Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          MGScKZgHlK0C+lFejkH8EPdYi5FTZzWqLk/Mn+8IrjY=
Subject key identifier:   FF:74:14:B4:99:C4:18:79:50:3D:E3:35:60:E8:60:9B:86:47:52:55
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019D28F22633F397E6F481BEA16884D70BB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0918
Signing time:             Thu 26 Mar 2026 07:00:51 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:51 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:51 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: pZqt2ScNjwgThvAoW2Y4OPDlT6rDl7ZFnME/fatUBf8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:26:33:f3:97:e6:f4:81:be:a1:68:84:d7:0b:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Mar 26 07:00:51 2026 GMT
            Not After : Mar 27 07:00:51 2026 GMT
        Subject: CN=ff7414b499c41879503de33560e8609b86475255
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:e6:6b:e2:2a:21:e8:d0:85:ed:c5:58:4e:93:
                    51:be:f3:c5:bb:34:3a:06:0d:40:c5:4b:e3:ca:cb:
                    2b:1a:cc:95:4a:37:05:b5:17:19:58:c7:b3:ad:a7:
                    43:1c:4a:48:4e:f4:85:9f:e2:25:ac:1e:50:71:10:
                    6f:43:ad:7a:38:9a:cc:c2:9a:21:84:2d:49:30:10:
                    62:2b:f5:4c:6a:f4:56:ee:28:e9:8b:d0:de:bf:c0:
                    b9:39:5d:ea:0a:ff:84:38:18:6a:e8:e7:59:9a:14:
                    50:9b:23:a4:8d:d0:df:3a:39:93:a0:a9:10:8c:d3:
                    0c:2e:9f:e2:33:e4:a1:b9:94:3b:33:05:c7:30:80:
                    8d:bc:d7:a1:07:01:d6:70:04:87:e3:88:06:1d:23:
                    db:c2:dc:81:8c:37:82:e2:f0:08:48:9b:f6:f9:f5:
                    87:e2:22:2c:d9:50:cb:d3:fa:9b:6a:f1:aa:36:3c:
                    9e:33:d0:58:87:87:73:c9:0d:51:61:3a:58:1f:96:
                    74:f4:e5:8a:6e:1b:e9:f1:95:78:08:16:25:eb:63:
                    5d:37:67:99:e3:f5:a5:c2:67:b3:af:73:f9:40:34:
                    21:7d:c8:fe:81:88:57:8a:0d:ce:60:f3:66:4c:9b:
                    96:42:4f:66:a1:ba:c0:5d:66:0d:4c:df:88:e1:92:
                    fd:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:74:14:B4:99:C4:18:79:50:3D:E3:35:60:E8:60:9B:86:47:52:55
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:7c:ed:88:74:d5:f3:25:67:f6:07:b3:56:30:9d:07:fa:f5:
         9a:22:11:a6:bb:6c:b5:cf:12:18:ac:94:c6:c6:95:cf:2a:2a:
         78:bd:71:92:f1:38:54:9e:af:e9:aa:0c:5d:35:5f:73:02:10:
         56:4a:da:a7:ae:8e:7d:3e:07:a9:b7:1f:b5:8c:53:e8:88:ab:
         cf:07:5d:1c:b9:b4:50:c6:69:ad:b3:27:e6:ca:4a:d6:02:ca:
         43:e2:84:5a:df:bd:61:9b:23:73:9c:a1:1c:35:b8:87:c8:d7:
         e1:ec:ab:3c:ea:3f:67:33:bb:75:42:d5:3d:7c:a6:bd:8f:10:
         bf:93:79:80:31:b4:87:0a:27:74:1f:32:a6:52:1a:17:d4:bd:
         b7:6d:53:65:78:41:29:45:f5:98:60:79:d7:f7:bd:06:fb:88:
         fb:7d:46:a9:28:8a:d2:49:12:42:b8:e3:d6:af:36:39:fb:71:
         93:76:31:f7:ff:66:80:5e:12:06:9b:a2:b7:42:0f:3c:63:80:
         80:8b:6f:05:c6:17:3e:20:bd:7f:dd:17:32:ce:c4:f6:a7:80:
         98:55:00:87:11:f2:d1:15:c7:0e:db:83:34:b4:b1:f3:6d:4d:
         fc:ff:e0:57:03:fb:64:14:77:ec:42:cf:89:fe:96:1c:39:77:
         3b:18:34:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8iYz85fm9IG+oWiE1wu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjYwMzI2MDcwMDUxWhcNMjYwMzI3MDcwMDUxWjAzMTEwLwYDVQQD
EyhmZjc0MTRiNDk5YzQxODc5NTAzZGUzMzU2MGU4NjA5Yjg2NDc1MjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eZr4ioh6NCF7cVYTpNRvvPFuzQ6
Bg1AxUvjyssrGsyVSjcFtRcZWMezradDHEpITvSFn+IlrB5QcRBvQ616OJrMwpoh
hC1JMBBiK/VMavRW7ijpi9Dev8C5OV3qCv+EOBhq6OdZmhRQmyOkjdDfOjmToKkQ
jNMMLp/iM+ShuZQ7MwXHMICNvNehBwHWcASH44gGHSPbwtyBjDeC4vAISJv2+fWH
4iIs2VDL0/qbavGqNjyeM9BYh4dzyQ1RYTpYH5Z09OWKbhvp8ZV4CBYl62NdN2eZ
4/Wlwmezr3P5QDQhfcj+gYhXig3OYPNmTJuWQk9mobrAXWYNTN+I4ZL96wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP90FLSZxBh5UD3jNWDoYJuGR1JVMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD3ztiHTV
8yVn9gezVjCdB/r1miIRprtstc8SGKyUxsaVzyoqeL1xkvE4VJ6v6aoMXTVfcwIQ
Vkrap66OfT4HqbcftYxT6IirzwddHLm0UMZprbMn5spK1gLKQ+KEWt+9YZsjc5yh
HDW4h8jX4eyrPOo/ZzO7dULVPXymvY8Qv5N5gDG0hwondB8yplIaF9S9t21TZXhB
KUX1mGB51/e9BvuI+31GqSiK0kkSQrjj1q82Oftxk3Yx9/9mgF4SBpuit0IPPGOA
gItvBcYXPiC9f90XMs7E9qeAmFUAhxHy0RXHDtuDNLSx821N/P/gVwP7ZBR37ELP
if6WHDl3Oxg0Fw==
-----END CERTIFICATE-----