Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          fRMVqyhvMVr22q3gpQl/RFBS8KZdjJ2j4QYcnAY7DIY=
Subject key identifier:   7B:08:34:12:24:BD:CC:52:A5:3A:37:D8:70:58:4D:5F:55:44:26:96
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       019D3789456E0A02400CED7839E9A4522EA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          044D
Signing time:             Sun 29 Mar 2026 03:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:36 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: zoEMXLKLT/C8f6fQPM5Fdyh3kpm0CAS6U5kn60D94jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:45:6e:0a:02:40:0c:ed:78:39:e9:a4:52:2e:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Mar 29 03:00:36 2026 GMT
            Not After : Mar 30 03:00:36 2026 GMT
        Subject: CN=7b08341224bdcc52a53a37d870584d5f55442696
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:cf:66:8f:57:01:9d:5f:35:4a:c1:91:c9:36:
                    7a:93:ae:dc:90:fd:be:75:ad:c2:c7:42:77:a2:d4:
                    e0:10:86:e5:1a:3b:7d:cb:ab:42:71:9e:92:5b:96:
                    29:2a:43:ca:97:e6:ed:3b:2e:9c:2a:03:34:2a:9e:
                    fb:cb:9c:0e:7b:c3:92:81:00:7d:d4:13:49:83:c0:
                    df:db:51:be:ce:3e:cd:18:63:0a:ff:f7:03:14:ef:
                    ec:5b:b6:6d:1e:ed:d4:50:94:40:0d:3f:79:28:3a:
                    6c:1e:ce:50:59:78:17:5f:18:73:a3:c3:2b:e9:42:
                    17:89:9a:27:66:d9:fb:91:fc:bc:d1:d3:0d:b9:5b:
                    ca:fd:e6:5c:46:99:9b:c9:0d:b6:51:a2:94:2a:c2:
                    d2:80:8e:5a:a3:c6:57:7d:46:24:5c:f0:66:7c:2a:
                    f6:59:83:26:26:d4:19:bf:ec:96:d5:b7:84:9c:58:
                    bd:6f:f6:30:4b:c1:e0:ea:f5:52:32:0d:1c:8a:d2:
                    7c:c0:0b:f3:fa:45:26:35:1e:d0:14:5d:29:99:5e:
                    8a:7d:e5:de:71:05:7f:1a:ed:3d:42:3a:2f:94:2a:
                    22:34:d4:44:26:43:93:50:50:3e:dc:b1:a9:bf:a2:
                    16:ea:98:1a:8a:1e:e1:40:65:ae:5e:9e:ea:5d:ce:
                    5e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:08:34:12:24:BD:CC:52:A5:3A:37:D8:70:58:4D:5F:55:44:26:96
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:49:50:28:3e:69:ed:d5:1a:f2:74:7e:3b:ea:b0:f8:85:0a:
         39:c6:bb:d0:a8:47:f8:d4:2f:c1:63:60:e8:91:85:92:71:33:
         76:a5:2a:6a:5c:9c:65:f2:0c:24:95:07:0f:bf:b4:7c:48:7f:
         4a:f2:90:cb:d1:29:1f:f7:1d:1b:16:2d:58:2d:9b:a8:f9:f2:
         74:3e:a0:90:ad:79:8f:b4:8a:24:7e:88:41:e1:10:9b:cf:4c:
         4e:15:34:50:1d:b5:ba:95:b7:21:7e:64:a7:41:6e:86:9f:d3:
         e2:98:76:df:0a:ee:93:9f:77:3a:63:a4:26:6b:c9:65:4d:7c:
         9a:e1:bb:10:a4:b7:d5:97:5f:4f:6b:e0:5e:ad:a2:e8:fa:4d:
         fa:82:0e:ac:0f:ba:57:29:87:99:94:c2:77:6b:ef:3b:16:9e:
         11:2d:5b:9f:5b:3f:c0:18:ef:0f:e4:37:16:f0:e3:58:c7:a5:
         8d:32:17:c3:ba:21:3f:c8:d8:88:95:2e:dc:a4:72:42:38:08:
         ef:a5:a5:55:8e:01:3f:77:ec:cf:77:10:aa:18:fa:02:a4:61:
         ca:96:6d:c7:60:78:e7:5e:82:b0:72:4e:7a:91:44:62:a6:51:
         5d:12:01:8d:23:3e:dc:40:c4:0b:2e:ce:a6:f4:8c:c4:34:8d:
         91:83:ff:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iUVuCgJADO14OemkUi6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjYwMzI5MDMwMDM2WhcNMjYwMzMwMDMwMDM2WjAzMTEwLwYDVQQD
Eyg3YjA4MzQxMjI0YmRjYzUyYTUzYTM3ZDg3MDU4NGQ1ZjU1NDQyNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM9mj1cBnV81SsGRyTZ6k67ckP2+
da3Cx0J3otTgEIblGjt9y6tCcZ6SW5YpKkPKl+btOy6cKgM0Kp77y5wOe8OSgQB9
1BNJg8Df21G+zj7NGGMK//cDFO/sW7ZtHu3UUJRADT95KDpsHs5QWXgXXxhzo8Mr
6UIXiZonZtn7kfy80dMNuVvK/eZcRpmbyQ22UaKUKsLSgI5ao8ZXfUYkXPBmfCr2
WYMmJtQZv+yW1beEnFi9b/YwS8Hg6vVSMg0citJ8wAvz+kUmNR7QFF0pmV6KfeXe
cQV/Gu09QjovlCoiNNREJkOTUFA+3LGpv6IW6pgaih7hQGWuXp7qXc5edwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsINBIkvcxSpTo32HBYTV9VRCaWMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjUlQKD5p
7dUa8nR+O+qw+IUKOca70KhH+NQvwWNg6JGFknEzdqUqalycZfIMJJUHD7+0fEh/
SvKQy9EpH/cdGxYtWC2bqPnydD6gkK15j7SKJH6IQeEQm89MThU0UB21upW3IX5k
p0Fuhp/T4ph23wruk593OmOkJmvJZU18muG7EKS31ZdfT2vgXq2i6PpN+oIOrA+6
VymHmZTCd2vvOxaeES1bn1s/wBjvD+Q3FvDjWMeljTIXw7ohP8jYiJUu3KRyQjgI
76WlVY4BP3fsz3cQqhj6AqRhypZtx2B4516CsHJOepFEYqZRXRIBjSM+3EDECy7O
pvSMxDSNkYP/9A==
-----END CERTIFICATE-----