Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
File:                     3Feh-cEhycK2-U04p1-_3MVN8Fs.mft (raw, json)
Hash identifier:          w/xNJGlindeqBV8P15EaZ1JNxRh/raZ0MQ+wzlHXQ1M=
Subject key identifier:   D6:4F:CB:55:38:98:9A:53:03:31:97:A1:1D:6C:06:7F:9E:DD:69:1C
Authority key identifier: DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B
Certificate issuer:       /CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
Certificate serial:       019D38D30A0F7950F3ECA10907D4305A4B1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
Manifest number:          0D05
Signing time:             Sun 29 Mar 2026 09:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:47 +0000
Files and hashes:         1: 3Feh-cEhycK2-U04p1-_3MVN8Fs.crl (hash: PU52BQQY2WLb+kYxMUs3E+j9l1Fht230IgcLwBTCHWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:0a:0f:79:50:f3:ec:a1:09:07:d4:30:5a:4b:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
        Validity
            Not Before: Mar 29 09:00:47 2026 GMT
            Not After : Mar 30 09:00:47 2026 GMT
        Subject: CN=d64fcb5538989a53033197a11d6c067f9edd691c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f1:3f:5c:5d:17:d8:ed:86:18:18:f2:2d:ea:
                    2c:ba:ce:9e:44:5b:f7:84:1d:79:ef:0b:bd:44:59:
                    35:c1:a5:20:91:76:81:34:05:ca:ab:bb:75:5f:c5:
                    66:35:03:1e:b4:ee:4e:a3:e0:1e:ae:49:ba:76:42:
                    24:51:e5:3c:99:08:2b:82:32:70:b9:f5:03:c3:01:
                    15:e0:d2:47:cb:aa:ca:33:14:54:03:e4:9a:47:50:
                    d5:29:55:7e:38:68:2a:05:1c:a3:c2:c0:6c:40:2f:
                    1a:27:f3:d2:c1:2c:11:de:ee:4d:33:b8:c5:5e:27:
                    fa:cf:66:2a:93:2c:0f:91:2c:63:8b:a4:c8:12:52:
                    ef:46:40:0b:c4:29:cf:96:5e:ef:60:8f:8f:f4:b1:
                    20:4a:c4:6d:7a:3a:a5:ab:7e:8e:6e:f3:89:f4:e4:
                    ec:0a:50:5e:d5:da:c4:55:1b:52:b6:d8:9f:4e:d0:
                    09:ab:3a:00:d9:1e:00:70:8f:dd:09:50:40:77:67:
                    75:bb:97:cd:d0:00:e7:bb:1e:b7:41:d3:9c:c3:d8:
                    f7:8f:61:e1:b2:02:db:b5:37:6f:29:60:d7:59:c6:
                    b4:c6:bc:3f:c6:07:b7:bc:8d:7a:bc:f7:b4:5b:cc:
                    bc:5d:c0:8c:70:6c:e0:f5:da:1b:13:50:f6:c3:44:
                    50:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:4F:CB:55:38:98:9A:53:03:31:97:A1:1D:6C:06:7F:9E:DD:69:1C
            X509v3 Authority Key Identifier:
                keyid:DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:f6:9b:39:b6:71:c4:48:f5:ba:35:0a:de:6c:a4:26:12:8f:
         d4:a3:6c:67:44:99:55:a3:13:af:c1:ea:c7:84:98:db:c7:53:
         61:5c:74:93:1c:ad:2d:2e:4f:48:0d:e4:4d:8a:db:bb:76:47:
         63:3a:8a:56:70:ea:1c:05:54:e4:47:a0:78:f9:ff:88:04:f2:
         9a:1d:5c:0e:c3:41:36:b2:45:0a:76:f3:fd:6c:59:54:8a:95:
         ca:c3:8c:68:24:30:cf:e6:7a:b1:e8:d5:e0:e0:d8:9f:f7:f4:
         34:f0:48:3d:ec:6c:86:bf:6e:ed:81:94:75:90:92:8a:b3:45:
         0e:aa:7d:ba:73:d5:5e:71:ea:ff:d4:73:f9:ea:4e:fd:f1:54:
         ee:58:f8:b9:57:46:4d:00:c8:8e:9b:3a:2d:a7:b1:99:39:b4:
         b8:ef:c6:a3:9b:15:91:28:a5:c6:ca:f2:33:a3:88:8e:b8:ec:
         ff:b9:ff:37:e7:35:63:30:0d:39:09:0a:f2:f5:67:6f:c7:2b:
         f7:aa:80:9e:d5:96:45:6a:c9:03:9f:67:fb:da:b7:a6:80:f7:
         82:ad:5a:7d:69:4a:16:0d:6d:b4:1c:71:77:e3:6b:4c:24:e4:
         79:01:94:c0:42:13:34:9a:d3:d5:1f:60:3f:a0:59:05:c8:b9:
         20:c1:a6:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040woPeVDz7KEJB9QwWksfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNTdhMWY5YzEyMWM5YzJiNmY5NGQzOGE3NWZiZmRjYzU0
ZGYwNWIwHhcNMjYwMzI5MDkwMDQ3WhcNMjYwMzMwMDkwMDQ3WjAzMTEwLwYDVQQD
EyhkNjRmY2I1NTM4OTg5YTUzMDMzMTk3YTExZDZjMDY3ZjllZGQ2OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPE/XF0X2O2GGBjyLeosus6eRFv3
hB157wu9RFk1waUgkXaBNAXKq7t1X8VmNQMetO5Oo+Aerkm6dkIkUeU8mQgrgjJw
ufUDwwEV4NJHy6rKMxRUA+SaR1DVKVV+OGgqBRyjwsBsQC8aJ/PSwSwR3u5NM7jF
Xif6z2YqkywPkSxji6TIElLvRkALxCnPll7vYI+P9LEgSsRtejqlq36ObvOJ9OTs
ClBe1drEVRtSttifTtAJqzoA2R4AcI/dCVBAd2d1u5fN0ADnux63QdOcw9j3j2Hh
sgLbtTdvKWDXWca0xrw/xge3vI16vPe0W8y8XcCMcGzg9dobE1D2w0RQmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZPy1U4mJpTAzGXoR1sBn+e3WkcMB8GA1UdIwQY
MBaAFNxXofnBIcnCtvlNOKdfv9zFTfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUt
ZGQxMTNjNjk4ZDEyLzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUtZGQxMTNjNjk4ZDEy
LzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/abObZx
xEj1ujUK3mykJhKP1KNsZ0SZVaMTr8Hqx4SY28dTYVx0kxytLS5PSA3kTYrbu3ZH
YzqKVnDqHAVU5EegePn/iATymh1cDsNBNrJFCnbz/WxZVIqVysOMaCQwz+Z6sejV
4ODYn/f0NPBIPexshr9u7YGUdZCSirNFDqp9unPVXnHq/9Rz+epO/fFU7lj4uVdG
TQDIjps6LaexmTm0uO/Go5sVkSilxsryM6OIjrjs/7n/N+c1YzANOQkK8vVnb8cr
96qAntWWRWrJA59n+9q3poD3gq1afWlKFg1ttBxxd+NrTCTkeQGUwEITNJrT1R9g
P6BZBci5IMGm8g==
-----END CERTIFICATE-----