Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          k1NOFeZ2LPzpNLgnj5878A0hEyPMuoO5ydhZDAoJmtI=
Subject key identifier:   AC:DB:F6:9D:0F:91:A2:14:11:ED:8A:FA:64:33:F2:A2:8B:10:CB:43
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019D2703FF99E48CE49AA62F1FBD48EB30F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          09AC
Signing time:             Wed 25 Mar 2026 22:01:06 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:06 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:06 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: 9P2u3qZPm+I2VARzBdrtx5xkBmvOunZlhJG57fFXI9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ff:99:e4:8c:e4:9a:a6:2f:1f:bd:48:eb:30:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Mar 25 22:01:06 2026 GMT
            Not After : Mar 26 22:01:06 2026 GMT
        Subject: CN=acdbf69d0f91a21411ed8afa6433f2a28b10cb43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:e5:cd:d8:9e:49:78:f8:18:29:47:a7:c1:3b:
                    a2:98:44:22:af:34:68:f1:3a:21:f8:43:2c:df:59:
                    16:e9:a2:6b:e0:24:84:ca:5e:7f:c0:7f:d3:a4:89:
                    cc:74:38:96:f1:aa:ef:d4:28:ae:ec:51:e9:4c:9b:
                    2c:ed:04:c3:fd:14:64:54:d2:43:5c:44:98:0d:6d:
                    da:42:74:01:a6:3b:b9:8b:bd:47:2f:47:e8:41:2a:
                    e3:50:fc:fb:20:7e:f6:fb:a2:59:b5:27:b1:72:0b:
                    b9:7f:f7:6e:99:4a:ff:2d:ac:2f:ff:58:87:0e:68:
                    c7:5d:87:84:15:8d:5a:6d:06:68:78:fb:f9:d7:48:
                    9d:8c:1c:dd:04:30:be:e6:96:20:66:15:2c:b9:9d:
                    40:61:00:7e:cc:8a:90:80:37:cd:68:0d:db:1e:cb:
                    33:bb:6f:7b:a4:8e:8f:16:2d:6e:a9:24:5e:85:83:
                    e3:93:71:df:03:4b:90:b5:0a:f8:58:47:58:89:c3:
                    21:1e:b2:c4:30:0c:bf:95:47:fc:2f:29:cc:ed:42:
                    41:e4:65:40:47:ec:dc:41:5d:13:8e:09:be:e0:28:
                    16:10:0c:3d:98:d8:45:e5:b0:bc:fd:7d:53:29:35:
                    ae:cc:2b:d2:f3:38:ca:91:64:cc:40:41:38:d9:be:
                    d9:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:DB:F6:9D:0F:91:A2:14:11:ED:8A:FA:64:33:F2:A2:8B:10:CB:43
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:5c:45:82:a9:62:84:61:10:58:d5:92:92:e9:ca:71:81:f9:
         01:42:2f:d9:00:51:d8:0e:9f:b7:59:ec:c3:87:44:0b:0b:0f:
         0d:72:c6:f9:b9:0f:1a:4e:81:f1:ce:1d:77:1d:aa:a2:88:3f:
         25:d3:f6:c1:ac:a6:72:2e:99:5b:cb:ec:13:36:37:50:51:b0:
         bf:37:58:2b:f6:75:bd:42:f7:ff:57:7a:af:20:39:a9:c9:ec:
         bc:78:a2:d1:02:6f:7d:0e:0e:ff:20:ad:54:d8:32:c2:a0:66:
         43:76:9e:10:7e:b3:a6:b7:b6:00:1e:d7:b9:d4:de:ff:98:82:
         05:4a:b2:ca:69:5e:31:14:41:ad:91:b7:fc:23:51:9f:a1:bf:
         da:5d:06:ae:66:84:22:51:5a:64:c3:f0:e8:ab:25:56:29:fe:
         66:73:37:98:0b:f7:87:9f:64:55:b8:9a:22:f9:69:c5:02:93:
         12:99:c8:a8:cd:ef:0f:6b:c6:74:69:84:59:f7:28:9e:29:55:
         d0:55:da:cc:72:03:f5:51:ed:63:5d:51:bb:74:44:44:bc:ea:
         4a:99:7c:c9:1b:81:50:61:2d:8b:e2:26:47:42:45:42:27:06:
         ab:b6:35:c1:5e:54:c5:3d:d2:d0:7b:6e:05:72:3f:31:90:38:
         15:20:ee:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/+Z5IzkmqYvH71I6zDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwMzI1MjIwMTA2WhcNMjYwMzI2MjIwMTA2WjAzMTEwLwYDVQQD
EyhhY2RiZjY5ZDBmOTFhMjE0MTFlZDhhZmE2NDMzZjJhMjhiMTBjYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uXN2J5JePgYKUenwTuimEQirzRo
8Toh+EMs31kW6aJr4CSEyl5/wH/TpInMdDiW8arv1Ciu7FHpTJss7QTD/RRkVNJD
XESYDW3aQnQBpju5i71HL0foQSrjUPz7IH72+6JZtSexcgu5f/dumUr/Lawv/1iH
DmjHXYeEFY1abQZoePv510idjBzdBDC+5pYgZhUsuZ1AYQB+zIqQgDfNaA3bHssz
u297pI6PFi1uqSRehYPjk3HfA0uQtQr4WEdYicMhHrLEMAy/lUf8LynM7UJB5GVA
R+zcQV0Tjgm+4CgWEAw9mNhF5bC8/X1TKTWuzCvS8zjKkWTMQEE42b7ZPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzb9p0PkaIUEe2K+mQz8qKLEMtDMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAVxFgqli
hGEQWNWSkunKcYH5AUIv2QBR2A6ft1nsw4dECwsPDXLG+bkPGk6B8c4ddx2qoog/
JdP2waymci6ZW8vsEzY3UFGwvzdYK/Z1vUL3/1d6ryA5qcnsvHii0QJvfQ4O/yCt
VNgywqBmQ3aeEH6zpre2AB7XudTe/5iCBUqyymleMRRBrZG3/CNRn6G/2l0GrmaE
IlFaZMPw6KslVin+ZnM3mAv3h59kVbiaIvlpxQKTEpnIqM3vD2vGdGmEWfconilV
0FXazHID9VHtY11Ru3RERLzqSpl8yRuBUGEti+ImR0JFQicGq7Y1wV5UxT3S0Htu
BXI/MZA4FSDukg==
-----END CERTIFICATE-----