Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          PHsd+9tg4lkHmObFwL4gL+77HN14S7AsxK8qwr7C0BU=
Subject key identifier:   83:1E:B1:8B:25:11:08:E7:DF:0E:7B:A1:31:CD:21:5C:98:9E:87:9F
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       019D3865978E7198947AD8A5F0EEC68D2399
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          1144
Signing time:             Sun 29 Mar 2026 07:01:15 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:15 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:15 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: Gs4YFZ0BzkpCtRNNgzdJAcQ0Sfm9oyLT4PrT+mOooOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:97:8e:71:98:94:7a:d8:a5:f0:ee:c6:8d:23:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Mar 29 07:01:15 2026 GMT
            Not After : Mar 30 07:01:15 2026 GMT
        Subject: CN=831eb18b251108e7df0e7ba131cd215c989e879f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ea:06:24:57:1c:ca:00:9b:e0:6c:41:d9:6a:
                    9c:17:8d:8b:09:f8:5d:9d:59:01:02:c1:46:5c:33:
                    1b:0b:d4:1c:91:f7:82:4b:d9:52:c2:c6:75:42:49:
                    21:f9:d9:8e:ee:d7:d0:0d:ff:68:b2:e4:a8:b6:4a:
                    99:dd:ba:81:3c:f6:65:72:fd:ba:e8:be:fa:99:58:
                    b1:93:70:6a:ed:b1:46:be:57:7b:dc:bf:50:df:99:
                    08:fb:99:86:79:e3:65:4d:b7:d3:e5:53:a8:42:d9:
                    93:fb:ae:d0:83:7f:15:fd:88:8b:6e:78:9a:73:1a:
                    65:20:60:58:bf:e7:88:d4:44:df:cb:8c:9e:e0:9d:
                    ab:54:d1:9b:f4:f8:eb:a0:90:e3:fe:a2:56:70:97:
                    98:89:72:da:e3:b8:bd:c6:4d:cf:88:0a:3e:57:bf:
                    f6:89:af:b0:64:7f:2d:37:3b:55:65:2e:0f:e2:64:
                    8d:1d:79:45:05:46:a1:04:77:b3:de:f8:41:5a:2f:
                    a6:92:18:13:bc:09:39:76:bf:46:cb:49:5c:45:df:
                    6d:85:6c:ea:2b:92:cc:ff:95:b4:68:b3:5b:a9:92:
                    32:61:7e:31:de:7d:35:89:28:25:14:c7:57:20:6b:
                    36:8c:e4:3d:55:7a:5b:cb:5d:ac:8e:71:99:e6:28:
                    67:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:1E:B1:8B:25:11:08:E7:DF:0E:7B:A1:31:CD:21:5C:98:9E:87:9F
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:5b:61:90:28:bd:f8:1d:db:dc:a0:ae:3f:41:8b:c6:5e:92:
         a6:cb:89:47:4a:2f:e0:5b:9c:6b:34:28:05:c2:da:72:c5:a0:
         13:37:43:9e:56:0e:88:6f:83:96:a8:19:4f:86:7f:69:90:fc:
         23:de:a4:36:5e:7b:4e:1a:72:cf:04:b8:1c:d1:f1:5e:07:40:
         51:be:af:6e:55:df:03:77:36:6f:45:2b:4b:17:2a:f0:3c:4a:
         32:a6:ef:f5:9d:89:5c:b4:39:88:20:80:ae:d7:8b:08:4d:8a:
         cf:59:3b:fc:b6:0c:34:a7:4f:ea:20:82:a4:94:bd:8d:97:2a:
         86:fa:23:bc:a0:11:be:55:34:c9:22:b1:00:b0:16:8a:53:5d:
         05:40:83:1c:44:11:4d:5b:3a:08:ab:d6:e6:8d:29:f3:a2:58:
         92:a5:59:cd:94:34:da:e3:8b:3a:1c:7a:83:97:4e:36:a1:06:
         76:aa:70:27:06:72:77:d1:da:29:3e:56:eb:41:6d:be:63:90:
         c9:c4:76:95:dd:ec:2b:d1:58:ab:d9:8d:58:68:33:3e:2f:ce:
         b7:8d:74:31:5a:fd:9a:4c:07:1d:66:09:7a:92:f7:11:13:5d:
         14:fe:1f:1f:06:43:d0:64:df:e9:ba:b6:f5:4d:e7:dd:62:cf:
         19:21:4d:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZeOcZiUetil8O7GjSOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjYwMzI5MDcwMTE1WhcNMjYwMzMwMDcwMTE1WjAzMTEwLwYDVQQD
Eyg4MzFlYjE4YjI1MTEwOGU3ZGYwZTdiYTEzMWNkMjE1Yzk4OWU4NzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+oGJFccygCb4GxB2WqcF42LCfhd
nVkBAsFGXDMbC9QckfeCS9lSwsZ1Qkkh+dmO7tfQDf9osuSotkqZ3bqBPPZlcv26
6L76mVixk3Bq7bFGvld73L9Q35kI+5mGeeNlTbfT5VOoQtmT+67Qg38V/YiLbnia
cxplIGBYv+eI1ETfy4ye4J2rVNGb9PjroJDj/qJWcJeYiXLa47i9xk3PiAo+V7/2
ia+wZH8tNztVZS4P4mSNHXlFBUahBHez3vhBWi+mkhgTvAk5dr9Gy0lcRd9thWzq
K5LM/5W0aLNbqZIyYX4x3n01iSglFMdXIGs2jOQ9VXpby12sjnGZ5ihn7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMesYslEQjn3w57oTHNIVyYnoefMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAClthkCi9
+B3b3KCuP0GLxl6SpsuJR0ov4FucazQoBcLacsWgEzdDnlYOiG+DlqgZT4Z/aZD8
I96kNl57ThpyzwS4HNHxXgdAUb6vblXfA3c2b0UrSxcq8DxKMqbv9Z2JXLQ5iCCA
rteLCE2Kz1k7/LYMNKdP6iCCpJS9jZcqhvojvKARvlU0ySKxALAWilNdBUCDHEQR
TVs6CKvW5o0p86JYkqVZzZQ02uOLOhx6g5dONqEGdqpwJwZyd9HaKT5W60FtvmOQ
ycR2ld3sK9FYq9mNWGgzPi/Ot410MVr9mkwHHWYJepL3ERNdFP4fHwZD0GTf6bq2
9U3n3WLPGSFN+g==
-----END CERTIFICATE-----