Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          eIjXYbvPez+QInsBxWL4V0F1m1onRZZfSDd3wPWCYQw=
Subject key identifier:   D6:36:2A:F4:44:C8:7B:AF:57:1C:A3:57:29:FA:A9:EC:BB:DF:57:D1
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       019D28F23B9E4D0F99DCE67B76BA4F111E89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 07:00:56 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:56 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:56 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: /vI8m11HLckIc5P7vJVtRgBKEqZbG+f9ZgLWz2TsGRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:3b:9e:4d:0f:99:dc:e6:7b:76:ba:4f:11:1e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Mar 26 07:00:56 2026 GMT
            Not After : Mar 27 07:00:56 2026 GMT
        Subject: CN=d6362af444c87baf571ca35729faa9ecbbdf57d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1d:06:4c:c4:cc:e1:38:1a:1c:43:50:2e:52:
                    42:a8:e2:9e:be:f5:99:db:ac:68:82:1c:5a:a2:c0:
                    a9:59:38:c4:4a:66:7f:13:b4:a5:83:fa:46:1e:ca:
                    7b:f8:e2:8e:f6:7e:04:59:90:8f:97:73:56:2b:19:
                    1f:f3:15:ea:9f:90:c6:e5:13:33:f3:e6:0c:ec:de:
                    8a:25:0a:d3:b5:30:96:0d:3c:d6:f2:a3:b6:00:e7:
                    8e:e1:13:7c:69:04:31:35:77:78:e8:86:dd:b1:13:
                    9d:48:78:22:18:ea:8f:a3:ad:e3:24:4f:e1:44:dc:
                    60:3a:04:7e:c0:0e:c7:7b:96:24:90:82:b2:be:5e:
                    19:79:80:e0:9c:47:77:0b:33:2f:89:5a:45:94:fc:
                    52:32:01:92:89:cc:0a:94:66:a2:66:a0:5c:b6:4b:
                    2f:52:3d:c6:cb:b8:6c:69:62:4a:6f:c4:3a:9d:99:
                    17:f0:56:67:f9:27:6d:2a:3d:a7:76:04:03:17:bd:
                    f2:5f:67:a2:ca:8a:1a:d8:be:94:38:d8:f7:de:98:
                    e4:25:15:4e:ac:4e:1f:ad:c4:a5:88:bd:23:d9:5b:
                    d8:59:fa:af:9c:fc:f2:cd:34:db:5b:bc:ee:a5:40:
                    5a:84:e1:fa:1c:92:0d:97:4c:d1:42:9a:a6:86:31:
                    a8:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:36:2A:F4:44:C8:7B:AF:57:1C:A3:57:29:FA:A9:EC:BB:DF:57:D1
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:f4:c0:3f:15:b1:df:4d:77:c9:ef:fc:0d:51:15:94:e9:57:
         02:15:7b:08:e5:2f:53:3d:06:e3:b9:e2:1f:f6:4d:15:7c:c2:
         51:40:1b:b8:20:6d:c9:27:21:5c:50:23:96:1a:3c:3b:79:a6:
         77:63:20:0c:bb:54:ab:f1:57:3d:d0:a2:69:45:bd:fd:bf:66:
         d1:5c:7d:bd:c2:d0:34:85:96:24:ea:65:25:19:d9:d5:a5:8c:
         4c:58:db:9f:c5:13:46:d9:2f:e4:ea:af:36:27:5f:2a:17:dc:
         40:c3:94:e2:ec:89:cf:5c:1e:68:e7:d5:d5:d8:d9:9d:14:bb:
         ac:64:cb:47:a4:d9:c2:78:0f:c4:22:29:10:8b:bd:a6:de:38:
         7d:62:5b:96:c7:7f:56:fd:0b:5d:5a:70:c0:ac:5d:8b:d3:e6:
         1e:ab:99:d3:9c:da:32:17:16:18:80:3c:9b:45:8d:bf:2c:22:
         ad:84:dc:48:10:d9:5b:e1:35:91:61:6f:eb:48:73:26:db:ba:
         7b:2c:2f:48:11:cd:8f:f2:3f:50:c4:19:ae:15:1c:68:51:10:
         10:8b:e0:1f:0e:da:05:63:e0:8f:5f:7e:97:04:1b:a1:99:40:
         a4:8b:93:8d:7b:9f:0b:be:61:f1:97:6e:6c:68:17:ca:51:17:
         bb:c8:fc:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8jueTQ+Z3OZ7drpPER6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjYwMzI2MDcwMDU2WhcNMjYwMzI3MDcwMDU2WjAzMTEwLwYDVQQD
EyhkNjM2MmFmNDQ0Yzg3YmFmNTcxY2EzNTcyOWZhYTllY2JiZGY1N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx0GTMTM4TgaHENQLlJCqOKevvWZ
26xoghxaosCpWTjESmZ/E7Slg/pGHsp7+OKO9n4EWZCPl3NWKxkf8xXqn5DG5RMz
8+YM7N6KJQrTtTCWDTzW8qO2AOeO4RN8aQQxNXd46IbdsROdSHgiGOqPo63jJE/h
RNxgOgR+wA7He5YkkIKyvl4ZeYDgnEd3CzMviVpFlPxSMgGSicwKlGaiZqBctksv
Uj3Gy7hsaWJKb8Q6nZkX8FZn+SdtKj2ndgQDF73yX2eiyooa2L6UONj33pjkJRVO
rE4frcSliL0j2VvYWfqvnPzyzTTbW7zupUBahOH6HJINl0zRQpqmhjGoSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNY2KvREyHuvVxyjVyn6qey731fRMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkfTAPxWx
3013ye/8DVEVlOlXAhV7COUvUz0G47niH/ZNFXzCUUAbuCBtySchXFAjlho8O3mm
d2MgDLtUq/FXPdCiaUW9/b9m0Vx9vcLQNIWWJOplJRnZ1aWMTFjbn8UTRtkv5Oqv
NidfKhfcQMOU4uyJz1weaOfV1djZnRS7rGTLR6TZwngPxCIpEIu9pt44fWJblsd/
Vv0LXVpwwKxdi9PmHquZ05zaMhcWGIA8m0WNvywirYTcSBDZW+E1kWFv60hzJtu6
eywvSBHNj/I/UMQZrhUcaFEQEIvgHw7aBWPgj19+lwQboZlApIuTjXufC75h8Zdu
bGgXylEXu8j86g==
-----END CERTIFICATE-----