Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          nwjIthbH8JWCnlwS7pMF4OrbUDhYGWbUnCACAORzCJI=
Subject key identifier:   D9:CB:C5:2E:81:6E:AC:1B:E7:C8:A4:24:01:87:7E:A0:4E:60:71:42
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       019D273A9A0411FB238BB0A6879109372CC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          071A
Signing time:             Wed 25 Mar 2026 23:00:45 +0000
Manifest this update:     Wed 25 Mar 2026 23:00:45 +0000
Manifest next update:     Thu 26 Mar 2026 23:00:45 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: ltcF6izzk3Jtw6DOgj430PvsnKb0Eqxe8xXej8wf9Io=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3a:9a:04:11:fb:23:8b:b0:a6:87:91:09:37:2c:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Mar 25 23:00:45 2026 GMT
            Not After : Mar 26 23:00:45 2026 GMT
        Subject: CN=d9cbc52e816eac1be7c8a42401877ea04e607142
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f6:d9:a3:64:5c:b2:96:67:da:a9:b8:92:3d:
                    03:7f:8d:99:d3:ec:19:bb:7a:d3:9a:0f:ee:ac:2b:
                    5d:7e:c9:b4:d9:84:11:f0:ec:6d:70:92:70:06:c0:
                    ae:80:ca:b3:12:75:e0:a1:59:fd:2f:81:0b:11:a5:
                    67:81:59:a8:98:58:56:2b:19:65:75:10:a4:ea:75:
                    7f:c3:58:92:4c:fc:28:23:66:49:da:ff:84:48:78:
                    cf:a2:73:0d:d2:00:f4:37:ca:78:9e:d1:03:db:ca:
                    1e:dd:e2:b6:9f:d3:d9:8d:26:f2:ef:98:bb:e8:dd:
                    53:12:68:75:2d:fa:3d:45:a1:a9:75:35:57:55:da:
                    d5:2c:9c:d1:dc:09:ce:65:73:12:81:21:39:7b:99:
                    7f:dd:c0:ef:24:21:17:4a:11:86:28:38:d3:4f:c9:
                    54:9f:54:08:7c:17:03:5f:29:0e:e5:f2:a0:27:8b:
                    e4:24:4d:50:45:b4:fd:3c:d6:39:bf:74:d1:63:c5:
                    1e:95:d7:4f:85:f8:4f:47:3a:6a:6b:1d:66:3b:94:
                    16:87:af:97:b1:6e:f2:6a:4e:f5:4b:32:cb:ee:dc:
                    fc:58:3b:dc:31:29:71:ae:4b:96:0d:8c:84:3e:4a:
                    14:b2:e8:6b:35:6c:dc:2f:db:0f:a0:50:bc:9b:cf:
                    c3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:CB:C5:2E:81:6E:AC:1B:E7:C8:A4:24:01:87:7E:A0:4E:60:71:42
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:b3:12:f2:63:0b:47:53:27:f7:7f:7f:70:66:26:a1:dd:39:
         80:2e:13:e4:df:e2:25:90:1b:5d:00:46:f5:2e:a7:44:56:ae:
         42:65:44:b8:c0:2d:0f:d2:39:3c:78:93:64:21:41:76:90:b5:
         5a:d3:fc:8e:6e:31:db:29:f7:30:5d:42:97:f6:df:a0:57:db:
         1d:d9:e5:74:13:69:ab:5f:cd:e4:8c:41:11:e9:a4:54:a0:26:
         a3:35:e1:b8:b8:f8:9e:35:01:f7:d8:ae:7a:18:11:0d:91:be:
         00:99:29:8e:33:07:eb:ff:79:9d:0b:51:a5:32:07:0c:98:39:
         ee:ca:1a:59:e8:27:eb:43:ae:e3:22:04:60:4e:f6:62:70:01:
         6d:a1:75:97:8e:db:9a:c2:60:33:be:69:3f:26:e8:9e:76:61:
         bd:ac:f9:6a:bb:db:84:90:a6:52:52:36:55:34:b2:e2:84:39:
         4b:04:eb:e3:0a:3f:5a:8e:35:b5:7c:e5:d9:5a:58:41:a8:4a:
         a0:55:8b:d5:69:82:be:0b:0e:9f:4f:79:4c:80:c1:57:bc:55:
         92:3c:9d:17:6e:c1:dc:76:29:32:f8:f9:ce:4e:aa:a5:57:e9:
         cc:8e:83:3c:7e:15:e3:e1:b1:75:17:b9:61:36:8f:54:a4:1b:
         be:3d:37:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOpoEEfsji7Cmh5EJNyzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjYwMzI1MjMwMDQ1WhcNMjYwMzI2MjMwMDQ1WjAzMTEwLwYDVQQD
EyhkOWNiYzUyZTgxNmVhYzFiZTdjOGE0MjQwMTg3N2VhMDRlNjA3MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfbZo2RcspZn2qm4kj0Df42Z0+wZ
u3rTmg/urCtdfsm02YQR8OxtcJJwBsCugMqzEnXgoVn9L4ELEaVngVmomFhWKxll
dRCk6nV/w1iSTPwoI2ZJ2v+ESHjPonMN0gD0N8p4ntED28oe3eK2n9PZjSby75i7
6N1TEmh1Lfo9RaGpdTVXVdrVLJzR3AnOZXMSgSE5e5l/3cDvJCEXShGGKDjTT8lU
n1QIfBcDXykO5fKgJ4vkJE1QRbT9PNY5v3TRY8UelddPhfhPRzpqax1mO5QWh6+X
sW7yak71SzLL7tz8WDvcMSlxrkuWDYyEPkoUsuhrNWzcL9sPoFC8m8/DcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnLxS6Bbqwb58ikJAGHfqBOYHFCMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdrMS8mML
R1Mn939/cGYmod05gC4T5N/iJZAbXQBG9S6nRFauQmVEuMAtD9I5PHiTZCFBdpC1
WtP8jm4x2yn3MF1Cl/bfoFfbHdnldBNpq1/N5IxBEemkVKAmozXhuLj4njUB99iu
ehgRDZG+AJkpjjMH6/95nQtRpTIHDJg57soaWegn60Ou4yIEYE72YnABbaF1l47b
msJgM75pPybonnZhvaz5arvbhJCmUlI2VTSy4oQ5SwTr4wo/Wo41tXzl2VpYQahK
oFWL1WmCvgsOn095TIDBV7xVkjydF27B3HYpMvj5zk6qpVfpzI6DPH4V4+GxdRe5
YTaPVKQbvj03tw==
-----END CERTIFICATE-----