Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
File:                     fAMRalBjzm8X_OpTUcneSgxosN0.mft (raw, json)
Hash identifier:          UOF/jEDCdIJurzfnr9GwFXnFO7Y8nVGnYijrqsdW4Rg=
Subject key identifier:   D6:F7:93:D3:DA:88:F4:81:3B:D7:33:13:EC:85:12:A5:80:50:B5:68
Authority key identifier: 7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD
Certificate issuer:       /CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
Certificate serial:       019D28BBCC0DBFC8B4704E4B63B397565111
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
Manifest number:          0D3E
Signing time:             Thu 26 Mar 2026 06:01:29 +0000
Manifest this update:     Thu 26 Mar 2026 06:01:29 +0000
Manifest next update:     Fri 27 Mar 2026 06:01:29 +0000
Files and hashes:         1: fAMRalBjzm8X_OpTUcneSgxosN0.crl (hash: 2/o8zxDk5uXUNq7Ao/N/FXW1uM5LCAJ3IB58vlaFQvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:cc:0d:bf:c8:b4:70:4e:4b:63:b3:97:56:51:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
        Validity
            Not Before: Mar 26 06:01:29 2026 GMT
            Not After : Mar 27 06:01:29 2026 GMT
        Subject: CN=d6f793d3da88f4813bd73313ec8512a58050b568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:81:d5:b4:48:2f:31:43:f1:50:57:e1:df:31:
                    94:0a:17:e8:8b:99:1f:49:a0:4c:ae:7c:ab:f4:f3:
                    d8:d4:42:02:c4:cc:2d:ce:c7:4f:0d:5e:a3:da:09:
                    26:90:7f:d6:ae:4f:f3:91:bc:3d:99:5f:0a:78:fc:
                    70:84:a4:4b:89:ee:bf:23:48:4a:37:9f:58:be:50:
                    cc:54:f3:0a:ef:68:3f:0b:cb:54:03:b7:eb:1c:03:
                    20:b2:c1:b1:f6:17:2b:f7:99:71:26:57:66:08:56:
                    67:d7:85:e1:f6:61:ef:77:09:31:f3:1b:23:bf:29:
                    fc:f6:9a:e8:4b:b3:db:9b:85:05:24:e1:48:01:12:
                    8e:2e:ba:b0:25:ab:7c:a0:69:85:34:a1:75:d6:15:
                    80:ba:f5:68:7a:48:90:cf:eb:49:ad:19:a8:ff:4d:
                    65:71:a4:d3:88:09:80:56:ec:9a:68:89:1d:e8:e0:
                    3b:89:2d:e5:ce:f7:0a:f8:da:5f:8e:4f:d6:0b:8d:
                    bb:52:3f:f9:ce:5a:a8:c6:b8:69:15:79:ea:79:ae:
                    06:89:0a:9e:66:8c:29:50:52:b6:0d:c9:2d:91:ca:
                    ec:c0:24:94:f1:7c:05:03:42:64:f2:86:b1:57:41:
                    df:7b:da:b9:64:73:13:56:60:c9:5b:ad:11:4f:e8:
                    0f:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F7:93:D3:DA:88:F4:81:3B:D7:33:13:EC:85:12:A5:80:50:B5:68
            X509v3 Authority Key Identifier:
                keyid:7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:fb:a4:e9:90:29:ca:3b:29:dc:40:15:e2:9d:82:07:15:8c:
         79:00:f3:ae:9c:e9:fe:2b:7b:a0:f6:3f:6b:77:24:c9:54:c9:
         92:58:6f:fa:ce:f4:ed:60:00:31:a0:c8:fa:18:23:27:95:9f:
         ce:ae:dd:94:b9:55:05:3c:99:9a:11:1b:e2:36:8e:ba:37:d7:
         3c:cc:57:e3:55:98:94:69:94:68:cf:73:09:38:04:2b:e0:22:
         c9:16:af:fd:af:d4:c5:72:23:51:79:03:82:a2:c7:26:7e:61:
         35:7b:de:b4:6e:67:bd:aa:1d:09:44:88:ba:99:74:ba:dc:60:
         ad:ae:0d:7f:6b:47:8f:1e:fa:cc:5c:bb:80:38:8c:84:f4:94:
         80:a8:a4:c9:40:8b:af:ba:04:76:74:8a:7c:04:82:8f:92:f3:
         67:6e:60:75:e0:42:c9:af:a0:0d:83:eb:a9:29:40:fa:2c:41:
         b2:6d:64:bf:f3:54:6e:39:34:0b:ac:f0:11:82:ec:24:9e:22:
         66:2d:49:96:bd:57:bf:4d:02:1a:36:79:96:2b:bc:2b:37:53:
         a5:68:e6:ca:35:06:c9:b2:74:b3:e3:ad:63:8a:76:1d:8b:48:
         9d:af:22:a6:68:46:05:b6:a5:f9:6a:a1:88:25:d6:1a:57:07:
         0c:b3:17:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou8wNv8i0cE5LY7OXVlERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMDMxMTZhNTA2M2NlNmYxN2ZjZWE1MzUxYzlkZTRhMGM2
OGIwZGQwHhcNMjYwMzI2MDYwMTI5WhcNMjYwMzI3MDYwMTI5WjAzMTEwLwYDVQQD
EyhkNmY3OTNkM2RhODhmNDgxM2JkNzMzMTNlYzg1MTJhNTgwNTBiNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoHVtEgvMUPxUFfh3zGUChfoi5kf
SaBMrnyr9PPY1EICxMwtzsdPDV6j2gkmkH/Wrk/zkbw9mV8KePxwhKRLie6/I0hK
N59YvlDMVPMK72g/C8tUA7frHAMgssGx9hcr95lxJldmCFZn14Xh9mHvdwkx8xsj
vyn89proS7Pbm4UFJOFIARKOLrqwJat8oGmFNKF11hWAuvVoekiQz+tJrRmo/01l
caTTiAmAVuyaaIkd6OA7iS3lzvcK+Npfjk/WC427Uj/5zlqoxrhpFXnqea4GiQqe
ZowpUFK2DcktkcrswCSU8XwFA0Jk8oaxV0Hfe9q5ZHMTVmDJW60RT+gPOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNb3k9PaiPSBO9czE+yFEqWAULVoMB8GA1UdIwQY
MBaAFHwDEWpQY85vF/zqU1HJ3koMaLDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQt
ODkxYjQ1NWMyYzUzLzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQtODkxYjQ1NWMyYzUz
LzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfuk6ZAp
yjsp3EAV4p2CBxWMeQDzrpzp/it7oPY/a3ckyVTJklhv+s707WAAMaDI+hgjJ5Wf
zq7dlLlVBTyZmhEb4jaOujfXPMxX41WYlGmUaM9zCTgEK+AiyRav/a/UxXIjUXkD
gqLHJn5hNXvetG5nvaodCUSIupl0utxgra4Nf2tHjx76zFy7gDiMhPSUgKikyUCL
r7oEdnSKfASCj5LzZ25gdeBCya+gDYPrqSlA+ixBsm1kv/NUbjk0C6zwEYLsJJ4i
Zi1Jlr1Xv00CGjZ5liu8KzdTpWjmyjUGybJ0s+OtY4p2HYtIna8ipmhGBbal+Wqh
iCXWGlcHDLMXEg==
-----END CERTIFICATE-----