Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
File:                     l3rc9I_t4Rk44XfcBNxnnGktjBw.mft (raw, json)
Hash identifier:          i3Q/cvdt+sXsN9/UVqu70IUNIlAxoYXFgDbB9nn2kJQ=
Subject key identifier:   0B:AA:70:A8:B1:B0:F5:A4:55:02:90:FF:67:23:A1:A5:20:76:E2:4E
Authority key identifier: 97:7A:DC:F4:8F:ED:E1:19:38:E1:77:DC:04:DC:67:9C:69:2D:8C:1C
Certificate issuer:       /CN=977adcf48fede11938e177dc04dc679c692d8c1c
Certificate serial:       019D420DF02904B45396581735EF3A65AC3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
Manifest number:          0245
Signing time:             Tue 31 Mar 2026 04:01:42 +0000
Manifest this update:     Tue 31 Mar 2026 04:01:42 +0000
Manifest next update:     Wed 01 Apr 2026 04:01:42 +0000
Files and hashes:         1: l3rc9I_t4Rk44XfcBNxnnGktjBw.crl (hash: uSVkYhovdK+eJCobBRZBRNeabDUDP2JDrxpPGUUJI8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 31 Mar 2026 23:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:42:0d:f0:29:04:b4:53:96:58:17:35:ef:3a:65:ac:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977adcf48fede11938e177dc04dc679c692d8c1c
        Validity
            Not Before: Mar 31 04:01:42 2026 GMT
            Not After : Apr  1 04:01:42 2026 GMT
        Subject: CN=0baa70a8b1b0f5a4550290ff6723a1a52076e24e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:26:36:8e:57:45:4b:ec:48:03:6d:ad:30:6d:
                    5d:1a:cd:f2:c1:6c:ef:5e:83:34:bd:9f:23:7b:06:
                    e3:fc:8b:2b:a8:9f:37:f9:15:dc:b0:a7:c4:d1:e6:
                    8a:38:2b:88:b3:f5:d9:0d:dc:af:82:9f:5f:cc:ff:
                    15:67:97:11:cc:23:b3:55:3b:2c:61:45:98:f9:92:
                    03:fb:6c:d5:98:32:64:d6:97:cb:b3:72:06:78:98:
                    88:7c:68:89:02:53:96:75:d7:6c:f5:4e:fd:c3:09:
                    d9:a6:88:23:1f:de:2f:0e:af:6d:20:5b:ec:9e:b6:
                    7a:33:6d:e8:aa:2a:33:68:5a:4e:b9:ec:69:ff:f9:
                    b2:fd:be:b7:ac:84:9a:cb:0a:b5:39:64:36:b9:1c:
                    1a:c9:0b:aa:c2:55:48:48:e5:7a:a1:c4:79:6c:c7:
                    9a:21:71:5f:9f:fc:07:e9:06:eb:39:4b:14:e3:9f:
                    0c:36:72:f4:62:82:5f:07:0a:0f:bd:0a:e0:81:a5:
                    9d:b0:94:6d:5b:94:66:7b:44:a4:21:97:df:cd:ca:
                    ea:08:3f:96:22:4b:99:1e:d9:78:43:9e:5d:47:38:
                    5f:27:a1:3a:15:09:76:e1:54:53:61:5c:38:ab:c8:
                    ba:9e:4f:fc:eb:62:35:13:0d:d0:06:c2:29:c7:b0:
                    9e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:AA:70:A8:B1:B0:F5:A4:55:02:90:FF:67:23:A1:A5:20:76:E2:4E
            X509v3 Authority Key Identifier:
                keyid:97:7A:DC:F4:8F:ED:E1:19:38:E1:77:DC:04:DC:67:9C:69:2D:8C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:fe:07:2e:92:c8:83:28:86:b4:50:a5:20:90:9f:bc:08:3d:
         da:69:73:fa:76:6a:49:ef:38:61:19:17:7f:2d:62:4a:9c:a4:
         ae:a1:a0:19:28:6c:f5:da:8d:c0:96:d0:4d:14:91:79:b6:86:
         33:21:07:65:8e:ed:3a:1c:0c:9c:b3:86:aa:e7:f4:62:c6:16:
         a1:cb:27:31:43:97:2a:70:2c:26:bb:61:e6:69:87:a1:e5:ea:
         ab:fa:be:19:47:ab:40:6b:52:bc:03:90:38:03:b7:7c:03:72:
         d8:bd:80:89:be:34:62:9c:af:18:fe:2d:8b:5e:e9:e1:f9:8e:
         30:1e:f7:c3:51:b4:61:65:bf:77:e6:ea:3f:d9:e9:3a:8a:60:
         9e:b0:b2:28:e3:e2:1c:20:eb:7c:21:be:01:2f:a7:f0:dd:53:
         22:e6:9e:96:fa:10:7d:9e:20:63:7f:40:77:bc:4a:b1:e8:9b:
         bb:7a:c8:b4:bd:14:81:9e:e9:8e:a9:99:38:b2:cd:65:94:2c:
         23:62:9f:2e:ee:1c:34:9e:ce:31:8e:43:6a:6f:dc:72:7e:44:
         cd:46:f6:cf:86:46:8e:6b:83:48:78:d0:91:ab:53:f2:7c:e0:
         71:a9:8e:b5:5c:11:dd:c9:dc:5f:2c:ab:bc:62:17:90:d6:56:
         9e:dc:3f:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1CDfApBLRTllgXNe86Zaw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2FkY2Y0OGZlZGUxMTkzOGUxNzdkYzA0ZGM2NzljNjky
ZDhjMWMwHhcNMjYwMzMxMDQwMTQyWhcNMjYwNDAxMDQwMTQyWjAzMTEwLwYDVQQD
EygwYmFhNzBhOGIxYjBmNWE0NTUwMjkwZmY2NzIzYTFhNTIwNzZlMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCY2jldFS+xIA22tMG1dGs3ywWzv
XoM0vZ8jewbj/IsrqJ83+RXcsKfE0eaKOCuIs/XZDdyvgp9fzP8VZ5cRzCOzVTss
YUWY+ZID+2zVmDJk1pfLs3IGeJiIfGiJAlOWddds9U79wwnZpogjH94vDq9tIFvs
nrZ6M23oqiozaFpOuexp//my/b63rISaywq1OWQ2uRwayQuqwlVISOV6ocR5bMea
IXFfn/wH6QbrOUsU458MNnL0YoJfBwoPvQrggaWdsJRtW5Rme0SkIZffzcrqCD+W
IkuZHtl4Q55dRzhfJ6E6FQl24VRTYVw4q8i6nk/862I1Ew3QBsIpx7Ce+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAuqcKixsPWkVQKQ/2cjoaUgduJOMB8GA1UdIwQY
MBaAFJd63PSP7eEZOOF33ATcZ5xpLYwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mZTY3MjUtNzYwOS00YmMyLWI0OGIt
MjU0NzdkYWQ5NDM0LzEvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mZTY3MjUtNzYwOS00YmMyLWI0OGItMjU0NzdkYWQ5NDM0
LzEvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX/4HLpLI
gyiGtFClIJCfvAg92mlz+nZqSe84YRkXfy1iSpykrqGgGShs9dqNwJbQTRSRebaG
MyEHZY7tOhwMnLOGquf0YsYWocsnMUOXKnAsJrth5mmHoeXqq/q+GUerQGtSvAOQ
OAO3fANy2L2Aib40YpyvGP4ti17p4fmOMB73w1G0YWW/d+bqP9npOopgnrCyKOPi
HCDrfCG+AS+n8N1TIuaelvoQfZ4gY39Ad7xKseibu3rItL0UgZ7pjqmZOLLNZZQs
I2KfLu4cNJ7OMY5Dam/ccn5EzUb2z4ZGjmuDSHjQkatT8nzgcamOtVwR3cncXyyr
vGIXkNZWntw/OQ==
-----END CERTIFICATE-----