Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          jq3luJN3HGlN5V2+jC9CCzv/K8LU5OdbxCDxZsI87rA=
Subject key identifier:   10:0C:4F:26:1F:74:EB:7B:7B:0C:12:A2:D6:F5:C7:C6:AD:0D:84:5A
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       019D37C05B1D0AFFDA93D69603859B681B07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          070F
Signing time:             Sun 29 Mar 2026 04:00:46 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:46 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:46 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: O1sLExeVkVWQPJ4gj5HLcYSRbM2CiGTaN6isa0ZPtlo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:5b:1d:0a:ff:da:93:d6:96:03:85:9b:68:1b:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: Mar 29 04:00:46 2026 GMT
            Not After : Mar 30 04:00:46 2026 GMT
        Subject: CN=100c4f261f74eb7b7b0c12a2d6f5c7c6ad0d845a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:25:43:51:a9:70:65:b7:87:da:10:96:b1:b8:
                    23:5e:ed:6f:83:27:13:42:f4:ef:9d:18:65:36:64:
                    2e:a0:c7:e0:fc:09:9e:21:3c:67:e3:d8:c6:d2:2f:
                    8e:07:eb:16:e8:c5:ea:30:86:4f:76:3d:83:69:79:
                    62:97:ff:f0:20:12:c9:11:b6:34:34:1b:1e:b1:d9:
                    f9:2a:a9:72:44:8c:ba:6a:4e:3d:89:61:a3:14:da:
                    4c:7d:41:df:78:f5:bc:25:87:1a:88:69:f3:ea:0c:
                    9a:9b:f3:49:53:f9:a5:71:e9:77:3b:b2:6e:14:56:
                    5b:fc:db:a7:1a:a7:b5:22:b6:e2:97:12:b6:a2:a2:
                    8f:34:49:42:1e:70:7d:3c:68:e4:52:ba:d0:99:bb:
                    71:fd:03:f0:c5:f8:1b:a0:aa:62:5c:b9:d3:77:c2:
                    64:3c:3f:bc:6c:3e:c7:ac:36:36:39:5e:90:69:29:
                    87:84:a6:6e:83:03:48:a1:b1:9c:04:e9:8e:1e:c6:
                    c4:03:99:b5:93:60:11:63:c0:65:26:d5:0b:51:60:
                    22:c9:cc:66:02:ed:44:ae:31:c7:28:91:d6:4f:0e:
                    60:11:c1:d7:f7:2c:32:a0:7c:ba:4b:80:99:26:01:
                    c3:d4:23:55:a7:a9:3b:f6:60:0b:63:47:bf:9f:3e:
                    e6:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:0C:4F:26:1F:74:EB:7B:7B:0C:12:A2:D6:F5:C7:C6:AD:0D:84:5A
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:4c:76:1a:c8:13:d5:03:a7:d6:3a:0d:c2:37:d2:2a:cb:8a:
         ee:e8:97:dd:3d:46:d8:a1:ae:bf:c9:5a:1b:40:de:d1:36:2a:
         5d:02:3a:d1:1d:5e:a6:fb:30:57:c7:9e:4f:e5:52:d8:10:fe:
         2a:9e:f6:82:82:d8:ba:0b:4b:d4:88:0e:49:2a:09:ce:60:74:
         cb:33:9e:87:29:d1:63:bc:64:ed:85:a4:93:ad:f9:6b:4e:be:
         b3:ae:2c:92:8b:8f:12:69:d7:04:93:7b:e7:aa:41:29:41:44:
         25:1f:9b:1f:18:f2:07:0c:48:b0:28:37:c1:65:ea:fd:e8:9e:
         10:6a:5f:bf:2f:8a:3f:d9:74:4b:86:c8:cc:83:b6:6d:b2:9c:
         ff:f9:b6:9c:e2:3f:0e:ea:c2:39:07:8f:8d:16:6e:e7:62:60:
         0e:b8:4b:2c:f6:06:e6:76:aa:57:a2:5c:07:84:c4:19:fc:ba:
         e5:3e:ba:86:fe:e1:3a:16:27:5c:5d:62:eb:75:a2:0c:e8:e1:
         10:d6:7a:6b:41:bd:53:62:c9:6f:00:71:23:5f:9a:8c:00:82:
         0c:c7:36:0f:79:f7:e2:77:13:4f:08:6e:e4:6d:2e:1e:c1:b0:
         2f:92:c1:93:a1:da:3f:89:1a:1e:03:57:e4:ed:01:20:81:1f:
         ca:58:b2:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFsdCv/ak9aWA4WbaBsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjYwMzI5MDQwMDQ2WhcNMjYwMzMwMDQwMDQ2WjAzMTEwLwYDVQQD
EygxMDBjNGYyNjFmNzRlYjdiN2IwYzEyYTJkNmY1YzdjNmFkMGQ4NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyVDUalwZbeH2hCWsbgjXu1vgycT
QvTvnRhlNmQuoMfg/AmeITxn49jG0i+OB+sW6MXqMIZPdj2DaXlil//wIBLJEbY0
NBsesdn5KqlyRIy6ak49iWGjFNpMfUHfePW8JYcaiGnz6gyam/NJU/mlcel3O7Ju
FFZb/NunGqe1IrbilxK2oqKPNElCHnB9PGjkUrrQmbtx/QPwxfgboKpiXLnTd8Jk
PD+8bD7HrDY2OV6QaSmHhKZugwNIobGcBOmOHsbEA5m1k2ARY8BlJtULUWAiycxm
Au1ErjHHKJHWTw5gEcHX9ywyoHy6S4CZJgHD1CNVp6k79mALY0e/nz7myQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAMTyYfdOt7ewwSotb1x8atDYRaMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0x2GsgT
1QOn1joNwjfSKsuK7uiX3T1G2KGuv8laG0De0TYqXQI60R1epvswV8eeT+VS2BD+
Kp72goLYugtL1IgOSSoJzmB0yzOehynRY7xk7YWkk635a06+s64skouPEmnXBJN7
56pBKUFEJR+bHxjyBwxIsCg3wWXq/eieEGpfvy+KP9l0S4bIzIO2bbKc//m2nOI/
DurCOQePjRZu52JgDrhLLPYG5naqV6JcB4TEGfy65T66hv7hOhYnXF1i63WiDOjh
ENZ6a0G9U2LJbwBxI1+ajACCDMc2D3n34ncTTwhu5G0uHsGwL5LBk6HaP4kaHgNX
5O0BIIEfyliyRA==
-----END CERTIFICATE-----