Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          46o0uJXf6RbKTfSOZyFqxPvRHq9CGYWk6vMK42XzN2k=
Subject key identifier:   57:1A:E2:19:B0:C2:6D:C5:60:1D:98:BC:71:03:5E:01:6B:EA:6B:34
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019D25BA7D7F045D691312A23BDD43487A44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0C57
Signing time:             Wed 25 Mar 2026 16:01:11 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:11 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:11 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: M2nMXJZW/gR+dSN+gMd4M5Uvq5tSIK9viBso90+Sa/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:7d:7f:04:5d:69:13:12:a2:3b:dd:43:48:7a:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Mar 25 16:01:11 2026 GMT
            Not After : Mar 26 16:01:11 2026 GMT
        Subject: CN=571ae219b0c26dc5601d98bc71035e016bea6b34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b9:cf:dd:51:78:a9:79:b8:a9:f1:8e:03:c5:
                    93:c5:71:99:b0:52:62:4b:10:40:61:6d:4e:b4:90:
                    fd:1a:b1:38:2c:a9:7e:0d:ff:1e:63:3b:a7:ad:14:
                    0f:46:b4:f8:73:bb:0b:da:fc:44:c8:79:97:13:f7:
                    ad:48:43:d9:d2:3e:c8:7b:d6:8d:eb:48:0a:12:15:
                    ad:6f:36:53:75:d6:01:5e:c6:1e:d9:cc:76:06:36:
                    69:8d:e3:61:35:79:17:fa:b5:10:10:5c:61:4c:8f:
                    78:40:4b:91:16:18:fb:c0:6b:d4:34:04:69:6e:58:
                    9e:29:bb:30:e5:39:5a:55:3a:00:db:58:0f:7f:23:
                    90:07:03:22:4c:ac:ca:8d:b2:6a:30:61:61:98:a3:
                    96:6d:58:b9:39:ce:de:8f:72:a7:19:b2:e0:1e:27:
                    f0:ce:66:f4:e7:e7:18:e6:73:05:14:1c:10:7d:cf:
                    fd:6f:5e:19:79:a4:54:ff:53:f1:65:40:f1:d3:6a:
                    6f:19:80:de:76:ad:2a:57:05:c9:84:67:7c:9e:c7:
                    a7:be:60:51:60:34:ba:1c:63:bd:3b:c1:db:df:0b:
                    d2:3b:b6:ca:f6:8e:4d:5c:eb:f3:20:9b:59:c7:c8:
                    f8:8f:c1:40:b7:35:2b:f6:e3:0f:9f:ca:87:e5:40:
                    32:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:1A:E2:19:B0:C2:6D:C5:60:1D:98:BC:71:03:5E:01:6B:EA:6B:34
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:aa:46:61:2e:9e:07:4a:d6:63:a6:2f:18:39:b1:32:c4:f1:
         26:f9:b9:ba:0f:89:62:c7:8b:4b:8e:a2:57:2f:4b:dc:3c:80:
         b3:93:e0:70:91:72:d1:0c:b0:09:4f:99:e5:97:08:51:96:b4:
         3d:52:02:83:9d:a6:84:bd:93:02:8e:61:1b:f7:47:12:5a:f9:
         9f:ce:e4:48:6a:8f:5a:0b:9e:ca:ff:de:87:fe:20:57:e1:1a:
         af:70:26:fd:49:8c:61:8c:24:18:85:3b:6d:dd:5d:c3:6f:0a:
         78:04:eb:52:b7:1a:23:d0:18:71:0a:b1:ab:4e:e1:91:fc:33:
         9c:86:8c:5c:4c:73:ab:4b:0b:37:73:fb:67:a0:7d:80:9b:44:
         ae:46:80:23:84:52:f4:f1:74:41:8b:7b:f4:bc:3b:c6:f3:db:
         fc:7b:f4:c8:f9:0f:34:53:04:28:93:da:16:1a:52:e2:3e:58:
         4d:8c:c5:6f:ca:8a:32:b0:a5:dc:bb:42:6f:f4:3b:f2:39:aa:
         2f:24:39:ba:7e:ac:9c:86:62:63:c0:7c:8e:d7:42:44:03:4f:
         6f:99:96:2a:b0:27:d1:6d:0e:55:c0:55:14:b8:ac:d9:69:cf:
         3b:03:ea:7b:28:19:47:61:c8:17:60:bb:75:7c:b2:cb:ec:91:
         67:cb:d0:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lun1/BF1pExKiO91DSHpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjYwMzI1MTYwMTExWhcNMjYwMzI2MTYwMTExWjAzMTEwLwYDVQQD
Eyg1NzFhZTIxOWIwYzI2ZGM1NjAxZDk4YmM3MTAzNWUwMTZiZWE2YjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurnP3VF4qXm4qfGOA8WTxXGZsFJi
SxBAYW1OtJD9GrE4LKl+Df8eYzunrRQPRrT4c7sL2vxEyHmXE/etSEPZ0j7Ie9aN
60gKEhWtbzZTddYBXsYe2cx2BjZpjeNhNXkX+rUQEFxhTI94QEuRFhj7wGvUNARp
blieKbsw5TlaVToA21gPfyOQBwMiTKzKjbJqMGFhmKOWbVi5Oc7ej3KnGbLgHifw
zmb05+cY5nMFFBwQfc/9b14ZeaRU/1PxZUDx02pvGYDedq0qVwXJhGd8nsenvmBR
YDS6HGO9O8Hb3wvSO7bK9o5NXOvzIJtZx8j4j8FAtzUr9uMPn8qH5UAywQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFca4hmwwm3FYB2YvHEDXgFr6ms0MB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMapGYS6e
B0rWY6YvGDmxMsTxJvm5ug+JYseLS46iVy9L3DyAs5PgcJFy0QywCU+Z5ZcIUZa0
PVICg52mhL2TAo5hG/dHElr5n87kSGqPWgueyv/eh/4gV+Ear3Am/UmMYYwkGIU7
bd1dw28KeATrUrcaI9AYcQqxq07hkfwznIaMXExzq0sLN3P7Z6B9gJtErkaAI4RS
9PF0QYt79Lw7xvPb/Hv0yPkPNFMEKJPaFhpS4j5YTYzFb8qKMrCl3LtCb/Q78jmq
LyQ5un6snIZiY8B8jtdCRANPb5mWKrAn0W0OVcBVFLis2WnPOwPqeygZR2HIF2C7
dXyyy+yRZ8vQPQ==
-----END CERTIFICATE-----