Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          RhPGR2ceAlGOSJ/iAxU8s/+D+XihMPNy4tfbjsy3nEc=
Subject key identifier:   AF:AF:A6:6B:E3:44:F8:86:B0:08:31:1A:FF:B2:95:8D:42:D1:88:4B
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       019D2AE048E9CAED40135BC741E5D1154D6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 16:00:34 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:34 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:34 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: 3iUracu8Q4yz95wCUS4uSnwrkFedf5rQQHo77elVtyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:48:e9:ca:ed:40:13:5b:c7:41:e5:d1:15:4d:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Mar 26 16:00:34 2026 GMT
            Not After : Mar 27 16:00:34 2026 GMT
        Subject: CN=afafa66be344f886b008311affb2958d42d1884b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c7:2e:be:6a:5c:7f:61:5e:69:70:a9:dd:95:
                    e2:af:0f:62:4a:d9:52:57:f0:0b:0a:6d:53:34:45:
                    94:d6:5c:68:c7:cf:96:5f:91:f2:84:c5:6f:a0:d9:
                    b5:7e:98:f4:53:86:27:a7:cc:90:02:2d:93:0f:9f:
                    95:c7:d1:e8:7b:f4:98:f3:31:ae:68:64:c6:6f:14:
                    45:31:2f:67:b1:6e:13:5e:62:6c:0b:ad:cf:34:78:
                    4f:3e:22:8d:c5:14:0e:85:39:49:d6:11:a6:ec:e4:
                    1a:a0:15:c0:ab:1d:6b:17:f6:c9:c3:71:3b:bd:1d:
                    49:6f:1d:6c:fb:e5:ff:54:e4:ea:6c:be:de:3b:96:
                    b8:41:cb:5b:0b:71:7d:4c:42:b3:a3:18:85:ba:35:
                    d6:e7:83:75:16:1e:c0:a9:4b:fd:bb:61:c3:5a:3c:
                    77:3f:ae:2e:e1:e9:11:e5:af:ad:3b:28:34:c9:cc:
                    32:c7:82:d0:5c:16:ab:d9:30:86:48:54:d7:89:ff:
                    9b:f9:4d:14:51:19:f0:93:a0:d5:b5:22:52:6c:db:
                    9b:9c:a9:df:ff:7a:ef:17:a0:3f:6d:40:3e:12:f8:
                    f3:99:bc:8d:30:e5:cf:9a:fb:96:d4:2e:c1:62:da:
                    32:05:bb:a2:9f:30:b5:0c:d5:63:94:b2:ed:24:e2:
                    cb:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:AF:A6:6B:E3:44:F8:86:B0:08:31:1A:FF:B2:95:8D:42:D1:88:4B
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ef:7e:6e:d7:e2:35:8b:23:64:06:2c:6a:65:e1:7b:19:00:3c:
         4c:92:a8:d1:4c:3c:80:23:1e:2c:8e:81:66:82:d4:c7:b8:d1:
         24:c2:38:4a:d0:85:73:c8:3f:43:cd:c7:6c:b7:97:f0:b1:ba:
         52:ee:c2:54:a0:e4:c0:57:55:bd:d9:de:e2:a0:1b:99:40:d0:
         08:5e:70:a8:0a:af:f8:41:ec:4d:69:60:15:00:38:cf:72:04:
         d6:12:4e:49:63:64:cd:cd:fd:5c:ce:47:3f:2d:48:f9:d1:37:
         bd:81:27:73:c9:26:6c:39:0c:73:a8:0c:0e:d5:29:87:a0:a7:
         09:45:9f:bd:75:46:4a:20:28:b3:1d:44:84:83:5d:b0:1d:9c:
         8f:3f:c0:4f:3a:a6:9b:26:a0:87:79:c3:00:b2:00:20:d7:0c:
         15:e8:30:18:39:67:85:c1:60:d8:ed:09:b8:73:2a:f3:3a:ba:
         2d:c0:4e:72:e6:66:cd:88:53:2f:ec:55:f6:ed:b9:e9:7f:78:
         6d:dc:ff:67:a1:58:12:9a:00:ca:3f:31:0d:45:eb:25:ae:c3:
         de:f9:3b:62:58:a9:d7:ea:a0:1a:5a:e5:2b:bb:ba:db:85:3f:
         e9:1f:f6:96:a7:72:9d:81:e7:13:c1:7f:4a:c4:4d:fb:c2:ae:
         02:59:47:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4Ejpyu1AE1vHQeXRFU1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjYwMzI2MTYwMDM0WhcNMjYwMzI3MTYwMDM0WjAzMTEwLwYDVQQD
EyhhZmFmYTY2YmUzNDRmODg2YjAwODMxMWFmZmIyOTU4ZDQyZDE4ODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtccuvmpcf2FeaXCp3ZXirw9iStlS
V/ALCm1TNEWU1lxox8+WX5HyhMVvoNm1fpj0U4Ynp8yQAi2TD5+Vx9Hoe/SY8zGu
aGTGbxRFMS9nsW4TXmJsC63PNHhPPiKNxRQOhTlJ1hGm7OQaoBXAqx1rF/bJw3E7
vR1Jbx1s++X/VOTqbL7eO5a4QctbC3F9TEKzoxiFujXW54N1Fh7AqUv9u2HDWjx3
P64u4ekR5a+tOyg0ycwyx4LQXBar2TCGSFTXif+b+U0UURnwk6DVtSJSbNubnKnf
/3rvF6A/bUA+EvjzmbyNMOXPmvuW1C7BYtoyBbuinzC1DNVjlLLtJOLL5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+vpmvjRPiGsAgxGv+ylY1C0YhLMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA735u1+I1
iyNkBixqZeF7GQA8TJKo0Uw8gCMeLI6BZoLUx7jRJMI4StCFc8g/Q83HbLeX8LG6
Uu7CVKDkwFdVvdne4qAbmUDQCF5wqAqv+EHsTWlgFQA4z3IE1hJOSWNkzc39XM5H
Py1I+dE3vYEnc8kmbDkMc6gMDtUph6CnCUWfvXVGSiAosx1EhINdsB2cjz/ATzqm
myagh3nDALIAINcMFegwGDlnhcFg2O0JuHMq8zq6LcBOcuZmzYhTL+xV9u256X94
bdz/Z6FYEpoAyj8xDUXrJa7D3vk7Ylip1+qgGlrlK7u624U/6R/2lqdynYHnE8F/
SsRN+8KuAllHqg==
-----END CERTIFICATE-----