Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
File:                     w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft (raw, json)
Hash identifier:          lQyYw9BQNT/XaajO0PQfTQMMNzVyU4uPfoILq+2tyK0=
Subject key identifier:   E7:F7:75:2F:39:6C:A6:DE:DB:1A:9C:6F:20:B2:A9:20:D1:6D:50:42
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Certificate issuer:       /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial:       019D28F2963664D1A5614E83BCE1676D2AB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
Manifest number:          0B3A
Signing time:             Thu 26 Mar 2026 07:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:19 +0000
Files and hashes:         1: w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl (hash: 5iP5FoQoWRl0Tt1Ys9hgq6YC1dZn9S9XPQhXbrwZWrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:96:36:64:d1:a5:61:4e:83:bc:e1:67:6d:2a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
        Validity
            Not Before: Mar 26 07:01:19 2026 GMT
            Not After : Mar 27 07:01:19 2026 GMT
        Subject: CN=e7f7752f396ca6dedb1a9c6f20b2a920d16d5042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b9:d9:84:1d:e0:65:34:b7:cb:bf:e4:55:a7:
                    3f:f5:58:41:7e:b5:61:75:5c:95:9d:5a:f4:48:58:
                    71:94:44:f2:05:c9:cd:04:9f:ea:d6:f6:7c:00:37:
                    37:ea:cf:21:b4:cd:a3:1f:cd:da:68:2b:56:da:10:
                    e5:7f:4b:07:ce:82:84:29:7c:72:8e:6e:81:04:21:
                    2c:e1:36:d0:48:23:d4:6c:c2:4a:4a:9f:23:45:a6:
                    88:23:ce:39:f0:1d:08:61:55:32:38:d7:2e:ae:07:
                    fa:e6:33:05:c8:cc:dc:39:57:c9:9a:70:1d:95:14:
                    de:73:2e:07:f1:68:b2:10:03:83:5b:5c:5d:73:c4:
                    27:25:ec:58:b6:5b:ae:b6:9d:b0:0b:35:d1:bf:e2:
                    32:75:78:de:48:d4:33:7e:48:03:55:58:b3:dc:5e:
                    d5:e1:41:0b:b2:7e:60:71:b5:a1:59:48:b6:01:ff:
                    8f:7f:44:55:51:01:d3:1c:6c:8d:ee:72:1c:e3:ab:
                    47:b7:cd:5e:e1:2b:62:2e:e2:3e:bd:aa:87:34:b1:
                    61:5e:03:6f:e3:3c:c9:22:f8:27:df:03:43:c5:02:
                    57:77:80:81:aa:09:a2:39:65:68:fe:1c:15:b0:f1:
                    a2:e2:94:85:c6:61:ce:ee:13:1a:a7:0e:a8:85:05:
                    2e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F7:75:2F:39:6C:A6:DE:DB:1A:9C:6F:20:B2:A9:20:D1:6D:50:42
            X509v3 Authority Key Identifier:
                keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:b2:dd:78:7b:b5:24:23:0e:9c:b6:0c:e0:ff:6b:2d:17:3a:
         4f:82:2e:a5:0a:e7:f2:cf:bc:bf:f5:09:2b:c2:90:43:af:d6:
         1f:1b:cf:aa:68:90:20:9c:fd:4d:be:fa:14:99:25:27:bc:cb:
         8f:e3:a5:25:f0:c2:de:8e:a0:4c:ac:d7:79:6c:34:fc:21:10:
         86:97:4a:96:70:26:9d:23:90:e3:39:b3:ff:ca:ec:b2:8e:15:
         da:d8:9c:d9:c9:ea:41:41:d6:bb:4b:38:6e:79:8d:5c:9d:b0:
         68:33:dc:a1:fd:97:74:83:47:03:e5:3e:22:49:7d:e2:91:a9:
         ef:7b:fd:af:8c:d2:a3:41:10:1d:37:2a:c6:1d:30:26:e9:f2:
         9a:fe:e3:db:6f:19:fb:06:d4:ec:25:17:a5:9b:7e:68:e8:7f:
         26:6b:16:62:50:64:d0:12:c2:9f:84:fc:39:ca:15:b8:4d:7c:
         de:df:d6:0e:28:7e:43:60:28:58:72:e5:2a:80:f9:01:87:d7:
         c0:78:cc:df:41:9b:a3:c8:80:12:ea:44:67:42:d4:7a:d0:15:
         7c:b4:87:85:2f:81:7b:17:95:cf:e6:e0:cd:d9:7c:84:6f:e4:
         b7:13:46:53:57:fd:78:a6:50:28:d1:76:9d:2f:b3:53:aa:23:
         77:2b:12:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8pY2ZNGlYU6DvOFnbSqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjYwMzI2MDcwMTE5WhcNMjYwMzI3MDcwMTE5WjAzMTEwLwYDVQQD
EyhlN2Y3NzUyZjM5NmNhNmRlZGIxYTljNmYyMGIyYTkyMGQxNmQ1MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbnZhB3gZTS3y7/kVac/9VhBfrVh
dVyVnVr0SFhxlETyBcnNBJ/q1vZ8ADc36s8htM2jH83aaCtW2hDlf0sHzoKEKXxy
jm6BBCEs4TbQSCPUbMJKSp8jRaaII8458B0IYVUyONcurgf65jMFyMzcOVfJmnAd
lRTecy4H8WiyEAODW1xdc8QnJexYtluutp2wCzXRv+IydXjeSNQzfkgDVViz3F7V
4UELsn5gcbWhWUi2Af+Pf0RVUQHTHGyN7nIc46tHt81e4StiLuI+vaqHNLFhXgNv
4zzJIvgn3wNDxQJXd4CBqgmiOWVo/hwVsPGi4pSFxmHO7hMapw6ohQUuoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOf3dS85bKbe2xqcbyCyqSDRbVBCMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXbLdeHu1
JCMOnLYM4P9rLRc6T4IupQrn8s+8v/UJK8KQQ6/WHxvPqmiQIJz9Tb76FJklJ7zL
j+OlJfDC3o6gTKzXeWw0/CEQhpdKlnAmnSOQ4zmz/8rsso4V2tic2cnqQUHWu0s4
bnmNXJ2waDPcof2XdINHA+U+Ikl94pGp73v9r4zSo0EQHTcqxh0wJunymv7j228Z
+wbU7CUXpZt+aOh/JmsWYlBk0BLCn4T8OcoVuE183t/WDih+Q2AoWHLlKoD5AYfX
wHjM30Gbo8iAEupEZ0LUetAVfLSHhS+BexeVz+bgzdl8hG/ktxNGU1f9eKZQKNF2
nS+zU6ojdysSuA==
-----END CERTIFICATE-----