Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          vNWulr6kai/xBz2/mrTlcjAVmFuMzIknBKul5hwtMZw=
Subject key identifier:   92:B3:4C:52:2F:26:47:54:DB:81:48:07:B9:AE:0D:22:5E:21:7F:0A
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       019D2A04CE15F81C5147DF4CC2B28BAACBB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          03EE
Signing time:             Thu 26 Mar 2026 12:00:50 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:50 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:50 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: VvWG2vl883DgYIISTFkZYckJXzaCHxhNKtlJfpS5CK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:ce:15:f8:1c:51:47:df:4c:c2:b2:8b:aa:cb:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: Mar 26 12:00:50 2026 GMT
            Not After : Mar 27 12:00:50 2026 GMT
        Subject: CN=92b34c522f264754db814807b9ae0d225e217f0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:64:67:d0:e1:3e:83:0d:ac:f5:88:b8:57:73:
                    6c:58:31:30:26:37:db:9d:bb:d8:a0:a7:4c:f6:8d:
                    76:9c:07:7f:24:6e:8a:f7:5e:4a:8f:ed:71:62:94:
                    76:00:57:d6:75:c8:13:f9:e6:78:5b:88:7e:e1:a3:
                    99:39:ef:f6:6a:6a:e3:1a:81:4c:37:bc:12:ed:9a:
                    71:39:31:83:85:06:51:4b:d0:0f:2b:8c:6f:13:fb:
                    fd:c8:7d:48:46:24:c4:df:3e:ba:cc:cb:50:d0:52:
                    22:22:e6:d0:a4:21:b3:73:97:80:35:f3:5c:ac:7a:
                    79:11:62:4e:96:9a:93:0c:c3:28:74:4b:3c:57:ac:
                    4f:49:bb:39:1c:0f:81:dd:7b:27:6b:cd:60:75:bb:
                    0c:5b:bf:7c:d6:20:09:64:1e:6b:42:79:d9:6b:a8:
                    4c:e0:ce:ab:77:6a:65:f3:1e:f2:f5:b1:6b:9e:23:
                    10:0d:51:23:f7:b1:f5:d5:99:e5:e5:21:af:51:ff:
                    cc:fb:e1:2b:ba:79:2a:15:04:65:22:77:d6:2f:73:
                    59:b9:4c:9b:46:36:35:a0:bd:1a:26:33:40:aa:18:
                    85:42:9b:e6:c2:a6:16:8c:f6:89:3f:7b:07:fe:e9:
                    16:73:66:53:71:20:c2:c8:ae:d8:b2:be:76:46:f5:
                    4b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B3:4C:52:2F:26:47:54:DB:81:48:07:B9:AE:0D:22:5E:21:7F:0A
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:db:10:30:78:32:3f:5f:90:c6:13:ec:57:c4:ec:9f:8f:c7:
         60:b7:50:8c:c0:4e:0e:94:2b:59:18:b4:08:0b:39:97:28:bf:
         a7:ed:c4:0b:ce:53:aa:7e:6f:b1:2f:8d:92:87:60:14:19:ea:
         1a:e0:da:19:19:01:86:bc:ab:52:0e:8e:62:09:de:49:12:a4:
         99:e2:32:cd:0b:ff:16:b7:8c:53:38:7a:ce:3b:92:ec:e1:5d:
         a4:e4:17:18:1c:f4:bd:a8:d6:73:7e:42:f9:26:29:3b:a7:f6:
         db:64:ce:80:2b:b4:5b:b9:30:dc:d4:7b:01:c2:37:70:fc:41:
         f3:0c:16:1f:02:dc:0c:71:84:d9:50:26:c4:4d:0e:66:c1:94:
         86:10:c1:28:44:c7:4f:8e:23:61:af:53:de:79:55:16:a6:d7:
         9d:06:98:23:6e:a9:65:3a:d9:5a:29:e0:6d:e5:62:7f:23:2c:
         72:3f:9b:e0:8d:f9:d6:ae:2f:7c:20:cb:26:01:bb:66:f7:c2:
         b1:86:fd:3e:98:f9:34:56:57:47:3b:73:48:d5:d0:6d:e4:b1:
         06:f3:de:da:3d:9b:6d:b8:33:f9:85:80:c1:cd:6f:6a:0c:cb:
         fa:29:0e:5f:83:76:6a:5f:cc:05:90:d7:ad:1b:e9:14:53:7d:
         aa:b9:51:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBM4V+BxRR99MwrKLqsu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjYwMzI2MTIwMDUwWhcNMjYwMzI3MTIwMDUwWjAzMTEwLwYDVQQD
Eyg5MmIzNGM1MjJmMjY0NzU0ZGI4MTQ4MDdiOWFlMGQyMjVlMjE3ZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWRn0OE+gw2s9Yi4V3NsWDEwJjfb
nbvYoKdM9o12nAd/JG6K915Kj+1xYpR2AFfWdcgT+eZ4W4h+4aOZOe/2amrjGoFM
N7wS7ZpxOTGDhQZRS9APK4xvE/v9yH1IRiTE3z66zMtQ0FIiIubQpCGzc5eANfNc
rHp5EWJOlpqTDMModEs8V6xPSbs5HA+B3Xsna81gdbsMW7981iAJZB5rQnnZa6hM
4M6rd2pl8x7y9bFrniMQDVEj97H11Znl5SGvUf/M++ErunkqFQRlInfWL3NZuUyb
RjY1oL0aJjNAqhiFQpvmwqYWjPaJP3sH/ukWc2ZTcSDCyK7Ysr52RvVL+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKzTFIvJkdU24FIB7muDSJeIX8KMB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9sQMHgy
P1+QxhPsV8Tsn4/HYLdQjMBODpQrWRi0CAs5lyi/p+3EC85Tqn5vsS+NkodgFBnq
GuDaGRkBhryrUg6OYgneSRKkmeIyzQv/FreMUzh6zjuS7OFdpOQXGBz0vajWc35C
+SYpO6f222TOgCu0W7kw3NR7AcI3cPxB8wwWHwLcDHGE2VAmxE0OZsGUhhDBKETH
T44jYa9T3nlVFqbXnQaYI26pZTrZWingbeVifyMscj+b4I351q4vfCDLJgG7ZvfC
sYb9Ppj5NFZXRztzSNXQbeSxBvPe2j2bbbgz+YWAwc1vagzL+ikOX4N2al/MBZDX
rRvpFFN9qrlRuA==
-----END CERTIFICATE-----