Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          Pb8tUQs1TWFjzvVxK3ujU0fL1ViDYywkPtzub2Smm3Y=
Subject key identifier:   F5:7E:F2:4A:71:38:EE:D3:A0:60:F8:DE:E8:3E:8D:D1:E7:DD:5A:3E
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019F17C26A347F04AFCD1FB978A235A4A331
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0D31
Signing time:             Tue 30 Jun 2026 09:00:44 +0000
Manifest this update:     Tue 30 Jun 2026 09:00:44 +0000
Manifest next update:     Wed 01 Jul 2026 09:00:44 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: A7HEgnszhuVRzSSh3ys7GpJ3LxU+yQ7TfGfeeGzkV7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c2:6a:34:7f:04:af:cd:1f:b9:78:a2:35:a4:a3:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Jun 30 09:00:44 2026 GMT
            Not After : Jul  1 09:00:44 2026 GMT
        Subject: CN=f57ef24a7138eed3a060f8dee83e8dd1e7dd5a3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e6:a0:34:11:d9:4c:5f:4c:cf:86:5c:a1:b3:
                    fa:31:cf:f3:28:4c:64:10:53:6d:4b:d2:45:dc:f2:
                    f7:b4:2a:b3:b6:4b:cb:2e:1c:a0:ed:58:1f:87:c7:
                    35:99:96:ad:ea:56:e9:34:b7:c5:88:f6:ca:d2:f1:
                    95:5c:d7:72:02:fe:64:52:d9:89:38:12:d4:09:85:
                    81:88:fb:5b:41:0c:4e:f5:8d:82:d9:67:4c:77:b6:
                    5a:ee:c4:ac:0a:53:96:78:b1:2f:b2:47:25:fb:c5:
                    9e:de:ef:df:09:98:6e:03:7b:df:1d:02:1d:06:bd:
                    32:35:3f:07:e8:e3:91:be:c4:53:03:3e:57:12:51:
                    cb:28:48:3c:5f:03:32:be:57:f9:b2:6a:46:52:64:
                    e8:3f:a3:9d:66:41:a1:d8:3b:81:5c:a6:ab:fc:2d:
                    b2:38:be:89:87:d0:7a:5b:b2:7f:3a:de:a3:fb:3c:
                    e5:e2:0b:03:dc:fb:c4:86:ff:76:8f:5c:86:97:82:
                    51:8e:bf:df:be:4a:f1:0c:37:b7:7f:1b:00:63:bf:
                    cc:1a:35:e9:dd:33:90:02:67:f8:e9:c2:bc:67:2f:
                    ea:5e:8e:ff:dc:54:bf:e7:11:9f:6f:76:f6:c1:eb:
                    01:15:e9:f7:60:1c:2f:35:ea:34:72:2c:5c:63:82:
                    be:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:7E:F2:4A:71:38:EE:D3:A0:60:F8:DE:E8:3E:8D:D1:E7:DD:5A:3E
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:d1:83:3b:41:79:e0:f7:4f:fe:38:f7:1f:b4:41:25:d5:7c:
         71:1a:a3:39:f2:56:bb:57:d8:1d:93:f3:9d:95:c9:ca:c3:31:
         00:02:d0:ec:df:45:95:d7:dc:20:7b:c2:00:10:03:06:ce:bb:
         e9:54:76:7d:a4:db:15:61:71:67:a2:ac:7c:9a:de:8b:b5:5e:
         6a:c3:e8:e3:9d:be:75:b8:67:0b:8b:fb:ce:ea:d4:b6:6c:13:
         90:ee:40:0a:18:95:25:2b:fd:d6:55:e5:77:82:f9:d0:a4:c0:
         0c:6d:08:5d:70:f8:5d:06:31:79:2b:7d:d5:75:5a:61:e6:4c:
         f9:b5:c0:f5:9c:ab:96:4f:b7:e4:78:84:b0:eb:2d:61:9b:8a:
         1b:ab:53:bf:2e:cc:49:85:e7:a4:b1:9b:1d:b9:2a:32:3e:90:
         8d:8a:09:89:a9:c7:44:66:73:cb:8a:42:13:d5:6a:e3:45:81:
         c7:01:dd:8a:1b:cf:35:34:5a:54:eb:58:7b:4e:36:45:66:00:
         66:86:14:f8:ce:96:34:8f:27:c4:f3:2b:2d:fc:90:14:e5:f1:
         a7:0d:c0:2c:28:11:d1:7c:9a:8c:7f:60:dd:e2:0f:95:84:49:
         2a:02:b5:8e:81:28:e8:bb:a0:7e:89:e7:30:a2:56:ca:76:d1:
         9e:72:3d:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Xwmo0fwSvzR+5eKI1pKMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjYwNjMwMDkwMDQ0WhcNMjYwNzAxMDkwMDQ0WjAzMTEwLwYDVQQD
EyhmNTdlZjI0YTcxMzhlZWQzYTA2MGY4ZGVlODNlOGRkMWU3ZGQ1YTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+agNBHZTF9Mz4ZcobP6Mc/zKExk
EFNtS9JF3PL3tCqztkvLLhyg7Vgfh8c1mZat6lbpNLfFiPbK0vGVXNdyAv5kUtmJ
OBLUCYWBiPtbQQxO9Y2C2WdMd7Za7sSsClOWeLEvskcl+8We3u/fCZhuA3vfHQId
Br0yNT8H6OORvsRTAz5XElHLKEg8XwMyvlf5smpGUmToP6OdZkGh2DuBXKar/C2y
OL6Jh9B6W7J/Ot6j+zzl4gsD3PvEhv92j1yGl4JRjr/fvkrxDDe3fxsAY7/MGjXp
3TOQAmf46cK8Zy/qXo7/3FS/5xGfb3b2wesBFen3YBwvNeo0cixcY4K+VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPV+8kpxOO7ToGD43ug+jdHn3Vo+MB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9GDO0F5
4PdP/jj3H7RBJdV8cRqjOfJWu1fYHZPznZXJysMxAALQ7N9FldfcIHvCABADBs67
6VR2faTbFWFxZ6KsfJrei7VeasPo452+dbhnC4v7zurUtmwTkO5AChiVJSv91lXl
d4L50KTADG0IXXD4XQYxeSt91XVaYeZM+bXA9Zyrlk+35HiEsOstYZuKG6tTvy7M
SYXnpLGbHbkqMj6QjYoJianHRGZzy4pCE9Vq40WBxwHdihvPNTRaVOtYe042RWYA
ZoYU+M6WNI8nxPMrLfyQFOXxpw3ALCgR0XyajH9g3eIPlYRJKgK1joEo6Lugfonn
MKJWynbRnnI9kA==
-----END CERTIFICATE-----