Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
File:                     mEL3HQwjZ4gu9HCLIGtLbimjezM.mft (raw, json)
Hash identifier:          HYK3akkJXBj7r5a4eFa8viC+MiR1Gwq59feqFT6DFcg=
Subject key identifier:   3B:93:B0:AE:91:31:1A:68:0C:78:F1:0C:2D:89:55:9D:56:7F:0F:EB
Authority key identifier: 98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33
Certificate issuer:       /CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
Certificate serial:       019D38658DFA1C2E8607592F2C6402A2A8B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
Manifest number:          1524
Signing time:             Sun 29 Mar 2026 07:01:12 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:12 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:12 +0000
Files and hashes:         1: mEL3HQwjZ4gu9HCLIGtLbimjezM.crl (hash: e+xENpSXaPdQeJkB0QzWkqVLlfaXFv614DeBxiv3s4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:8d:fa:1c:2e:86:07:59:2f:2c:64:02:a2:a8:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
        Validity
            Not Before: Mar 29 07:01:12 2026 GMT
            Not After : Mar 30 07:01:12 2026 GMT
        Subject: CN=3b93b0ae91311a680c78f10c2d89559d567f0feb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:95:c0:c5:8e:72:91:28:c3:b0:19:d6:00:70:
                    24:3a:11:4f:08:19:32:12:8e:96:88:40:6c:e7:28:
                    41:fd:41:04:28:9a:dd:d9:57:fb:83:b3:0e:37:16:
                    94:6b:4c:70:71:50:54:80:ad:7d:b7:71:6d:31:a5:
                    2d:8c:76:ab:a9:d2:9b:95:e1:d6:2c:a4:3c:ba:ed:
                    a7:51:90:8b:b2:b9:0b:98:d9:19:3a:79:f9:29:86:
                    94:42:ef:cf:42:67:17:4c:97:3d:50:65:98:00:8a:
                    a2:40:a8:9e:89:36:48:d8:f7:dc:8a:a4:7d:22:f7:
                    d7:4d:64:b7:be:58:4d:80:9d:44:b8:1e:f2:1c:c7:
                    52:68:cb:5b:57:4d:c5:fa:c4:82:a9:2f:4d:c4:c1:
                    1f:dc:cd:29:e8:92:f4:bc:80:41:07:e4:e1:2f:5e:
                    9b:e7:5a:5a:be:75:b0:9e:69:5b:24:d3:e9:8c:1f:
                    d5:ad:1b:e7:dd:78:ef:5c:d6:d4:67:ea:43:4d:5e:
                    ac:26:ce:70:11:60:66:b0:cf:a7:49:da:a1:80:63:
                    37:7c:ce:5f:88:97:3e:db:ab:1e:f1:43:b3:a6:5e:
                    9c:26:6e:ee:84:31:dd:76:85:3a:9c:00:62:49:f4:
                    9a:fa:16:c3:96:dd:84:53:8c:6c:e9:88:f3:45:a4:
                    30:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:93:B0:AE:91:31:1A:68:0C:78:F1:0C:2D:89:55:9D:56:7F:0F:EB
            X509v3 Authority Key Identifier:
                keyid:98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:06:5d:77:eb:b4:d1:ac:a5:10:61:6b:04:00:18:43:92:37:
         03:48:15:53:15:51:8d:53:5d:fa:9c:c2:d2:9c:7c:a8:80:0c:
         56:38:c2:be:08:fc:58:87:e8:1f:57:7c:8c:f0:a6:47:97:46:
         cf:1f:08:7a:ec:f9:6e:d1:b4:5a:d8:a9:63:9d:6d:04:ee:fc:
         f6:a9:14:8b:4a:e5:41:bd:da:55:5a:5f:94:bc:16:20:4b:96:
         ac:98:73:a8:29:90:3a:3d:e1:a1:26:2e:c7:da:82:33:61:42:
         9e:7c:34:b6:07:bc:cd:8b:e1:73:03:52:c4:f3:6f:b2:11:a8:
         7d:c5:77:6d:05:43:86:33:3d:b7:09:2a:ea:47:d5:77:e5:e2:
         8d:81:7b:98:16:24:95:8f:0d:cc:c2:01:0f:c5:bb:d3:9d:f6:
         7c:d3:ef:1e:1a:ce:6d:6f:aa:ec:2d:cd:f0:82:0f:56:f6:7b:
         c3:54:92:a7:b4:0c:d5:4e:ed:84:21:67:38:06:67:df:6e:ba:
         60:9f:4f:1f:d2:32:ec:1c:51:80:e3:52:36:3d:b3:43:ed:4c:
         be:ce:08:e3:c4:be:a9:6b:16:a1:48:51:28:dc:b2:e6:77:6f:
         90:87:b6:f2:03:b0:a9:f7:8e:53:a8:c4:32:4b:d7:73:27:63:
         73:d0:79:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZY36HC6GB1kvLGQCoqiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NDJmNzFkMGMyMzY3ODgyZWY0NzA4YjIwNmI0YjZlMjlh
MzdiMzMwHhcNMjYwMzI5MDcwMTEyWhcNMjYwMzMwMDcwMTEyWjAzMTEwLwYDVQQD
EygzYjkzYjBhZTkxMzExYTY4MGM3OGYxMGMyZDg5NTU5ZDU2N2YwZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9pXAxY5ykSjDsBnWAHAkOhFPCBky
Eo6WiEBs5yhB/UEEKJrd2Vf7g7MONxaUa0xwcVBUgK19t3FtMaUtjHarqdKbleHW
LKQ8uu2nUZCLsrkLmNkZOnn5KYaUQu/PQmcXTJc9UGWYAIqiQKieiTZI2PfciqR9
IvfXTWS3vlhNgJ1EuB7yHMdSaMtbV03F+sSCqS9NxMEf3M0p6JL0vIBBB+ThL16b
51pavnWwnmlbJNPpjB/VrRvn3XjvXNbUZ+pDTV6sJs5wEWBmsM+nSdqhgGM3fM5f
iJc+26se8UOzpl6cJm7uhDHddoU6nABiSfSa+hbDlt2EU4xs6YjzRaQwEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuTsK6RMRpoDHjxDC2JVZ1Wfw/rMB8GA1UdIwQY
MBaAFJhC9x0MI2eILvRwiyBrS24po3szMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUt
N2RhOGRiYWVhOTRhLzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUtN2RhOGRiYWVhOTRh
LzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQZdd+u0
0aylEGFrBAAYQ5I3A0gVUxVRjVNd+pzC0px8qIAMVjjCvgj8WIfoH1d8jPCmR5dG
zx8Ieuz5btG0WtipY51tBO789qkUi0rlQb3aVVpflLwWIEuWrJhzqCmQOj3hoSYu
x9qCM2FCnnw0tge8zYvhcwNSxPNvshGofcV3bQVDhjM9twkq6kfVd+XijYF7mBYk
lY8NzMIBD8W70532fNPvHhrObW+q7C3N8IIPVvZ7w1SSp7QM1U7thCFnOAZn3266
YJ9PH9Iy7BxRgONSNj2zQ+1Mvs4I48S+qWsWoUhRKNyy5ndvkIe28gOwqfeOU6jE
MkvXcydjc9B5Ow==
-----END CERTIFICATE-----