Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          8iIYexrJDPQzC2fCDixoT3zV/NqEh4xWWpYzFFLwq0s=
Subject key identifier:   C6:BE:EA:68:68:5D:49:CA:95:9E:CA:11:A5:7D:EE:83:6A:51:21:E2
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019D25BA6C076A3E9F4758D56A15CC77BF0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          07F2
Signing time:             Wed 25 Mar 2026 16:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:07 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: b7FUtluZcunAoJnjE/7j9qLSH0FW4JFKLj3AXCFPzGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:6c:07:6a:3e:9f:47:58:d5:6a:15:cc:77:bf:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Mar 25 16:01:07 2026 GMT
            Not After : Mar 26 16:01:07 2026 GMT
        Subject: CN=c6beea68685d49ca959eca11a57dee836a5121e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:24:0d:62:a6:a5:66:ff:46:40:f5:e5:21:33:
                    cb:da:3e:e7:6c:90:76:65:8b:93:f0:2b:ee:43:19:
                    12:ec:6d:1d:08:da:ef:93:ac:af:dc:a7:2b:f1:e1:
                    0f:61:30:f3:2d:94:5e:fc:ff:2b:ea:d7:8b:38:d5:
                    b3:a0:8e:c2:34:2d:5b:d5:8d:95:ce:94:e6:ee:a3:
                    04:ea:d9:3f:12:34:2f:d7:e5:eb:bc:a7:d1:d3:d8:
                    cb:61:5b:e5:6a:cc:d9:b8:23:cc:e2:80:71:0d:cb:
                    30:e2:bf:82:84:46:dd:ee:a6:e2:9f:f4:e6:d8:a5:
                    6e:e6:4c:13:1e:57:c5:44:71:0a:82:84:f7:0f:de:
                    c3:b1:62:68:08:7d:ea:7c:de:15:fa:b1:49:d5:b3:
                    3e:f7:32:0f:d1:88:f2:88:81:43:1c:e2:7e:7a:d5:
                    86:38:e4:4c:24:ef:fe:e2:f3:83:2d:99:12:ea:11:
                    e5:15:c1:1e:c0:b9:5d:03:62:41:60:34:3c:cd:06:
                    1c:de:3b:58:46:19:66:0d:af:8b:6f:8f:b8:98:b9:
                    01:1b:8b:66:26:50:1c:92:ff:76:55:6c:bf:19:be:
                    42:d3:06:55:b1:95:d2:ab:b5:ca:0b:f0:f4:bc:c3:
                    a0:4f:d2:a8:c7:45:b8:90:46:67:69:23:3d:57:8b:
                    16:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:BE:EA:68:68:5D:49:CA:95:9E:CA:11:A5:7D:EE:83:6A:51:21:E2
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:0b:28:82:47:4b:cc:51:38:05:04:96:36:49:80:55:fd:b4:
         3b:86:ff:4c:79:08:99:b1:04:de:91:6f:6f:f6:1d:8f:14:46:
         dd:9e:79:66:55:d8:57:e9:52:35:15:ed:cb:4d:10:1d:15:c8:
         c2:ed:72:e3:95:99:6a:7e:98:0b:ea:11:7b:d2:bc:8c:b5:7a:
         9d:53:b3:be:d5:7a:86:aa:4b:d3:4f:07:62:ff:4b:88:9b:2f:
         d7:b6:bc:52:8a:da:d9:bf:11:19:06:18:a6:69:f8:1f:0b:37:
         bb:a3:de:98:e3:d9:4f:a0:04:82:90:9a:b3:4b:fa:74:df:f1:
         9d:0a:3c:09:7f:71:8b:50:8d:49:57:28:23:b5:cc:b5:c6:77:
         96:ba:43:c4:d2:af:48:6a:73:6f:28:dd:00:eb:61:a1:df:85:
         10:00:23:b4:a3:b2:7d:08:ce:dc:77:29:69:1e:3b:1e:83:89:
         9a:df:12:15:70:12:34:9a:2f:de:cc:08:ef:09:a2:19:e6:9f:
         08:63:48:f1:cf:16:3c:ee:e4:1c:c0:9e:91:b2:57:dc:b8:d5:
         0c:40:c4:10:65:59:1a:fe:70:86:81:d6:90:9c:2d:24:23:99:
         83:96:a3:e5:76:31:12:84:47:07:be:03:ba:a6:d7:ee:da:4b:
         df:3b:ba:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lumwHaj6fR1jVahXMd78PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjYwMzI1MTYwMTA3WhcNMjYwMzI2MTYwMTA3WjAzMTEwLwYDVQQD
EyhjNmJlZWE2ODY4NWQ0OWNhOTU5ZWNhMTFhNTdkZWU4MzZhNTEyMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCQNYqalZv9GQPXlITPL2j7nbJB2
ZYuT8CvuQxkS7G0dCNrvk6yv3Kcr8eEPYTDzLZRe/P8r6teLONWzoI7CNC1b1Y2V
zpTm7qME6tk/EjQv1+XrvKfR09jLYVvlaszZuCPM4oBxDcsw4r+ChEbd7qbin/Tm
2KVu5kwTHlfFRHEKgoT3D97DsWJoCH3qfN4V+rFJ1bM+9zIP0YjyiIFDHOJ+etWG
OORMJO/+4vODLZkS6hHlFcEewLldA2JBYDQ8zQYc3jtYRhlmDa+Lb4+4mLkBG4tm
JlAckv92VWy/Gb5C0wZVsZXSq7XKC/D0vMOgT9Kox0W4kEZnaSM9V4sWfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMa+6mhoXUnKlZ7KEaV97oNqUSHiMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANAsogkdL
zFE4BQSWNkmAVf20O4b/THkImbEE3pFvb/YdjxRG3Z55ZlXYV+lSNRXty00QHRXI
wu1y45WZan6YC+oRe9K8jLV6nVOzvtV6hqpL008HYv9LiJsv17a8Uora2b8RGQYY
pmn4Hws3u6PemOPZT6AEgpCas0v6dN/xnQo8CX9xi1CNSVcoI7XMtcZ3lrpDxNKv
SGpzbyjdAOthod+FEAAjtKOyfQjO3HcpaR47HoOJmt8SFXASNJov3swI7wmiGeaf
CGNI8c8WPO7kHMCekbJX3LjVDEDEEGVZGv5whoHWkJwtJCOZg5aj5XYxEoRHB74D
uqbX7tpL3zu68A==
-----END CERTIFICATE-----