Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          3ugHa2RYA4KiOe+6MMxcLCmRgZk5RrNgnqhu+WXf81k=
Subject key identifier:   51:37:3D:D0:4E:C6:3F:75:97:CB:44:22:0A:B9:34:D2:87:92:1C:7A
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       019D284E7F95D7DC80B7EA02ACF4D4000A78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          080B
Signing time:             Thu 26 Mar 2026 04:02:06 +0000
Manifest this update:     Thu 26 Mar 2026 04:02:06 +0000
Manifest next update:     Fri 27 Mar 2026 04:02:06 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: SFJ11D5jWO7pw+gyH2TPxAFgWN6F9vq64nhQ0yDhxuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:7f:95:d7:dc:80:b7:ea:02:ac:f4:d4:00:0a:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: Mar 26 04:02:06 2026 GMT
            Not After : Mar 27 04:02:06 2026 GMT
        Subject: CN=51373dd04ec63f7597cb44220ab934d287921c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:5f:67:45:42:c1:a3:7e:9f:ba:dd:fe:7b:4f:
                    6d:86:db:bb:38:c1:a3:2f:0f:2f:c1:5c:17:f5:54:
                    ff:9d:c3:71:f2:ff:52:68:66:66:ea:86:3f:d5:e3:
                    e6:98:fa:7e:4d:01:8c:21:29:a0:85:01:5c:b1:b5:
                    ce:4d:9b:a1:49:8d:56:cc:b7:57:95:31:18:63:a6:
                    ad:f0:4e:c5:74:86:a8:76:08:17:67:cb:55:96:c2:
                    9c:8a:80:03:5c:a9:22:65:35:51:a7:b2:9f:14:ee:
                    2a:3a:d9:2e:dc:40:3f:bf:da:ea:e6:43:ab:b1:b9:
                    62:ec:eb:e9:35:93:17:f4:1f:0d:0b:b5:da:ef:8d:
                    75:04:43:f3:4e:f0:41:b0:f3:38:c4:cf:d6:5d:20:
                    13:e2:71:31:24:b7:33:7d:ef:8b:33:7f:65:ee:ac:
                    9d:7a:53:38:8a:79:3c:ef:9a:a6:03:74:dd:8c:a6:
                    c7:8e:dd:37:a3:19:b2:8f:43:92:a8:1d:bc:3a:98:
                    06:69:bc:e5:e6:65:84:a5:71:0c:22:90:b4:b4:79:
                    10:4e:b3:7a:14:c5:b6:41:58:e6:19:83:e7:f3:8e:
                    8a:01:9a:34:a1:c1:0c:a6:99:cb:78:0e:c1:82:3c:
                    7b:ec:79:5d:4c:78:4f:21:67:d0:60:59:74:d9:12:
                    fa:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:37:3D:D0:4E:C6:3F:75:97:CB:44:22:0A:B9:34:D2:87:92:1C:7A
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:f4:50:e2:04:f1:46:fe:42:cf:64:93:b9:65:12:63:57:55:
         cc:6a:47:44:c1:a8:fe:14:97:70:f9:e5:41:cb:fe:8c:5c:0a:
         a4:8f:2d:2f:10:cc:da:7a:d1:0a:c2:9b:dc:27:2f:85:e3:ce:
         46:13:1b:87:3b:ff:84:55:85:97:f8:9c:41:48:26:8c:58:66:
         ce:af:22:60:9a:3a:9f:31:f7:8b:26:4e:70:b7:79:e0:0c:94:
         f0:2b:b1:a2:5a:c0:64:c4:79:01:ff:9b:fc:0a:e4:8e:a5:df:
         bf:34:9e:34:46:39:63:48:8f:78:0d:37:c0:1a:7d:a2:0c:9f:
         9b:23:97:7e:1d:60:38:25:16:d3:b5:79:5c:05:b9:a1:32:3f:
         af:57:03:c8:8e:ed:85:cc:e9:6f:10:5c:bb:3e:53:8a:b6:97:
         83:1a:cd:35:ce:d4:02:6d:72:f5:7c:7c:96:84:58:77:22:5d:
         da:6d:9d:1f:f3:ef:01:b0:a3:8b:0a:56:6c:c0:84:c1:e6:a6:
         f8:a7:eb:f0:2c:3b:af:9f:8d:aa:72:e8:6e:19:b5:6b:28:2a:
         e0:de:83:ef:95:ae:32:28:ec:d4:f0:d9:7b:2b:98:f9:55:d2:
         5f:5e:2f:64:84:00:01:e6:55:5e:b4:a2:61:f7:97:76:c7:78:
         b7:da:e5:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTn+V19yAt+oCrPTUAAp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjYwMzI2MDQwMjA2WhcNMjYwMzI3MDQwMjA2WjAzMTEwLwYDVQQD
Eyg1MTM3M2RkMDRlYzYzZjc1OTdjYjQ0MjIwYWI5MzRkMjg3OTIxYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6l9nRULBo36fut3+e09thtu7OMGj
Lw8vwVwX9VT/ncNx8v9SaGZm6oY/1ePmmPp+TQGMISmghQFcsbXOTZuhSY1WzLdX
lTEYY6at8E7FdIaodggXZ8tVlsKcioADXKkiZTVRp7KfFO4qOtku3EA/v9rq5kOr
sbli7OvpNZMX9B8NC7Xa7411BEPzTvBBsPM4xM/WXSAT4nExJLczfe+LM39l7qyd
elM4ink875qmA3TdjKbHjt03oxmyj0OSqB28OpgGabzl5mWEpXEMIpC0tHkQTrN6
FMW2QVjmGYPn846KAZo0ocEMppnLeA7Bgjx77HldTHhPIWfQYFl02RL6RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFE3PdBOxj91l8tEIgq5NNKHkhx6MB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASPRQ4gTx
Rv5Cz2STuWUSY1dVzGpHRMGo/hSXcPnlQcv+jFwKpI8tLxDM2nrRCsKb3CcvhePO
RhMbhzv/hFWFl/icQUgmjFhmzq8iYJo6nzH3iyZOcLd54AyU8CuxolrAZMR5Af+b
/ArkjqXfvzSeNEY5Y0iPeA03wBp9ogyfmyOXfh1gOCUW07V5XAW5oTI/r1cDyI7t
hczpbxBcuz5TiraXgxrNNc7UAm1y9Xx8loRYdyJd2m2dH/PvAbCjiwpWbMCEweam
+Kfr8Cw7r5+NqnLobhm1aygq4N6D75WuMijs1PDZeyuY+VXSX14vZIQAAeZVXrSi
YfeXdsd4t9rleA==
-----END CERTIFICATE-----