Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          tGPm1WhZZZtF+u6SGSdWOSSbEYQv6ohNyZQ+4zASHc8=
Subject key identifier:   AC:8C:C7:0C:9C:00:79:F7:00:A4:9D:1B:61:D8:5D:C1:2C:09:6B:79
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019D38D34CC93B26E71A0B00DA8839611901
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0C39
Signing time:             Sun 29 Mar 2026 09:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:04 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: m8qtOh36Fn74u/L5q8UiiFovKcZ0DZxWBCpzAycy1a0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:4c:c9:3b:26:e7:1a:0b:00:da:88:39:61:19:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Mar 29 09:01:04 2026 GMT
            Not After : Mar 30 09:01:04 2026 GMT
        Subject: CN=ac8cc70c9c0079f700a49d1b61d85dc12c096b79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b5:21:61:b7:13:37:36:97:9e:81:cd:2d:72:
                    dd:50:79:ce:04:3c:95:84:dd:d8:ae:8a:e6:50:5e:
                    1b:5e:63:a3:a0:9b:c3:73:31:6e:b3:9d:5a:b6:c7:
                    22:bd:92:c5:79:3e:9a:52:3f:82:de:b4:1d:25:e7:
                    92:b7:54:cd:78:78:c2:01:4c:f0:23:d3:77:c2:c5:
                    88:6f:09:66:76:82:c2:32:56:04:76:a1:14:5e:52:
                    d3:2e:c7:ad:3a:c0:cf:ab:c5:d9:ae:0b:8d:82:77:
                    3a:84:9b:07:88:f6:7f:45:bd:ba:dd:0b:d0:30:95:
                    0a:af:79:04:f4:4f:85:18:d1:6c:b4:4d:b4:3f:c5:
                    2a:ad:f5:a7:77:06:fe:9a:f8:ad:e0:19:e1:b3:0b:
                    fe:cb:d2:e2:31:29:3e:c0:e6:f0:21:37:88:8d:8f:
                    c3:ea:2e:9b:9f:1e:51:3f:83:58:3d:b7:51:0c:4a:
                    fb:cb:2e:ed:8c:82:7e:e6:ae:e3:94:69:89:95:0d:
                    28:22:11:26:8b:32:b4:f7:dc:84:dd:1a:0a:ef:34:
                    ce:8d:a4:95:ea:80:44:f0:37:e0:7b:d1:76:98:c4:
                    7e:76:fb:5d:84:2e:d7:80:41:f1:55:4e:ca:4f:90:
                    09:68:8e:b8:a5:33:11:a8:ce:33:5a:e7:97:a0:4c:
                    a1:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:8C:C7:0C:9C:00:79:F7:00:A4:9D:1B:61:D8:5D:C1:2C:09:6B:79
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:8c:14:c4:4a:08:a4:d3:3a:2e:53:4b:7d:95:1c:9e:d9:55:
         15:4b:5f:3a:a2:18:89:97:18:f9:0c:85:a2:c5:bb:3f:7c:f0:
         0a:ab:ba:73:9d:b8:99:f2:00:c6:5d:50:72:56:69:0e:77:de:
         fa:17:b1:69:17:1c:8b:24:2f:c2:cf:d1:59:ca:97:ee:84:b4:
         6b:e3:5b:d5:8c:1b:34:73:c5:76:07:d2:2d:9d:57:a2:52:2c:
         71:1f:cc:1d:c2:10:77:1e:ec:4a:46:18:d0:92:bf:1f:a9:8e:
         58:c9:63:61:d3:e6:75:d8:66:fb:30:58:1d:cb:12:a8:86:34:
         b3:22:6d:24:35:a5:71:d1:6d:70:1e:ed:3b:82:7f:75:d1:80:
         ea:33:33:fa:8b:4a:aa:7d:fa:a6:c8:f5:fe:71:8f:2a:a9:66:
         57:e3:7b:85:33:15:0c:cf:6b:e4:8a:7c:75:df:01:03:be:01:
         9d:15:59:6b:8d:84:50:b8:c4:09:1c:b1:f3:1b:35:0a:bf:37:
         8b:8f:1b:b4:84:36:99:47:f8:22:1c:18:3a:12:c7:5a:7d:4c:
         bb:00:99:e7:4c:71:63:8b:05:5e:77:c5:9f:15:cd:92:0b:7d:
         14:c6:b0:a4:69:f7:34:3b:1e:57:52:3c:5f:be:72:f7:77:54:
         41:db:3d:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0400zJOybnGgsA2og5YRkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjYwMzI5MDkwMTA0WhcNMjYwMzMwMDkwMTA0WjAzMTEwLwYDVQQD
EyhhYzhjYzcwYzljMDA3OWY3MDBhNDlkMWI2MWQ4NWRjMTJjMDk2Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7UhYbcTNzaXnoHNLXLdUHnOBDyV
hN3YrormUF4bXmOjoJvDczFus51atscivZLFeT6aUj+C3rQdJeeSt1TNeHjCAUzw
I9N3wsWIbwlmdoLCMlYEdqEUXlLTLsetOsDPq8XZrguNgnc6hJsHiPZ/Rb263QvQ
MJUKr3kE9E+FGNFstE20P8UqrfWndwb+mvit4Bnhswv+y9LiMSk+wObwITeIjY/D
6i6bnx5RP4NYPbdRDEr7yy7tjIJ+5q7jlGmJlQ0oIhEmizK099yE3RoK7zTOjaSV
6oBE8Dfge9F2mMR+dvtdhC7XgEHxVU7KT5AJaI64pTMRqM4zWueXoEyh/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyMxwycAHn3AKSdG2HYXcEsCWt5MB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACYwUxEoI
pNM6LlNLfZUcntlVFUtfOqIYiZcY+QyFosW7P3zwCqu6c524mfIAxl1QclZpDnfe
+hexaRcciyQvws/RWcqX7oS0a+Nb1YwbNHPFdgfSLZ1XolIscR/MHcIQdx7sSkYY
0JK/H6mOWMljYdPmddhm+zBYHcsSqIY0syJtJDWlcdFtcB7tO4J/ddGA6jMz+otK
qn36psj1/nGPKqlmV+N7hTMVDM9r5Ip8dd8BA74BnRVZa42EULjECRyx8xs1Cr83
i48btIQ2mUf4IhwYOhLHWn1MuwCZ50xxY4sFXnfFnxXNkgt9FMawpGn3NDseV1I8
X75y93dUQds9yg==
-----END CERTIFICATE-----