Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          eXnIqJkhvroXL9Pag2Fb7bOw2FMpVgNbWcXDr5x6CKc=
Subject key identifier:   E4:8D:8E:95:57:4A:46:27:1D:63:0E:AE:CB:9B:BA:8B:6C:8D:E8:A1
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       019D3977B54226B30D7EF8B702A3C4FB3CF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          03F6
Signing time:             Sun 29 Mar 2026 12:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:39 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: 40rtk4d1K3Xm0wi4K22sVWo2TvYaUY10qbxdnS4woCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:b5:42:26:b3:0d:7e:f8:b7:02:a3:c4:fb:3c:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: Mar 29 12:00:39 2026 GMT
            Not After : Mar 30 12:00:39 2026 GMT
        Subject: CN=e48d8e95574a46271d630eaecb9bba8b6c8de8a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ea:3a:6b:ce:b9:82:42:90:4a:4b:c0:d8:83:
                    5d:8a:57:29:9f:21:1c:bf:b2:80:42:b8:0d:83:17:
                    c1:fc:fd:47:db:b2:66:18:7d:de:b6:c7:f0:08:f2:
                    18:af:12:ac:f4:1b:db:f1:8c:ae:6e:ca:0f:00:fe:
                    d7:4e:40:b7:5d:71:e4:a7:b2:e9:be:d9:a7:a4:3e:
                    bd:39:e2:02:24:55:bf:75:02:9f:24:94:09:1d:eb:
                    b0:c5:26:69:31:1b:97:55:e9:18:92:b2:91:73:97:
                    91:13:a6:84:73:15:94:e0:4f:e1:bf:b9:6b:b0:4a:
                    1e:20:3a:02:18:0a:f8:51:57:2d:60:e6:34:ba:92:
                    48:1c:c7:67:c0:06:fe:14:b3:b1:43:b9:93:7d:bf:
                    9c:6a:2d:fc:a5:6c:21:7f:5f:3f:cb:3f:de:68:ca:
                    83:c7:4f:6a:56:4c:f4:9e:b2:61:8c:90:d3:ee:90:
                    ca:a4:58:8d:03:b4:ae:8e:9e:d1:68:03:f2:69:d5:
                    8a:70:c8:6c:e9:f0:b9:a5:03:84:ec:43:47:b2:46:
                    b9:9c:4b:f9:bb:e8:b2:49:38:77:6c:2f:13:ce:a2:
                    1b:a8:2b:43:66:a1:c4:e8:10:e2:a8:12:89:16:de:
                    79:2d:7e:79:ba:16:4c:88:ca:14:c7:92:0b:e3:07:
                    db:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:8D:8E:95:57:4A:46:27:1D:63:0E:AE:CB:9B:BA:8B:6C:8D:E8:A1
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:e3:42:4f:cd:01:2a:6d:b2:0d:ca:3a:e4:3a:78:19:31:98:
         9a:fe:be:9d:f4:07:d3:bb:6d:e6:5f:a3:14:d0:1c:db:95:71:
         68:a5:a6:24:b4:05:75:5d:be:30:f6:88:68:02:1b:73:43:d3:
         b8:41:ef:12:1a:83:67:54:74:bf:39:9d:4c:62:b8:41:e3:e3:
         ee:0b:4e:99:ed:d7:17:34:8e:f1:e3:63:33:bc:71:08:78:6b:
         87:43:72:33:b8:7e:42:f9:5a:b8:79:b0:f0:82:f6:62:08:31:
         fd:30:b4:45:25:8a:de:92:c1:8c:77:d1:44:38:2f:5c:32:e8:
         6d:94:1d:31:df:6f:3c:d4:6b:6f:a0:14:91:64:54:73:cf:7d:
         76:ce:23:da:b5:e3:d4:eb:85:6f:8a:9f:87:47:d3:0f:93:0e:
         85:3d:1c:4f:b5:7a:ea:34:c4:2a:48:9b:aa:cd:9d:35:44:a4:
         09:27:40:ba:15:05:83:c3:c6:c1:30:9c:2b:fb:8c:6d:f7:e8:
         3b:58:70:87:6c:ee:9d:d7:6b:1d:17:56:37:44:06:76:24:a5:
         29:f5:7c:4d:41:0d:b9:92:4c:fa:b4:32:70:f1:45:f8:10:b6:
         94:32:fd:9d:73:46:1a:a7:c9:9d:a6:fe:21:c3:48:76:a7:34:
         bc:ea:5b:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d7VCJrMNfvi3AqPE+zz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjYwMzI5MTIwMDM5WhcNMjYwMzMwMTIwMDM5WjAzMTEwLwYDVQQD
EyhlNDhkOGU5NTU3NGE0NjI3MWQ2MzBlYWVjYjliYmE4YjZjOGRlOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluo6a865gkKQSkvA2INdilcpnyEc
v7KAQrgNgxfB/P1H27JmGH3etsfwCPIYrxKs9Bvb8YyubsoPAP7XTkC3XXHkp7Lp
vtmnpD69OeICJFW/dQKfJJQJHeuwxSZpMRuXVekYkrKRc5eRE6aEcxWU4E/hv7lr
sEoeIDoCGAr4UVctYOY0upJIHMdnwAb+FLOxQ7mTfb+cai38pWwhf18/yz/eaMqD
x09qVkz0nrJhjJDT7pDKpFiNA7Sujp7RaAPyadWKcMhs6fC5pQOE7ENHska5nEv5
u+iySTh3bC8TzqIbqCtDZqHE6BDiqBKJFt55LX55uhZMiMoUx5IL4wfbFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSNjpVXSkYnHWMOrsubuotsjeihMB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuNCT80B
Km2yDco65Dp4GTGYmv6+nfQH07tt5l+jFNAc25VxaKWmJLQFdV2+MPaIaAIbc0PT
uEHvEhqDZ1R0vzmdTGK4QePj7gtOme3XFzSO8eNjM7xxCHhrh0NyM7h+QvlauHmw
8IL2Yggx/TC0RSWK3pLBjHfRRDgvXDLobZQdMd9vPNRrb6AUkWRUc899ds4j2rXj
1OuFb4qfh0fTD5MOhT0cT7V66jTEKkibqs2dNUSkCSdAuhUFg8PGwTCcK/uMbffo
O1hwh2zunddrHRdWN0QGdiSlKfV8TUENuZJM+rQycPFF+BC2lDL9nXNGGqfJnab+
IcNIdqc0vOpbDA==
-----END CERTIFICATE-----