:c2:46:e7:bf:99:2c:9a:04:1e:c5:
                    3a:b1:e9:a0:4a:c7:12:aa:2a:1a:08:4e:9e:f5:17:
                    f9:6e:77:f1:0c:34:a5:1d:e7:72:f1:df:4b:1b:bb:
                    2b:6c:46:cd:28:de:79:76:18:50:eb:e9:0f:a8:1b:
                    aa:69:ca:e9:04:f5:92:2b:21:c7:21:61:fc:c4:2b:
                    5e:8c:13:91:93:de:41:9d:6c:73:04:d6:09:01:4d:
                    15:4d:6a:c2:17:bd:8e:54:88:3d:14:28:96:fe:36:
                    2c:97:5d:84:6e:92:a6:fb:8a:7a:dd:b3:29:ab:fe:
                    9d:fa:d8:a0:62:96:0b:fd:0d:eb:07:29:50:76:7f:
                    15:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:EC:3A:58:27:D6:FC:D8:83:05:0E:67:3E:10:2D:5E:26:F7:C7:87
            X509v3 Authority Key Identifier:
                keyid:DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:8b:17:ed:ef:fd:ea:a0:72:55:08:ce:e7:7d:85:64:a4:44:
         67:28:b1:29:89:e4:6d:5a:cf:29:fd:fc:3d:17:59:69:80:5d:
         19:f8:96:c0:ed:55:b8:5f:d2:a4:5b:c4:7d:9d:61:b9:6f:fa:
         d1:81:00:57:09:40:dd:2b:c1:b0:d8:16:14:47:c3:b0:44:b3:
         a7:ce:dd:ca:16:89:8e:d2:c5:c1:26:db:dd:64:f0:33:57:12:
         06:72:4e:9d:bd:91:e4:8a:c0:b4:76:0e:13:ae:51:7c:13:3c:
         b2:41:1d:da:53:ed:01:da:db:7d:12:7d:e5:c2:ea:25:4d:76:
         68:de:9d:78:ce:1d:19:77:2a:73:3b:63:09:d9:16:dd:2e:bf:
         85:1e:ee:c3:15:dc:90:2a:55:3d:24:06:f4:82:44:1e:80:b0:
         c6:85:78:2e:9b:40:7d:1d:e1:f7:71:f9:27:f5:d0:ba:25:4f:
         60:ff:6c:34:c8:1a:19:e9:09:44:9c:bf:0b:0c:74:79:bf:81:
         d4:95:be:bf:7d:c3:0d:2f:5b:90:31:c3:86:3e:2a:55:b4:ae:
         44:7e:eb:ed:2e:9f:29:b5:64:67:0c:41:1d:9f:dc:64:6f:59:
         69:56:50:f3:c6:5a:f5:1f:e4:d6:08:97:d6:6f:37:be:67:95:
         19:61:76:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d+Y9RyvWGCeCPEkbWF8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzg3MzMwM2QyZDZlMjM4YTViZDg1ZWQ1ODY3YjY0MzE1
OGZjMTQwHhcNMjYwMzI5MTIwMDUyWhcNMjYwMzMwMTIwMDUyWjAzMTEwLwYDVQQD
EygzMGVjM2E1ODI3ZDZmY2Q4ODMwNTBlNjczZTEwMmQ1ZTI2ZjdjNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/QT+0p/VRNutCbBhtN5s8DvfAIZ
aCueNxaN85MzHHRvEHdvRqMppGTadQpZxLlrlf9SigXkdIADYPWOBLY9qrbH3IPV
GHXycpXGCxDJevl+fijkbZYoYi54NKaSaKuTIvdiu7AV109vnU0oy/SBonEI8G26
VC44ss/FOcJG57+ZLJoEHsU6semgSscSqioaCE6e9Rf5bnfxDDSlHedy8d9LG7sr
bEbNKN55dhhQ6+kPqBuqacrpBPWSKyHHIWH8xCtejBORk95BnWxzBNYJAU0VTWrC
F72OVIg9FCiW/jYsl12EbpKm+4p63bMpq/6d+tigYpYL/Q3rBylQdn8V0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDsOlgn1vzYgwUOZz4QLV4m98eHMB8GA1UdIwQY
MBaAFN04czA9LW4jilvYXtWGe2QxWPwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAt
ZDNkYjI3N2VjZGZhLzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAtZDNkYjI3N2VjZGZh
LzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARosX7e/9
6qByVQjO532FZKREZyixKYnkbVrPKf38PRdZaYBdGfiWwO1VuF/SpFvEfZ1huW/6
0YEAVwlA3SvBsNgWFEfDsESzp87dyhaJjtLFwSbb3WTwM1cSBnJOnb2R5IrAtHYO
E65RfBM8skEd2lPtAdrbfRJ95cLqJU12aN6deM4dGXcqcztjCdkW3S6/hR7uwxXc
kCpVPSQG9IJEHoCwxoV4LptAfR3h93H5J/XQuiVPYP9sNMgaGekJRJy/Cwx0eb+B
1JW+v33DDS9bkDHDhj4qVbSuRH7r7S6fKbVkZwxBHZ/cZG9ZaVZQ88Za9R/k1giX
1m83vmeVGWF29A==
-----END CERTIFICATE-----