Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          SMeIvm5SLmkEH2FPjJ+aK8tlIBTkpWz7/MmIW6e/sQM=
Subject key identifier:   70:09:C4:0C:B8:52:70:2C:BB:98:CB:89:DB:4E:C4:B1:55:0C:78:9B
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019D28F2C74D49DA3BDACE650F1AF2A9CB5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0B53
Signing time:             Thu 26 Mar 2026 07:01:32 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:32 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:32 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: /2etozk9nEMh1ow6iqpbt2ZcdZXPP2DgACJ7LA9vXqU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:c7:4d:49:da:3b:da:ce:65:0f:1a:f2:a9:cb:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Mar 26 07:01:32 2026 GMT
            Not After : Mar 27 07:01:32 2026 GMT
        Subject: CN=7009c40cb852702cbb98cb89db4ec4b1550c789b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e0:08:4b:f8:28:85:0f:10:00:23:38:4a:81:
                    2e:11:43:97:6d:67:6a:1e:71:3f:f7:f4:c5:8e:80:
                    df:e8:95:95:23:81:f3:dd:58:f4:85:12:71:af:eb:
                    49:c6:bf:d0:ae:79:68:f6:2b:be:c5:88:d7:d7:bb:
                    cd:b5:f9:8a:b5:fa:6a:5c:ca:25:b1:da:de:58:8d:
                    b8:8d:17:87:ed:0b:06:bd:08:e6:90:a0:86:5f:de:
                    be:9f:31:71:c7:e0:8d:4d:92:2b:8c:05:c8:47:13:
                    c4:cf:d2:e8:0b:33:91:67:79:fe:bb:76:ec:6f:2e:
                    a9:cf:ef:d7:fb:03:a6:7a:57:cc:6a:34:a8:aa:38:
                    6a:0b:ad:6d:47:95:6e:b3:f9:2b:da:66:5a:76:87:
                    4c:f9:40:a7:a1:5d:92:52:f0:1b:a1:a8:54:e4:23:
                    10:f8:96:85:33:81:53:2f:a6:2e:e6:21:c6:d8:41:
                    46:42:b2:0e:78:d3:f1:a9:33:6c:b2:73:a6:b0:8d:
                    da:0d:53:c9:e5:ad:98:f8:b6:7c:6a:ff:cd:a2:bf:
                    cb:79:f9:ec:1d:00:cd:fd:33:f8:a3:69:a6:37:7e:
                    5e:05:a0:51:5e:c7:04:84:05:1b:db:38:8f:78:e8:
                    d2:d4:b6:61:ea:96:c8:0c:fe:9a:42:18:5a:b3:96:
                    e3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:09:C4:0C:B8:52:70:2C:BB:98:CB:89:DB:4E:C4:B1:55:0C:78:9B
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:46:4d:d3:56:b8:cc:19:0b:db:74:e7:71:a5:e6:11:e4:f5:
         54:97:a0:22:49:fb:67:76:06:5c:2f:50:92:c5:d5:ff:c8:03:
         38:29:28:47:b6:a7:1a:63:63:26:70:15:85:de:a3:3b:81:31:
         b8:d7:82:14:bd:b8:a5:23:61:60:75:4d:2f:69:40:ff:2a:55:
         53:9d:de:6a:de:8c:ed:12:2e:f5:fa:87:f7:77:89:0a:76:85:
         e2:07:a7:10:2d:e4:61:85:f9:ff:99:c3:62:36:7e:d6:79:79:
         78:1f:af:40:85:24:5d:b9:ad:3e:8e:e5:9a:ba:53:13:80:73:
         8c:ee:39:db:72:b2:93:2e:83:46:84:43:32:05:69:8a:43:66:
         71:71:5b:cb:d0:65:46:68:9e:86:9b:f6:40:a9:ef:2d:70:58:
         4d:69:a3:c1:1f:3d:c0:08:c3:d8:49:7d:37:74:12:58:81:02:
         87:ea:5f:30:59:90:6c:14:d6:f5:a4:4b:85:8c:6b:88:e9:c9:
         30:c6:23:0d:9c:c6:89:84:b5:e8:02:06:34:2e:25:b2:c1:56:
         ff:41:cb:9c:68:20:73:cd:8d:9b:fb:35:69:c9:98:3e:48:67:
         43:d0:ec:01:5e:c0:e6:55:f7:40:5e:ee:76:e4:ba:ac:ff:ab:
         3f:90:29:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8sdNSdo72s5lDxryqctdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjYwMzI2MDcwMTMyWhcNMjYwMzI3MDcwMTMyWjAzMTEwLwYDVQQD
Eyg3MDA5YzQwY2I4NTI3MDJjYmI5OGNiODlkYjRlYzRiMTU1MGM3ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOAIS/gohQ8QACM4SoEuEUOXbWdq
HnE/9/TFjoDf6JWVI4Hz3Vj0hRJxr+tJxr/Qrnlo9iu+xYjX17vNtfmKtfpqXMol
sdreWI24jReH7QsGvQjmkKCGX96+nzFxx+CNTZIrjAXIRxPEz9LoCzORZ3n+u3bs
by6pz+/X+wOmelfMajSoqjhqC61tR5Vus/kr2mZadodM+UCnoV2SUvAboahU5CMQ
+JaFM4FTL6Yu5iHG2EFGQrIOeNPxqTNssnOmsI3aDVPJ5a2Y+LZ8av/Nor/Lefns
HQDN/TP4o2mmN35eBaBRXscEhAUb2ziPeOjS1LZh6pbIDP6aQhhas5bjSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAJxAy4UnAsu5jLidtOxLFVDHibMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADEZN01a4
zBkL23TncaXmEeT1VJegIkn7Z3YGXC9QksXV/8gDOCkoR7anGmNjJnAVhd6jO4Ex
uNeCFL24pSNhYHVNL2lA/ypVU53eat6M7RIu9fqH93eJCnaF4genEC3kYYX5/5nD
YjZ+1nl5eB+vQIUkXbmtPo7lmrpTE4BzjO4523Kyky6DRoRDMgVpikNmcXFby9Bl
Rmiehpv2QKnvLXBYTWmjwR89wAjD2El9N3QSWIECh+pfMFmQbBTW9aRLhYxriOnJ
MMYjDZzGiYS16AIGNC4lssFW/0HLnGggc82Nm/s1acmYPkhnQ9DsAV7A5lX3QF7u
duS6rP+rP5ApVA==
-----END CERTIFICATE-----