Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
File:                     3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json)
Hash identifier:          OMcg8EoEPiPtQfOrIkJlnouw+EfCp3nSyyZje+6Q59s=
Subject key identifier:   6C:D0:71:80:80:AD:C5:F0:2F:7C:8D:CD:C4:9C:08:A3:BC:B0:E6:B4
Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
Certificate issuer:       /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Certificate serial:       019D37F778F0885807A3C99E8EFD108E6E3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
Manifest number:          07E0
Signing time:             Sun 29 Mar 2026 05:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:58 +0000
Files and hashes:         1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: XB+UycHdNiW3o0lx+uT03Wa32QxNTm/hYrMGx7oRHd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:78:f0:88:58:07:a3:c9:9e:8e:fd:10:8e:6e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
        Validity
            Not Before: Mar 29 05:00:58 2026 GMT
            Not After : Mar 30 05:00:58 2026 GMT
        Subject: CN=6cd0718080adc5f02f7c8dcdc49c08a3bcb0e6b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:65:9b:89:81:d3:36:d3:7e:bd:03:14:f6:ff:
                    3e:73:b5:64:4b:64:d6:1f:44:c3:21:9b:57:80:79:
                    cb:38:65:4b:ec:51:38:5b:59:e1:84:78:c8:a9:45:
                    46:60:ce:61:a0:ec:99:c3:cc:d5:5a:3e:72:d6:0a:
                    2b:a3:f2:d2:4c:9d:85:a6:58:43:18:5d:b8:af:70:
                    73:68:1d:6e:b0:d2:93:24:ed:b9:2a:83:c5:05:c6:
                    9a:a8:79:d0:7e:68:87:ca:f2:b7:4f:46:8a:7d:89:
                    e3:f7:fc:e8:3d:b0:9e:a2:bc:9c:e8:a3:6c:0a:88:
                    a1:84:d3:4c:2a:a4:a3:67:37:c7:7c:81:05:1d:79:
                    04:77:5e:f7:1d:80:be:2c:bd:96:c1:bb:81:0c:3f:
                    0f:bf:49:f9:dc:90:8b:5f:9f:31:c7:ce:3a:48:d4:
                    1f:44:52:4a:30:d8:0b:7c:dc:42:5e:27:91:d7:36:
                    ea:d5:fe:0d:fd:0c:cb:d0:f5:9a:04:8d:56:76:62:
                    e1:eb:1a:6b:15:ab:7a:60:72:a6:e5:8d:0c:02:fc:
                    83:6f:ac:8c:c5:c0:ae:0c:94:7d:38:63:bc:a3:93:
                    32:2e:e6:2a:9f:52:27:bd:2b:78:08:1e:15:af:98:
                    59:d2:77:c3:58:c1:23:26:97:57:72:65:8e:9e:69:
                    fb:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:D0:71:80:80:AD:C5:F0:2F:7C:8D:CD:C4:9C:08:A3:BC:B0:E6:B4
            X509v3 Authority Key Identifier:
                keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:a7:d7:f0:c3:f7:a8:44:2c:6c:ef:25:e1:d7:e6:5f:0b:24:
         71:1f:a4:d8:3a:a1:cd:9f:2b:6c:15:50:82:f5:1a:3d:2c:72:
         45:46:ee:8c:49:4d:38:1e:6b:17:1e:67:86:f2:1a:f5:13:85:
         3a:5b:a9:3b:52:35:01:ab:10:9d:ba:12:88:b1:cc:2c:b9:2f:
         6b:4a:7b:71:bd:a8:38:b3:5a:3d:10:45:af:a4:74:93:54:1f:
         27:34:0d:ad:b9:73:2e:45:14:48:16:9b:c6:d8:0e:14:43:0c:
         58:85:18:c3:05:4e:f9:81:8c:87:98:18:d0:76:55:ad:3e:db:
         5d:8b:47:8c:87:ec:4f:f9:f8:8c:dc:bc:fd:d3:ed:84:d2:5c:
         93:a5:06:6e:a7:b3:83:be:73:a7:ce:c5:18:a0:e2:19:23:71:
         ca:6b:75:9f:e1:72:0f:87:54:e5:fd:8f:57:ee:7b:61:50:97:
         92:5d:59:c0:5b:f6:b7:d8:01:75:79:d6:77:1d:7f:a1:71:f5:
         7e:8e:dc:c8:b3:60:bb:6d:6f:09:2d:97:6d:7c:48:fa:c5:95:
         fd:26:7d:30:0b:61:d0:f3:0f:b3:17:38:58:ad:66:96:78:c6:
         ab:a2:2b:c3:45:cf:ad:d4:da:87:00:41:bd:1e:2a:02:91:f9:
         68:af:3b:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0393jwiFgHo8mejv0Qjm46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi
ZDkxYTQwHhcNMjYwMzI5MDUwMDU4WhcNMjYwMzMwMDUwMDU4WjAzMTEwLwYDVQQD
Eyg2Y2QwNzE4MDgwYWRjNWYwMmY3YzhkY2RjNDljMDhhM2JjYjBlNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWWbiYHTNtN+vQMU9v8+c7VkS2TW
H0TDIZtXgHnLOGVL7FE4W1nhhHjIqUVGYM5hoOyZw8zVWj5y1goro/LSTJ2FplhD
GF24r3BzaB1usNKTJO25KoPFBcaaqHnQfmiHyvK3T0aKfYnj9/zoPbCeoryc6KNs
CoihhNNMKqSjZzfHfIEFHXkEd173HYC+LL2WwbuBDD8Pv0n53JCLX58xx846SNQf
RFJKMNgLfNxCXieR1zbq1f4N/QzL0PWaBI1WdmLh6xprFat6YHKm5Y0MAvyDb6yM
xcCuDJR9OGO8o5MyLuYqn1InvSt4CB4Vr5hZ0nfDWMEjJpdXcmWOnmn7aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzQcYCArcXwL3yNzcScCKO8sOa0MB8GA1UdIwQY
MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt
MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx
LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEqfX8MP3
qEQsbO8l4dfmXwskcR+k2DqhzZ8rbBVQgvUaPSxyRUbujElNOB5rFx5nhvIa9ROF
OlupO1I1AasQnboSiLHMLLkva0p7cb2oOLNaPRBFr6R0k1QfJzQNrblzLkUUSBab
xtgOFEMMWIUYwwVO+YGMh5gY0HZVrT7bXYtHjIfsT/n4jNy8/dPthNJck6UGbqez
g75zp87FGKDiGSNxymt1n+FyD4dU5f2PV+57YVCXkl1ZwFv2t9gBdXnWdx1/oXH1
fo7cyLNgu21vCS2XbXxI+sWV/SZ9MAth0PMPsxc4WK1mlnjGq6Irw0XPrdTahwBB
vR4qApH5aK87xw==
-----END CERTIFICATE-----