Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
File:                     3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json)
Hash identifier:          tiM0YIEaVM84OvAAFsMDInTGChpDtiptREIIyURgeZ0=
Subject key identifier:   1F:87:94:1E:88:00:99:9D:26:72:58:AF:C7:89:E6:91:B9:64:88:47
Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1
Certificate issuer:       /CN=dc4be25375942276b2644097dc3d5a875afb8af1
Certificate serial:       019D3865B5F95F45F1C1E477371A0A2A131A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
Manifest number:          0B43
Signing time:             Sun 29 Mar 2026 07:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:22 +0000
Files and hashes:         1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: I0qwQNcnrZP804WLqoqeg7qbRdcF0d32pMHegT3Rc6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b5:f9:5f:45:f1:c1:e4:77:37:1a:0a:2a:13:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1
        Validity
            Not Before: Mar 29 07:01:22 2026 GMT
            Not After : Mar 30 07:01:22 2026 GMT
        Subject: CN=1f87941e8800999d267258afc789e691b9648847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:49:4d:41:e6:5d:7d:b6:95:bb:f3:28:c1:18:
                    2d:a9:9d:07:ba:cd:34:1d:10:47:19:f3:6a:b1:6e:
                    cd:36:e8:53:b4:6a:b6:a5:52:d3:e8:1d:41:01:74:
                    e6:13:d5:44:88:5b:b2:49:64:95:fc:07:b1:28:75:
                    10:ab:2f:2a:08:87:17:c6:24:65:32:1f:1f:ff:34:
                    89:ce:51:a9:e1:83:fc:75:42:ba:d2:5c:b2:83:07:
                    2d:e6:74:5c:05:54:83:67:7b:a2:c9:bf:36:80:ce:
                    ce:c2:7a:9f:8e:ed:41:54:4c:ee:eb:2f:0f:2d:0b:
                    43:01:69:cb:71:c7:96:c1:c4:cd:c0:d5:d0:b4:23:
                    85:ce:53:37:0e:4a:18:dd:d8:bd:09:e1:2f:37:70:
                    e5:4e:bb:28:cf:fc:69:e6:64:af:c8:a6:45:1f:77:
                    19:91:d5:af:66:c7:08:5b:1f:99:04:96:b4:a1:23:
                    03:86:2f:9e:f8:48:14:60:93:d2:e0:78:61:fc:22:
                    6a:f0:77:de:01:d3:10:48:03:81:c7:8a:23:a8:88:
                    fe:8a:22:dd:13:7d:26:50:0b:d9:20:a9:c7:67:5c:
                    63:03:1e:bb:54:b0:67:bf:32:74:62:b1:0b:38:c8:
                    7d:41:fd:16:ba:80:35:82:c7:c0:f7:be:89:e1:b1:
                    4e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:87:94:1E:88:00:99:9D:26:72:58:AF:C7:89:E6:91:B9:64:88:47
            X509v3 Authority Key Identifier:
                keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:80:9d:f0:27:41:a7:ab:65:6d:64:0a:96:c7:52:6d:a5:14:
         a1:c5:75:e1:ef:60:93:9f:04:31:b5:d9:b0:fa:2a:78:ff:49:
         ac:1f:bf:f9:de:92:68:e6:03:0b:4d:b0:d1:21:33:17:d1:72:
         81:99:9f:43:91:56:3d:f5:cb:f9:02:7d:a1:85:9b:fb:d8:61:
         d5:f0:e7:a1:a2:e2:2f:cc:73:26:f4:ee:4d:a4:36:8b:94:d5:
         51:8e:a9:42:75:68:b1:4a:53:20:c2:8f:a1:40:d7:46:c1:aa:
         7c:39:4d:11:aa:fa:a1:0c:66:e3:03:a2:36:d5:d3:51:c7:ba:
         bc:2b:20:89:f4:14:87:fd:15:59:73:c3:c4:77:f4:71:5c:87:
         52:04:36:cc:95:f7:9e:43:3e:c2:9d:b9:72:a7:42:7f:3b:89:
         3f:69:d3:84:8c:b7:ad:4d:9f:90:86:c3:60:01:c4:1d:dd:c3:
         51:5c:05:90:8b:30:9c:b8:ec:ca:19:86:5b:56:57:c0:5c:57:
         9f:09:1f:47:2a:cf:f6:b5:7e:e9:f8:6f:9b:77:36:d7:10:e7:
         89:9c:36:cb:12:b9:83:44:14:b3:99:8a:a4:98:f6:dc:e0:ce:
         28:3b:98:3c:30:e1:c7:3a:37:78:25:00:ec:ae:e4:1a:21:d2:
         70:d8:46:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbX5X0XxweR3NxoKKhMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm
YjhhZjEwHhcNMjYwMzI5MDcwMTIyWhcNMjYwMzMwMDcwMTIyWjAzMTEwLwYDVQQD
EygxZjg3OTQxZTg4MDA5OTlkMjY3MjU4YWZjNzg5ZTY5MWI5NjQ4ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyElNQeZdfbaVu/MowRgtqZ0Hus00
HRBHGfNqsW7NNuhTtGq2pVLT6B1BAXTmE9VEiFuySWSV/AexKHUQqy8qCIcXxiRl
Mh8f/zSJzlGp4YP8dUK60lyygwct5nRcBVSDZ3uiyb82gM7Ownqfju1BVEzu6y8P
LQtDAWnLcceWwcTNwNXQtCOFzlM3DkoY3di9CeEvN3DlTrsoz/xp5mSvyKZFH3cZ
kdWvZscIWx+ZBJa0oSMDhi+e+EgUYJPS4Hhh/CJq8HfeAdMQSAOBx4ojqIj+iiLd
E30mUAvZIKnHZ1xjAx67VLBnvzJ0YrELOMh9Qf0WuoA1gsfA976J4bFO6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+HlB6IAJmdJnJYr8eJ5pG5ZIhHMB8GA1UdIwQY
MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt
MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl
LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXYCd8CdB
p6tlbWQKlsdSbaUUocV14e9gk58EMbXZsPoqeP9JrB+/+d6SaOYDC02w0SEzF9Fy
gZmfQ5FWPfXL+QJ9oYWb+9hh1fDnoaLiL8xzJvTuTaQ2i5TVUY6pQnVosUpTIMKP
oUDXRsGqfDlNEar6oQxm4wOiNtXTUce6vCsgifQUh/0VWXPDxHf0cVyHUgQ2zJX3
nkM+wp25cqdCfzuJP2nThIy3rU2fkIbDYAHEHd3DUVwFkIswnLjsyhmGW1ZXwFxX
nwkfRyrP9rV+6fhvm3c21xDniZw2yxK5g0QUs5mKpJj23ODOKDuYPDDhxzo3eCUA
7K7kGiHScNhGiA==
-----END CERTIFICATE-----