Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
File:                     3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json)
Hash identifier:          XSX5It624j81UJ4uMXH/8iBeJLIohXz2GgLGEOYbkZ8=
Subject key identifier:   B3:93:C7:28:D1:BF:CE:95:8F:9C:D1:B0:43:6A:C6:BD:E1:E8:DD:0C
Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56
Certificate issuer:       /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
Certificate serial:       019D28BB27AC52C454748C68ACB520951EE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
Manifest number:          0B32
Signing time:             Thu 26 Mar 2026 06:00:47 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:47 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:47 +0000
Files and hashes:         1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: NgPwG3UZuG5AI5RMxALqZLvyjgGrCVHsU1v8ksvqg/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:27:ac:52:c4:54:74:8c:68:ac:b5:20:95:1e:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
        Validity
            Not Before: Mar 26 06:00:47 2026 GMT
            Not After : Mar 27 06:00:47 2026 GMT
        Subject: CN=b393c728d1bfce958f9cd1b0436ac6bde1e8dd0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:99:99:30:2c:71:92:ce:d6:73:90:0f:a6:89:
                    7b:ac:e3:d3:9b:f9:87:02:f8:b3:aa:ef:2e:4b:b3:
                    63:15:1a:33:55:a9:6b:fd:9e:00:ee:8f:e9:dd:df:
                    95:dd:77:43:1e:89:4c:24:18:ba:54:ff:39:27:a2:
                    be:75:45:a0:bd:fe:b6:ec:a6:41:38:4a:a9:42:2b:
                    cd:ba:a6:f0:8f:43:a7:cf:b6:a5:59:37:ab:a5:8d:
                    70:d8:bf:52:1c:77:49:27:ae:db:2e:d6:f9:cc:0c:
                    45:e4:c9:65:df:5b:b3:d8:b9:da:32:3b:92:b4:42:
                    96:4e:94:c9:f4:cb:d5:ad:6e:58:cd:e8:8c:6b:5f:
                    e0:b6:7f:55:3e:3d:a6:ef:5a:45:9c:34:97:d6:d8:
                    9b:3e:1c:e3:fc:ba:6d:3a:b2:e4:0e:e0:e9:87:83:
                    91:81:32:db:b5:4d:7e:1b:3b:dc:fa:90:9a:bb:bf:
                    42:b4:30:28:6c:9d:f8:37:33:15:9a:85:7a:c2:21:
                    bf:b9:c2:3e:50:d0:17:b0:34:cd:00:d6:e6:bf:54:
                    ab:65:b6:eb:c0:32:ea:20:74:e2:92:d2:dd:40:12:
                    06:aa:1c:1f:8c:4d:ae:76:5d:58:9a:26:34:78:1c:
                    4d:30:a5:c3:a1:15:f7:01:29:8f:93:5d:b9:77:07:
                    36:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:93:C7:28:D1:BF:CE:95:8F:9C:D1:B0:43:6A:C6:BD:E1:E8:DD:0C
            X509v3 Authority Key Identifier:
                keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:4c:e1:95:81:67:92:d6:31:c6:22:ac:7a:55:ef:b6:4d:34:
         f0:f5:43:7a:b1:29:99:a5:67:a3:12:f0:6c:fc:b7:4e:3c:95:
         f4:ed:e8:3c:55:ae:68:b2:80:5c:7b:03:c4:6d:9d:d2:16:d9:
         d9:36:fc:f0:28:27:68:9c:d3:64:64:c1:33:19:31:80:8a:45:
         a8:dc:ff:17:fd:d5:a5:4e:b1:c1:48:2c:99:34:09:69:06:6d:
         ce:b1:40:44:b3:a3:c1:23:27:73:fc:85:c9:84:28:c9:5c:3b:
         ec:4f:43:5c:0f:08:43:3b:93:57:25:89:19:ab:a5:36:0a:75:
         ce:2c:10:e6:28:d7:84:b6:40:b7:96:48:a2:25:38:2f:65:d0:
         6f:db:72:b6:73:c1:ce:7a:cc:48:f6:af:06:26:1e:03:92:97:
         4b:6d:f4:14:8c:9f:cd:00:28:8f:bc:ab:b9:f5:5b:e5:86:8f:
         f9:a2:2a:3c:50:7f:ff:cd:bc:c1:16:87:44:81:77:55:e6:9f:
         57:97:8d:01:aa:b9:cc:51:75:16:d6:16:54:d6:16:dd:80:ba:
         99:0e:07:5c:e1:4d:ba:dc:95:80:52:c2:7c:af:17:cf:08:a4:
         25:54:16:e7:e8:eb:13:16:49:0c:99:6e:53:80:cd:6d:51:f3:
         d9:9e:1a:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouyesUsRUdIxorLUglR7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi
MWQwNTYwHhcNMjYwMzI2MDYwMDQ3WhcNMjYwMzI3MDYwMDQ3WjAzMTEwLwYDVQQD
EyhiMzkzYzcyOGQxYmZjZTk1OGY5Y2QxYjA0MzZhYzZiZGUxZThkZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZmZMCxxks7Wc5APpol7rOPTm/mH
Avizqu8uS7NjFRozValr/Z4A7o/p3d+V3XdDHolMJBi6VP85J6K+dUWgvf627KZB
OEqpQivNuqbwj0Onz7alWTerpY1w2L9SHHdJJ67bLtb5zAxF5Mll31uz2LnaMjuS
tEKWTpTJ9MvVrW5YzeiMa1/gtn9VPj2m71pFnDSX1tibPhzj/LptOrLkDuDph4OR
gTLbtU1+Gzvc+pCau79CtDAobJ34NzMVmoV6wiG/ucI+UNAXsDTNANbmv1SrZbbr
wDLqIHTiktLdQBIGqhwfjE2udl1YmiY0eBxNMKXDoRX3ASmPk125dwc2CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOTxyjRv86Vj5zRsENqxr3h6N0MMB8GA1UdIwQY
MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It
NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk
LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEzhlYFn
ktYxxiKselXvtk008PVDerEpmaVnoxLwbPy3TjyV9O3oPFWuaLKAXHsDxG2d0hbZ
2Tb88CgnaJzTZGTBMxkxgIpFqNz/F/3VpU6xwUgsmTQJaQZtzrFARLOjwSMnc/yF
yYQoyVw77E9DXA8IQzuTVyWJGaulNgp1ziwQ5ijXhLZAt5ZIoiU4L2XQb9tytnPB
znrMSPavBiYeA5KXS230FIyfzQAoj7yrufVb5YaP+aIqPFB//828wRaHRIF3Veaf
V5eNAaq5zFF1FtYWVNYW3YC6mQ4HXOFNutyVgFLCfK8XzwikJVQW5+jrExZJDJlu
U4DNbVHz2Z4aEQ==
-----END CERTIFICATE-----