Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft
File:                     3liIYKFLOUpzUSmEKu-tGnBKMoc.mft (raw, json)
Hash identifier:          Xqv0MqHPNs8MaEU7YU+5Yt0jctjFCQDJRcrxJtliFuQ=
Subject key identifier:   D6:DD:5E:4C:3D:45:5C:AF:CB:9A:FF:3E:62:14:A3:5C:14:51:EB:73
Authority key identifier: DE:58:88:60:A1:4B:39:4A:73:51:29:84:2A:EF:AD:1A:70:4A:32:87
Certificate issuer:       /CN=de588860a14b394a735129842aefad1a704a3287
Certificate serial:       019D33E3937EB281869600FA8CBD5C749A81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3liIYKFLOUpzUSmEKu-tGnBKMoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft
Manifest number:          01A6
Signing time:             Sat 28 Mar 2026 10:00:45 +0000
Manifest this update:     Sat 28 Mar 2026 10:00:45 +0000
Manifest next update:     Sun 29 Mar 2026 10:00:45 +0000
Files and hashes:         1: 3liIYKFLOUpzUSmEKu-tGnBKMoc.crl (hash: lJYgRsIdLZUhSInOZ+gmRnbVu0wukXB1mxExwRrB5FE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3liIYKFLOUpzUSmEKu-tGnBKMoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:e3:93:7e:b2:81:86:96:00:fa:8c:bd:5c:74:9a:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de588860a14b394a735129842aefad1a704a3287
        Validity
            Not Before: Mar 28 10:00:45 2026 GMT
            Not After : Mar 29 10:00:45 2026 GMT
        Subject: CN=d6dd5e4c3d455cafcb9aff3e6214a35c1451eb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a0:27:32:82:32:5b:8b:48:da:20:da:5d:68:
                    87:12:4f:a2:4e:cb:17:b1:e7:e2:ff:65:fb:94:27:
                    31:f3:fc:f4:37:b1:b3:09:e8:24:04:f2:64:2e:34:
                    b1:18:93:4a:79:3c:38:31:b3:74:67:7f:9c:ee:31:
                    bf:d4:90:ed:b3:51:46:cd:8d:b9:bb:c3:21:c1:c5:
                    ab:8a:9c:68:1d:4a:d9:10:b8:74:b3:fb:fc:8b:42:
                    74:34:96:49:77:19:5a:58:a8:80:3e:8a:c5:20:47:
                    e8:a6:22:79:53:ea:33:b4:4d:46:18:04:a7:d1:d6:
                    f2:29:6a:22:a0:4c:c2:0a:c6:80:07:3f:fc:a6:cc:
                    98:20:a8:28:97:b8:0a:f5:60:b1:05:b7:cb:c5:e0:
                    fa:a1:2a:7e:8c:32:a2:42:91:30:a6:1a:7f:85:79:
                    7f:70:79:96:c9:4e:e1:f1:ea:88:f0:7b:f6:11:6b:
                    8b:5d:71:c0:e4:b5:8c:ba:82:37:30:e6:57:5e:e2:
                    c2:76:83:60:0b:bd:d7:fd:d0:1b:cf:b5:56:3f:74:
                    3e:d6:8e:59:22:cd:29:8a:8d:c2:7e:29:58:1b:fc:
                    af:31:1f:bf:fb:c4:3f:5f:17:d1:23:24:5b:4b:8e:
                    69:b3:97:b5:7a:86:cf:13:41:ba:85:eb:94:b4:8e:
                    be:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:DD:5E:4C:3D:45:5C:AF:CB:9A:FF:3E:62:14:A3:5C:14:51:EB:73
            X509v3 Authority Key Identifier:
                keyid:DE:58:88:60:A1:4B:39:4A:73:51:29:84:2A:EF:AD:1A:70:4A:32:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3liIYKFLOUpzUSmEKu-tGnBKMoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a57036-fa4b-4714-8340-63f679d7ee1d/1/3liIYKFLOUpzUSmEKu-tGnBKMoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:67:50:22:fb:73:85:df:4a:79:57:08:ab:a2:7d:c8:e5:1a:
         d1:2a:1d:5f:ff:25:5a:6f:b4:91:a7:91:d6:7a:f8:b9:11:e2:
         ef:2e:af:26:f8:24:e0:ce:ab:4d:f1:b0:9b:e1:b7:37:15:d8:
         34:e7:7f:c8:f2:6c:f4:b1:13:b7:57:7a:d8:2a:a0:ef:82:a5:
         ba:0b:2d:24:7f:26:c0:5e:4e:be:36:e1:08:96:3c:fe:3a:5f:
         39:7a:6d:3a:10:d6:1f:f6:81:3e:56:07:5f:58:99:d7:76:2c:
         22:fc:ac:75:ba:21:c7:15:ae:c3:43:7b:2e:8b:ff:4f:9d:aa:
         03:c1:db:bc:6e:7d:5b:9c:03:c4:e6:fa:0b:1a:70:39:d1:ed:
         a2:35:fa:c4:af:5b:6d:1e:79:b9:1a:ca:f1:7e:23:da:7e:66:
         d3:4f:ae:2e:40:6b:9c:08:cf:84:45:d4:55:ae:ea:4d:08:e2:
         96:7a:5b:29:40:d1:db:6f:2a:d6:57:50:ee:81:23:3c:0e:65:
         c8:a7:7f:11:84:4f:04:81:80:eb:a4:cf:38:14:3d:3e:0d:2e:
         c6:a9:11:4f:b8:7d:7b:dc:00:9e:4d:0b:88:03:ed:35:5f:98:
         ba:22:e2:bd:51:3f:63:dd:58:09:ec:c3:ba:5a:67:c6:3e:2b:
         84:e5:40:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z45N+soGGlgD6jL1cdJqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNTg4ODYwYTE0YjM5NGE3MzUxMjk4NDJhZWZhZDFhNzA0
YTMyODcwHhcNMjYwMzI4MTAwMDQ1WhcNMjYwMzI5MTAwMDQ1WjAzMTEwLwYDVQQD
EyhkNmRkNWU0YzNkNDU1Y2FmY2I5YWZmM2U2MjE0YTM1YzE0NTFlYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKAnMoIyW4tI2iDaXWiHEk+iTssX
sefi/2X7lCcx8/z0N7GzCegkBPJkLjSxGJNKeTw4MbN0Z3+c7jG/1JDts1FGzY25
u8MhwcWripxoHUrZELh0s/v8i0J0NJZJdxlaWKiAPorFIEfopiJ5U+oztE1GGASn
0dbyKWoioEzCCsaABz/8psyYIKgol7gK9WCxBbfLxeD6oSp+jDKiQpEwphp/hXl/
cHmWyU7h8eqI8Hv2EWuLXXHA5LWMuoI3MOZXXuLCdoNgC73X/dAbz7VWP3Q+1o5Z
Is0pio3CfilYG/yvMR+/+8Q/XxfRIyRbS45ps5e1eobPE0G6heuUtI6+sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbdXkw9RVyvy5r/PmIUo1wUUetzMB8GA1UdIwQY
MBaAFN5YiGChSzlKc1EphCrvrRpwSjKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xpSVlLRkxPVXB6VVNtRUt1LXRHbkJLTW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hNTcwMzYtZmE0Yi00NzE0LTgzNDAt
NjNmNjc5ZDdlZTFkLzEvM2xpSVlLRkxPVXB6VVNtRUt1LXRHbkJLTW9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hNTcwMzYtZmE0Yi00NzE0LTgzNDAtNjNmNjc5ZDdlZTFk
LzEvM2xpSVlLRkxPVXB6VVNtRUt1LXRHbkJLTW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2dQIvtz
hd9KeVcIq6J9yOUa0SodX/8lWm+0kaeR1nr4uRHi7y6vJvgk4M6rTfGwm+G3NxXY
NOd/yPJs9LETt1d62Cqg74KlugstJH8mwF5OvjbhCJY8/jpfOXptOhDWH/aBPlYH
X1iZ13YsIvysdbohxxWuw0N7Lov/T52qA8HbvG59W5wDxOb6CxpwOdHtojX6xK9b
bR55uRrK8X4j2n5m00+uLkBrnAjPhEXUVa7qTQjilnpbKUDR228q1ldQ7oEjPA5l
yKd/EYRPBIGA66TPOBQ9Pg0uxqkRT7h9e9wAnk0LiAPtNV+YuiLivVE/Y91YCezD
ulpnxj4rhOVA2Q==
-----END CERTIFICATE-----