Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          u+BfSOam+C4axylKj236QOOA+Vedx8DjzIAK2flWSyI=
Subject key identifier:   9A:38:9A:96:C4:7A:DB:40:19:E7:50:B7:CE:84:C6:47:99:54:B8:C5
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019D37C01781FC1FBA2719E7C51E7D05887F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          159B
Signing time:             Sun 29 Mar 2026 04:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:28 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: obQzWFR+48yWzmekZ3r1MuJP9wG8IR1O02/46/a0ptM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:17:81:fc:1f:ba:27:19:e7:c5:1e:7d:05:88:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Mar 29 04:00:28 2026 GMT
            Not After : Mar 30 04:00:28 2026 GMT
        Subject: CN=9a389a96c47adb4019e750b7ce84c6479954b8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:be:72:56:23:82:79:34:9c:8c:02:7c:2b:e6:
                    6d:f9:d1:c5:42:29:21:97:dc:f9:b9:07:6c:e0:68:
                    a8:e8:0d:e3:51:d6:97:be:a9:ba:0b:71:9d:50:6a:
                    a7:c7:39:7f:4d:b3:bd:10:96:03:2f:78:0a:46:83:
                    d9:d0:2c:25:b0:cc:70:ca:29:73:75:d9:8b:c9:66:
                    f1:86:29:fd:f7:6b:84:43:43:6e:2b:5a:8f:da:a8:
                    03:8b:9c:61:e5:65:12:6b:11:bc:ef:6b:a9:b9:53:
                    d0:56:6b:d0:4e:82:9d:88:9c:f2:e2:6f:5d:1c:38:
                    a0:e8:fc:c4:70:e1:26:02:24:eb:6c:52:45:d0:46:
                    3e:8d:cf:46:df:67:8b:87:2e:98:4c:07:10:79:2e:
                    b8:23:e7:62:78:c9:82:f8:96:9a:41:90:d0:cb:a4:
                    f2:92:17:2c:d6:ad:fc:eb:64:18:a2:9b:08:82:6d:
                    7f:ca:15:bf:8f:9f:86:c5:62:26:26:b9:90:b0:a5:
                    c3:a0:7f:41:b8:b5:05:58:14:63:46:b9:c0:66:79:
                    56:88:93:dd:51:98:4a:72:c9:4b:44:d5:92:74:1f:
                    26:6e:5c:8f:83:7c:a2:d0:9c:84:91:81:bc:78:f0:
                    d7:22:fa:bc:fa:d0:6d:f2:00:b8:17:06:20:30:0f:
                    69:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:38:9A:96:C4:7A:DB:40:19:E7:50:B7:CE:84:C6:47:99:54:B8:C5
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:0b:3f:41:62:24:ef:d2:49:ed:64:12:8d:da:1b:0e:f7:67:
         71:bb:5b:b9:cc:42:18:22:98:1f:7f:e9:06:69:a1:11:16:4b:
         9e:ff:17:23:33:37:17:1a:02:92:1a:fd:14:e2:2c:d9:ff:e5:
         78:9e:73:b8:17:25:ea:d0:ae:54:1c:df:f3:40:1d:93:b9:8f:
         27:bb:17:b6:42:99:7e:44:89:98:3f:d4:9b:2a:f7:c9:3a:bb:
         0b:32:59:7a:c5:6d:07:58:42:72:55:d2:d3:7d:28:dd:c5:2d:
         cc:87:e2:61:54:5e:0e:f9:87:f4:d5:1d:a5:8d:8f:a7:a3:09:
         2f:79:f6:bf:b6:89:7f:6c:c8:1b:86:a4:81:cf:ff:05:ed:e4:
         69:56:f0:bf:c3:d0:f7:e8:e5:cf:92:6b:bd:56:7e:63:7b:a6:
         2d:65:57:5f:9c:bc:c6:97:06:c5:6c:d6:95:56:3c:60:61:49:
         39:3d:63:f6:df:06:ef:bd:d7:30:22:34:17:c8:b1:3e:51:25:
         34:b9:a8:6a:ac:19:9c:e1:21:e7:35:ca:a9:13:ed:96:92:67:
         3e:e6:3c:72:e4:e3:4e:eb:ba:bc:96:d7:b9:70:b6:b5:5c:b1:
         ca:74:88:7e:2c:fa:6c:03:35:e4:0a:66:b9:cd:a9:f5:61:f7:
         2b:7d:cb:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wBeB/B+6JxnnxR59BYh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjYwMzI5MDQwMDI4WhcNMjYwMzMwMDQwMDI4WjAzMTEwLwYDVQQD
Eyg5YTM4OWE5NmM0N2FkYjQwMTllNzUwYjdjZTg0YzY0Nzk5NTRiOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt75yViOCeTScjAJ8K+Zt+dHFQikh
l9z5uQds4Gio6A3jUdaXvqm6C3GdUGqnxzl/TbO9EJYDL3gKRoPZ0CwlsMxwyilz
ddmLyWbxhin992uEQ0NuK1qP2qgDi5xh5WUSaxG872upuVPQVmvQToKdiJzy4m9d
HDig6PzEcOEmAiTrbFJF0EY+jc9G32eLhy6YTAcQeS64I+dieMmC+JaaQZDQy6Ty
khcs1q3862QYopsIgm1/yhW/j5+GxWImJrmQsKXDoH9BuLUFWBRjRrnAZnlWiJPd
UZhKcslLRNWSdB8mblyPg3yi0JyEkYG8ePDXIvq8+tBt8gC4FwYgMA9pJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJo4mpbEettAGedQt86ExkeZVLjFMB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQs/QWIk
79JJ7WQSjdobDvdncbtbucxCGCKYH3/pBmmhERZLnv8XIzM3FxoCkhr9FOIs2f/l
eJ5zuBcl6tCuVBzf80Adk7mPJ7sXtkKZfkSJmD/Umyr3yTq7CzJZesVtB1hCclXS
030o3cUtzIfiYVReDvmH9NUdpY2Pp6MJL3n2v7aJf2zIG4akgc//Be3kaVbwv8PQ
9+jlz5JrvVZ+Y3umLWVXX5y8xpcGxWzWlVY8YGFJOT1j9t8G773XMCI0F8ixPlEl
NLmoaqwZnOEh5zXKqRPtlpJnPuY8cuTjTuu6vJbXuXC2tVyxynSIfiz6bAM15Apm
uc2p9WH3K33LHw==
-----END CERTIFICATE-----