Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
File:                     _e3ZOtbKqmCtSfD5N32Kq_h34ts.mft (raw, json)
Hash identifier:          rKISNDFaf0dwBWOCDDjRc2tPA7uhypOuJIb1ljOkJhE=
Subject key identifier:   35:48:D2:35:FB:6E:60:98:91:A9:BC:9F:7D:B7:CA:BB:F4:F7:52:E5
Authority key identifier: FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB
Certificate issuer:       /CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
Certificate serial:       019D2AE09A320BBD986F161246F9EEDC59D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
Manifest number:          0A07
Signing time:             Thu 26 Mar 2026 16:00:55 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:55 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:55 +0000
Files and hashes:         1: _e3ZOtbKqmCtSfD5N32Kq_h34ts.crl (hash: hinnCXZ4xoY+zXJTj/DmhDoLA8h1X9VDE2+3IJK4gL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:9a:32:0b:bd:98:6f:16:12:46:f9:ee:dc:59:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
        Validity
            Not Before: Mar 26 16:00:55 2026 GMT
            Not After : Mar 27 16:00:55 2026 GMT
        Subject: CN=3548d235fb6e609891a9bc9f7db7cabbf4f752e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:29:cc:3e:f0:29:c6:96:f3:60:c3:be:4b:8b:
                    32:90:12:08:38:d4:18:be:76:1d:00:89:65:30:40:
                    0a:97:b1:54:c8:39:4e:58:20:7d:31:89:eb:3b:54:
                    7d:b9:0c:52:6c:6f:a0:07:cc:1b:6f:03:b7:fb:16:
                    1b:1b:e5:67:8f:d2:a9:82:ed:45:29:88:59:9b:1b:
                    43:3e:99:09:47:fe:5e:0f:a7:0f:21:e0:c8:37:27:
                    6d:7e:3a:ef:bb:c8:73:1b:42:4e:c3:75:76:82:fe:
                    43:af:e6:7f:c3:e2:20:64:38:f5:41:4e:08:99:e0:
                    07:32:6c:2f:c1:04:8f:7b:fd:ea:6c:e3:24:47:5f:
                    6c:40:60:39:d8:c5:6b:02:e2:bf:6a:03:3f:52:49:
                    3d:4b:0c:93:3e:da:76:39:4c:c5:d6:bb:07:2b:5e:
                    8e:16:61:e6:47:f9:aa:2b:fd:c4:1e:6b:94:83:2d:
                    bb:97:fd:cb:46:24:c4:ed:7d:06:c8:69:9a:34:a8:
                    32:ce:d7:a6:8a:77:71:d0:d5:ae:cd:bf:50:65:d4:
                    f5:69:16:c5:da:ca:07:1d:3c:e5:47:ca:e5:cb:36:
                    91:2b:1c:54:cf:d2:3d:1c:79:1e:8c:0e:fa:87:2b:
                    9a:8e:6d:0c:a4:f3:d5:30:8c:c0:35:91:eb:65:db:
                    de:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:48:D2:35:FB:6E:60:98:91:A9:BC:9F:7D:B7:CA:BB:F4:F7:52:E5
            X509v3 Authority Key Identifier:
                keyid:FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:9b:a9:50:4f:0f:2f:19:8f:26:cc:9d:bf:c1:7f:29:19:5e:
         a8:52:e2:10:c2:58:49:03:dc:bc:e9:52:50:7b:76:cb:44:22:
         71:37:d3:04:5b:ed:2e:02:c2:48:d1:4b:b4:e8:09:e5:66:b7:
         cd:96:ab:f7:f3:88:5b:59:1e:f2:e7:66:ed:b2:8b:6a:cf:a5:
         28:8e:32:ea:70:d0:f9:b8:1b:61:a2:3e:c2:a1:c9:b6:a6:79:
         02:5a:42:6b:a4:61:b9:a6:af:ad:5c:08:79:17:47:5a:2e:9e:
         dd:1e:7a:ce:39:97:79:05:f9:1e:94:a0:f5:f4:38:14:ba:ef:
         7f:16:ce:59:00:82:90:ec:fe:a5:f6:b3:01:59:37:62:65:2c:
         35:15:66:32:35:88:b7:57:78:43:14:e9:52:1b:c4:b2:4c:d6:
         86:1b:c6:18:1b:85:51:5f:61:de:61:86:c1:92:a6:25:65:6c:
         bf:33:1c:f0:e9:c0:d9:4c:0c:df:02:15:9a:3f:f1:50:7e:9e:
         db:75:7b:65:36:21:a8:b8:e0:b2:d6:cf:a7:3f:ab:18:f1:b5:
         02:e4:4e:de:08:35:99:fb:e3:96:a7:3d:10:56:40:50:e6:bd:
         ba:67:46:8b:8b:3f:47:5d:b4:40:00:e5:1d:df:95:4a:bc:b9:
         2a:e0:e0:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4JoyC72YbxYSRvnu3FnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZWRkOTNhZDZjYWFhNjBhZDQ5ZjBmOTM3N2Q4YWFiZjg3
N2UyZGIwHhcNMjYwMzI2MTYwMDU1WhcNMjYwMzI3MTYwMDU1WjAzMTEwLwYDVQQD
EygzNTQ4ZDIzNWZiNmU2MDk4OTFhOWJjOWY3ZGI3Y2FiYmY0Zjc1MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApinMPvApxpbzYMO+S4sykBIIONQY
vnYdAIllMEAKl7FUyDlOWCB9MYnrO1R9uQxSbG+gB8wbbwO3+xYbG+Vnj9Kpgu1F
KYhZmxtDPpkJR/5eD6cPIeDINydtfjrvu8hzG0JOw3V2gv5Dr+Z/w+IgZDj1QU4I
meAHMmwvwQSPe/3qbOMkR19sQGA52MVrAuK/agM/Ukk9SwyTPtp2OUzF1rsHK16O
FmHmR/mqK/3EHmuUgy27l/3LRiTE7X0GyGmaNKgyztemindx0NWuzb9QZdT1aRbF
2soHHTzlR8rlyzaRKxxUz9I9HHkejA76hyuajm0MpPPVMIzANZHrZdvesQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVI0jX7bmCYkam8n323yrv091LlMB8GA1UdIwQY
MBaAFP3t2TrWyqpgrUnw+Td9iqv4d+LbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYt
YmRiNWYxNmQ0NmYwLzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYtYmRiNWYxNmQ0NmYw
LzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJupUE8P
LxmPJsydv8F/KRleqFLiEMJYSQPcvOlSUHt2y0QicTfTBFvtLgLCSNFLtOgJ5Wa3
zZar9/OIW1ke8udm7bKLas+lKI4y6nDQ+bgbYaI+wqHJtqZ5AlpCa6RhuaavrVwI
eRdHWi6e3R56zjmXeQX5HpSg9fQ4FLrvfxbOWQCCkOz+pfazAVk3YmUsNRVmMjWI
t1d4QxTpUhvEskzWhhvGGBuFUV9h3mGGwZKmJWVsvzMc8OnA2UwM3wIVmj/xUH6e
23V7ZTYhqLjgstbPpz+rGPG1AuRO3gg1mfvjlqc9EFZAUOa9umdGi4s/R120QADl
Hd+VSry5KuDgIQ==
-----END CERTIFICATE-----