Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File:                     MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier:          TdXa2CLwpOLovXPOzqftDi/S/FYLZ/CQQfMzvblPG8g=
Subject key identifier:   0B:A3:BD:F2:A7:5A:E9:C3:D9:08:E1:4F:75:D6:BF:C4:B6:A7:99:0E
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer:       /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial:       019D26285E3DF81C28FBE0274771D53DAD6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number:          03B9
Signing time:             Wed 25 Mar 2026 18:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:12 +0000
Files and hashes:         1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: nEYzBIZHAiv0DVAjaMJUv7YzFmBHqn0IamJOHJbzXB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:5e:3d:f8:1c:28:fb:e0:27:47:71:d5:3d:ad:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
        Validity
            Not Before: Mar 25 18:01:12 2026 GMT
            Not After : Mar 26 18:01:12 2026 GMT
        Subject: CN=0ba3bdf2a75ae9c3d908e14f75d6bfc4b6a7990e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:23:41:b4:a3:0a:aa:b4:af:23:a2:23:dc:2d:
                    a3:bf:05:c5:c2:9e:d1:95:8c:f3:7d:4b:0e:75:86:
                    42:e0:d6:53:8f:25:e4:bd:b1:1c:8a:9d:31:10:3f:
                    2a:bf:44:4d:1b:f8:c5:3e:26:a3:e6:b5:66:2e:5c:
                    58:15:47:70:7d:ea:50:80:d5:f0:47:c3:6a:11:ab:
                    b1:dc:11:c5:30:87:00:8a:1d:e1:c0:85:37:be:d6:
                    dd:1e:aa:e6:0d:e7:fd:28:9b:ad:c2:98:c3:de:a3:
                    4a:0d:a4:b8:6a:45:8d:40:7c:3c:c5:69:56:03:b6:
                    b1:fd:14:3e:46:d0:64:0e:9c:ca:6a:34:2a:31:bf:
                    2e:55:e5:b3:97:04:46:cc:b0:f1:3c:24:98:d2:da:
                    4f:ad:73:2a:3a:1f:85:61:43:f2:e0:3f:88:02:15:
                    43:4a:71:f9:42:62:5e:70:7e:47:ba:9f:ba:15:58:
                    d4:c4:28:e6:47:1d:7e:9a:5a:ac:00:ed:f6:0b:25:
                    25:1d:ee:20:7c:7f:84:79:69:ce:c7:f9:2a:ce:6a:
                    3b:2f:31:7c:58:d0:3a:8f:ea:8f:f2:94:6f:45:bd:
                    c5:75:d6:43:fd:fe:d8:ad:56:bc:73:28:fa:bb:ea:
                    4b:de:8e:62:9c:ff:40:78:24:b4:61:9b:76:17:55:
                    b6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:A3:BD:F2:A7:5A:E9:C3:D9:08:E1:4F:75:D6:BF:C4:B6:A7:99:0E
            X509v3 Authority Key Identifier:
                keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:8d:0d:da:5d:bc:fc:22:82:e2:d2:14:bc:02:14:cb:d6:db:
         2f:c7:25:e1:c1:74:32:5e:98:21:7f:90:d5:35:1c:f5:b3:35:
         4e:0d:32:9c:ef:53:68:ec:30:1d:06:66:a7:8e:2f:48:06:ef:
         03:1d:ab:69:ba:bd:7f:eb:41:2d:ae:2f:45:b4:20:91:f2:62:
         c4:07:20:a1:af:99:35:2f:6d:3a:ad:82:77:2b:b4:67:aa:1f:
         7b:8d:d8:1c:6a:6b:a9:81:a5:5b:ec:da:bc:1a:43:44:50:59:
         c7:f0:64:be:ad:22:bd:1b:0d:6f:94:17:4d:2d:4e:1c:d0:73:
         53:a6:fd:6b:8f:d1:9a:01:39:45:a7:11:c1:aa:3a:fe:d5:32:
         c2:6b:bb:b3:52:07:8e:83:0f:59:17:28:51:fd:f2:91:f6:36:
         f6:21:2a:52:6b:35:30:ad:c1:0f:b5:0d:9f:21:de:1f:7b:78:
         cd:38:ff:6d:65:c8:43:64:93:aa:8b:ba:6d:dc:c8:8d:5d:d0:
         d2:8f:6c:7b:9f:78:bd:de:02:1f:de:21:43:d5:63:5f:94:79:
         94:3f:4d:49:1a:fc:98:aa:e8:c4:c4:64:18:2b:ea:6e:dd:b7:
         b2:ea:03:d2:39:9f:6b:89:14:b1:56:22:05:a9:be:a5:de:69:
         85:3e:cc:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKF49+Bwo++AnR3HVPa1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjYwMzI1MTgwMTEyWhcNMjYwMzI2MTgwMTEyWjAzMTEwLwYDVQQD
EygwYmEzYmRmMmE3NWFlOWMzZDkwOGUxNGY3NWQ2YmZjNGI2YTc5OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyNBtKMKqrSvI6Ij3C2jvwXFwp7R
lYzzfUsOdYZC4NZTjyXkvbEcip0xED8qv0RNG/jFPiaj5rVmLlxYFUdwfepQgNXw
R8NqEaux3BHFMIcAih3hwIU3vtbdHqrmDef9KJutwpjD3qNKDaS4akWNQHw8xWlW
A7ax/RQ+RtBkDpzKajQqMb8uVeWzlwRGzLDxPCSY0tpPrXMqOh+FYUPy4D+IAhVD
SnH5QmJecH5Hup+6FVjUxCjmRx1+mlqsAO32CyUlHe4gfH+EeWnOx/kqzmo7LzF8
WNA6j+qP8pRvRb3FddZD/f7YrVa8cyj6u+pL3o5inP9AeCS0YZt2F1W2IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAujvfKnWunD2QjhT3XWv8S2p5kOMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgo0N2l28
/CKC4tIUvAIUy9bbL8cl4cF0Ml6YIX+Q1TUc9bM1Tg0ynO9TaOwwHQZmp44vSAbv
Ax2rabq9f+tBLa4vRbQgkfJixAcgoa+ZNS9tOq2Cdyu0Z6ofe43YHGprqYGlW+za
vBpDRFBZx/Bkvq0ivRsNb5QXTS1OHNBzU6b9a4/RmgE5RacRwao6/tUywmu7s1IH
joMPWRcoUf3ykfY29iEqUms1MK3BD7UNnyHeH3t4zTj/bWXIQ2STqou6bdzIjV3Q
0o9se594vd4CH94hQ9VjX5R5lD9NSRr8mKroxMRkGCvqbt23suoD0jmfa4kUsVYi
Bam+pd5phT7MlQ==
-----END CERTIFICATE-----