Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
File:                     h3OqvdPia0S3mDfBRwq44XQV6o4.mft (raw, json)
Hash identifier:          E26MkrN2yBoRBYV/Ydt94b98GCulIHZ9egOGdK/ONy0=
Subject key identifier:   53:85:8D:4B:0B:32:A1:C7:49:E0:AD:46:91:DD:C0:B1:74:14:C6:57
Authority key identifier: 87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
Certificate issuer:       /CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Certificate serial:       019D27728523ADC555F0819830DB1A05C87A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
Manifest number:          0472
Signing time:             Thu 26 Mar 2026 00:01:49 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:49 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:49 +0000
Files and hashes:         1: h3OqvdPia0S3mDfBRwq44XQV6o4.crl (hash: XqIGsl5ElVNQ+JjSG6cVrybQhm0msNQT3ip62O0OSh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:85:23:ad:c5:55:f0:81:98:30:db:1a:05:c8:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
        Validity
            Not Before: Mar 26 00:01:49 2026 GMT
            Not After : Mar 27 00:01:49 2026 GMT
        Subject: CN=53858d4b0b32a1c749e0ad4691ddc0b17414c657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:3d:0b:1a:f1:bd:41:a9:bb:04:69:16:fe:40:
                    33:d8:df:93:ac:7b:59:86:78:d2:91:a9:ba:0d:87:
                    8e:c8:33:a9:7b:83:f4:06:a1:f7:6c:e6:35:b0:a8:
                    95:cd:bc:f1:5e:b4:bb:e1:7b:16:0c:e8:12:49:b8:
                    de:c5:67:85:5a:c3:b8:dd:99:1b:3e:93:fa:68:5f:
                    aa:f6:42:18:03:7f:db:c1:6e:6b:83:cc:67:27:21:
                    52:1d:f5:60:65:f0:84:6b:f8:be:d7:04:82:79:f7:
                    c3:67:f2:ee:a1:2d:e8:2f:7d:16:36:a8:37:9b:33:
                    ac:74:8f:e0:bf:96:61:7d:30:12:4a:da:ed:90:6a:
                    af:d7:f5:17:e6:b0:e5:05:1c:29:bb:81:c4:4a:cb:
                    33:02:84:f0:6e:b9:91:47:e3:a6:8c:40:d1:d2:a8:
                    75:98:00:21:94:bf:b1:3d:7c:5b:7d:c2:63:50:02:
                    22:3c:3c:ce:e0:fc:b7:92:a0:fe:7d:85:02:e1:e0:
                    db:62:7b:20:88:88:52:7c:0d:f7:44:de:c3:54:ec:
                    d1:be:3c:36:9f:cf:39:a0:aa:ba:de:e0:3e:9a:fe:
                    39:39:79:8b:b9:d2:fc:c4:a5:fb:0c:d7:2f:c9:28:
                    81:65:1d:3a:eb:c0:f4:4d:9f:2a:62:94:ea:1e:25:
                    8a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:85:8D:4B:0B:32:A1:C7:49:E0:AD:46:91:DD:C0:B1:74:14:C6:57
            X509v3 Authority Key Identifier:
                keyid:87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:e4:47:6b:38:1a:5f:b4:ab:47:7c:5e:b2:1a:f8:85:48:a5:
         b9:49:17:25:96:4f:16:6e:41:e0:84:f0:32:35:0a:e0:dd:3e:
         ea:0c:7d:b6:cc:c3:ad:65:b0:3c:16:1a:81:a5:41:3a:e0:d0:
         7a:d2:5f:d7:1c:3e:31:84:99:b2:46:ce:dc:91:61:10:03:9f:
         ff:ca:f4:42:53:b8:36:29:16:5e:19:91:09:76:3e:3f:e3:e1:
         28:2f:0e:e3:26:e4:70:f0:c1:c6:9b:96:66:af:b0:5e:7c:3c:
         15:87:2d:81:c9:fe:61:37:21:7a:65:21:5d:2d:99:83:51:13:
         e5:ff:28:28:8d:2c:2d:81:e6:02:3c:0b:77:9b:7c:72:0e:2e:
         e5:12:4e:50:17:86:60:54:0e:cd:f0:b7:b5:9b:cd:7e:34:1c:
         64:ca:b5:74:41:56:4d:9c:1f:64:12:87:ec:c0:45:4b:7b:76:
         5c:67:66:b6:c1:c1:df:22:f4:d9:55:b6:3b:aa:e3:f0:02:30:
         ed:6b:e3:4c:0c:d8:14:77:f9:0c:26:cf:51:cf:ad:9f:b4:9e:
         26:b2:3d:86:5b:28:69:4e:37:1e:a6:a4:52:1a:55:dc:17:c1:
         9b:17:e7:df:a4:81:1d:28:4c:67:82:ad:e1:1c:60:86:74:65:
         35:06:a3:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncoUjrcVV8IGYMNsaBch6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzNhYWJkZDNlMjZiNDRiNzk4MzdjMTQ3MGFiOGUxNzQx
NWVhOGUwHhcNMjYwMzI2MDAwMTQ5WhcNMjYwMzI3MDAwMTQ5WjAzMTEwLwYDVQQD
Eyg1Mzg1OGQ0YjBiMzJhMWM3NDllMGFkNDY5MWRkYzBiMTc0MTRjNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3z0LGvG9Qam7BGkW/kAz2N+TrHtZ
hnjSkam6DYeOyDOpe4P0BqH3bOY1sKiVzbzxXrS74XsWDOgSSbjexWeFWsO43Zkb
PpP6aF+q9kIYA3/bwW5rg8xnJyFSHfVgZfCEa/i+1wSCeffDZ/LuoS3oL30WNqg3
mzOsdI/gv5ZhfTASStrtkGqv1/UX5rDlBRwpu4HESsszAoTwbrmRR+OmjEDR0qh1
mAAhlL+xPXxbfcJjUAIiPDzO4Py3kqD+fYUC4eDbYnsgiIhSfA33RN7DVOzRvjw2
n885oKq63uA+mv45OXmLudL8xKX7DNcvySiBZR0668D0TZ8qYpTqHiWKSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOFjUsLMqHHSeCtRpHdwLF0FMZXMB8GA1UdIwQY
MBaAFIdzqr3T4mtEt5g3wUcKuOF0FeqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0Mzgt
NmFiOGE4NzlhMTdiLzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0MzgtNmFiOGE4NzlhMTdi
LzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASuRHazga
X7SrR3xeshr4hUiluUkXJZZPFm5B4ITwMjUK4N0+6gx9tszDrWWwPBYagaVBOuDQ
etJf1xw+MYSZskbO3JFhEAOf/8r0QlO4NikWXhmRCXY+P+PhKC8O4ybkcPDBxpuW
Zq+wXnw8FYctgcn+YTchemUhXS2Zg1ET5f8oKI0sLYHmAjwLd5t8cg4u5RJOUBeG
YFQOzfC3tZvNfjQcZMq1dEFWTZwfZBKH7MBFS3t2XGdmtsHB3yL02VW2O6rj8AIw
7WvjTAzYFHf5DCbPUc+tn7SeJrI9hlsoaU43HqakUhpV3BfBmxfn36SBHShMZ4Kt
4RxghnRlNQajsg==
-----END CERTIFICATE-----