Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          7mhz4Ihhkh0BaJnbB5KhGmo42IIJesJecLuHNbQ1KMw=
Subject key identifier:   A0:F1:31:4A:AF:90:49:8B:EF:B9:04:82:80:B2:CE:D9:1A:59:C5:2A
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019D27043C24CA3D3CA11DA97434AE43DBA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          1027
Signing time:             Wed 25 Mar 2026 22:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:22 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: 7pFHS43HHzmvQQ5HEbVhE7SUu/8iwYW4PMzeOyzrEFU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:3c:24:ca:3d:3c:a1:1d:a9:74:34:ae:43:db:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Mar 25 22:01:22 2026 GMT
            Not After : Mar 26 22:01:22 2026 GMT
        Subject: CN=a0f1314aaf90498befb9048280b2ced91a59c52a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:72:aa:54:2a:8e:aa:a0:19:b6:ae:59:38:d9:
                    a0:4f:f0:74:55:19:30:fe:10:d9:ec:a6:2c:47:53:
                    a5:e6:6e:1f:ce:b0:d6:9f:28:fa:8f:36:ec:71:0a:
                    0e:57:cc:02:7e:50:0d:33:b0:f8:e2:a3:53:ac:1a:
                    a3:6c:24:27:89:7e:39:89:d3:21:46:5f:bf:2f:94:
                    16:ef:3d:f5:56:47:b6:3b:31:44:c2:37:64:b0:b3:
                    a4:f0:96:41:10:0c:52:34:94:b5:b2:a7:3e:62:36:
                    9d:2a:3c:81:f5:8d:5e:4d:1b:9c:ef:9d:44:a3:86:
                    c9:2f:e3:e9:1e:56:f7:b8:cb:b0:3e:8e:02:18:b1:
                    1d:3d:eb:40:bc:01:94:3f:e4:3a:bb:ff:fe:6d:14:
                    3b:fa:0c:af:d2:02:81:02:e7:e2:be:17:35:e3:66:
                    42:53:b7:2d:84:28:08:25:9d:5a:ee:0c:67:af:e8:
                    71:11:05:9a:1a:07:d5:d4:14:a5:42:da:f2:86:44:
                    82:5c:56:fb:aa:9c:ab:c8:e1:0f:07:44:58:a9:79:
                    06:d2:c3:d2:5a:5a:f0:c4:84:36:d3:57:04:d4:ae:
                    fd:78:e1:38:bd:a9:2f:01:6b:42:ff:a7:b1:bd:20:
                    c9:c8:c6:5a:42:ec:e1:3f:65:82:8e:73:72:df:84:
                    79:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F1:31:4A:AF:90:49:8B:EF:B9:04:82:80:B2:CE:D9:1A:59:C5:2A
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:27:5b:16:a1:4f:3d:7b:14:d2:2b:ac:0d:b8:cd:ec:9f:7d:
         5c:8b:46:44:6a:c0:95:88:f9:2b:fe:ab:d6:9c:4d:a3:7b:57:
         6f:44:ee:43:41:3d:ef:e7:51:18:ca:f9:99:3f:68:54:20:62:
         0e:18:5e:55:ae:10:98:1a:90:26:b2:fd:7e:e0:fc:68:f6:ed:
         d4:12:a9:aa:7d:39:d4:be:fb:65:df:b1:7b:3c:11:7e:8e:11:
         50:a4:db:0e:d1:1c:80:a4:8e:82:ef:7b:08:9b:f7:2b:bf:0a:
         b9:cf:63:99:de:e7:03:ed:9c:b8:79:d4:e5:1f:f0:04:d4:e2:
         45:d0:2a:6f:de:46:00:ab:04:b2:5a:fd:f7:75:33:90:d7:59:
         27:4f:cc:2d:35:b3:6c:7d:c8:1f:b4:ef:0d:1b:0e:cb:9e:4a:
         65:6c:07:d8:78:67:64:99:13:79:fb:11:e6:36:31:5f:7b:ee:
         5b:1e:26:67:73:82:4e:27:d5:85:52:41:27:33:14:6d:21:2e:
         7e:40:35:6c:82:c3:27:ab:40:82:89:09:36:6a:bc:26:f1:a1:
         9d:8d:42:93:49:1d:9b:a2:47:fb:58:f6:31:d9:f7:41:07:98:
         7c:3b:b6:16:d2:d4:59:97:57:71:2f:5a:f9:63:a3:9a:5f:b4:
         81:f9:e2:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDwkyj08oR2pdDSuQ9uiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwMzI1MjIwMTIyWhcNMjYwMzI2MjIwMTIyWjAzMTEwLwYDVQQD
EyhhMGYxMzE0YWFmOTA0OThiZWZiOTA0ODI4MGIyY2VkOTFhNTljNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnKqVCqOqqAZtq5ZONmgT/B0VRkw
/hDZ7KYsR1Ol5m4fzrDWnyj6jzbscQoOV8wCflANM7D44qNTrBqjbCQniX45idMh
Rl+/L5QW7z31Vke2OzFEwjdksLOk8JZBEAxSNJS1sqc+YjadKjyB9Y1eTRuc751E
o4bJL+PpHlb3uMuwPo4CGLEdPetAvAGUP+Q6u//+bRQ7+gyv0gKBAufivhc142ZC
U7cthCgIJZ1a7gxnr+hxEQWaGgfV1BSlQtryhkSCXFb7qpyryOEPB0RYqXkG0sPS
WlrwxIQ201cE1K79eOE4vakvAWtC/6exvSDJyMZaQuzhP2WCjnNy34R55QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDxMUqvkEmL77kEgoCyztkaWcUqMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWidbFqFP
PXsU0iusDbjN7J99XItGRGrAlYj5K/6r1pxNo3tXb0TuQ0E97+dRGMr5mT9oVCBi
DhheVa4QmBqQJrL9fuD8aPbt1BKpqn051L77Zd+xezwRfo4RUKTbDtEcgKSOgu97
CJv3K78Kuc9jmd7nA+2cuHnU5R/wBNTiRdAqb95GAKsEslr993UzkNdZJ0/MLTWz
bH3IH7TvDRsOy55KZWwH2HhnZJkTefsR5jYxX3vuWx4mZ3OCTifVhVJBJzMUbSEu
fkA1bILDJ6tAgokJNmq8JvGhnY1Ck0kdm6JH+1j2Mdn3QQeYfDu2FtLUWZdXcS9a
+WOjml+0gfniyg==
-----END CERTIFICATE-----