Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          BkQafwl8JFEGsy4W5fDVPa7DBTcwKu5Y9RZgbCvWjjA=
Subject key identifier:   7C:F0:38:91:23:8F:1C:BD:CD:C4:CB:02:94:39:64:FD:31:13:10:2C
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019D2772A71EECE69D9031C2FF1BAA402757
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0C30
Signing time:             Thu 26 Mar 2026 00:01:58 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:58 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:58 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: u07CsRnvnWzoBpc8LUCYSTs2yOTcsfmFT/ey98cge0c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:a7:1e:ec:e6:9d:90:31:c2:ff:1b:aa:40:27:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Mar 26 00:01:58 2026 GMT
            Not After : Mar 27 00:01:58 2026 GMT
        Subject: CN=7cf03891238f1cbdcdc4cb02943964fd3113102c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:48:f8:3c:72:9f:bb:a8:fd:b8:e9:29:c6:08:
                    57:dc:ba:c8:38:f5:fd:f6:24:b8:67:4c:66:79:55:
                    49:eb:d4:91:71:96:2f:33:48:8a:ec:ee:5e:54:40:
                    7d:a8:7e:e4:2c:f0:7b:da:c7:fa:a7:df:3d:98:a5:
                    31:48:9b:ca:d5:24:ad:d6:85:f2:30:1e:eb:68:d3:
                    28:67:a1:4b:84:f5:01:8d:15:28:2d:0b:09:39:ea:
                    13:00:34:4d:13:2c:3b:82:32:01:f0:1b:db:ca:85:
                    87:e9:70:fc:29:55:0c:3e:6d:7f:42:0b:97:68:06:
                    69:1c:44:bb:66:d4:de:12:05:79:2c:55:19:ae:1e:
                    4e:63:c1:bf:f3:15:05:ec:de:52:f7:7b:27:ec:41:
                    46:7a:0b:65:bd:eb:0c:3c:3b:ab:a0:cd:69:a8:d7:
                    74:f3:a4:4a:e5:64:24:c4:58:30:e3:67:85:fe:c8:
                    c6:0f:b1:4d:58:ed:8e:c2:12:c1:ff:40:f8:c9:0a:
                    9d:0a:37:2a:68:fa:e1:95:c7:52:15:1e:2a:a5:2d:
                    c9:52:30:72:ad:45:32:27:7f:ce:f0:51:fe:1e:df:
                    65:14:11:5b:06:ab:ff:04:d4:d1:51:24:39:8c:ed:
                    14:8c:9d:fb:fb:82:dc:c0:5b:aa:c3:0e:5e:8e:47:
                    35:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F0:38:91:23:8F:1C:BD:CD:C4:CB:02:94:39:64:FD:31:13:10:2C
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:56:4c:f3:e0:7d:21:01:32:ec:b1:eb:5b:40:a9:6b:18:b4:
         f9:7e:09:30:af:c0:66:5a:82:46:1c:5c:7a:0c:cc:67:12:ba:
         f3:06:a7:46:98:d6:aa:b8:e4:4f:1c:ac:b2:7e:0d:1b:ed:b7:
         52:13:05:f4:16:7c:f2:e0:64:44:3d:ef:de:3a:3a:df:5c:6e:
         1a:79:83:74:e3:7d:09:53:99:bc:97:12:b1:72:fd:bc:6c:9b:
         5b:0a:cf:5a:d6:90:c2:9e:a8:f6:1b:42:cb:53:05:fe:e3:b9:
         a3:8d:30:b4:ce:56:da:73:e2:bb:da:88:9a:70:98:19:62:86:
         d5:a7:8c:41:0b:e5:f8:9a:9e:e8:be:48:35:43:0f:86:de:22:
         c4:eb:d8:f5:4f:8a:cf:3a:bf:56:77:da:52:93:f4:7e:eb:12:
         d3:32:c6:29:bb:8d:33:a8:17:f8:16:eb:b5:c7:a5:98:4d:89:
         a1:38:3c:e6:71:99:44:1e:4b:bf:69:d5:92:d4:35:b8:04:32:
         b3:31:cf:1a:48:da:a6:a0:0a:5e:f0:70:97:a2:75:32:dc:fd:
         8a:1a:57:cc:57:2a:b3:9e:cc:ea:a5:fc:45:02:57:4f:ee:9c:
         48:42:2e:ff:6c:de:4e:40:a6:c3:a3:16:2f:57:c1:7f:63:82:
         20:8d:6b:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqce7OadkDHC/xuqQCdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjYwMzI2MDAwMTU4WhcNMjYwMzI3MDAwMTU4WjAzMTEwLwYDVQQD
Eyg3Y2YwMzg5MTIzOGYxY2JkY2RjNGNiMDI5NDM5NjRmZDMxMTMxMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUj4PHKfu6j9uOkpxghX3LrIOPX9
9iS4Z0xmeVVJ69SRcZYvM0iK7O5eVEB9qH7kLPB72sf6p989mKUxSJvK1SSt1oXy
MB7raNMoZ6FLhPUBjRUoLQsJOeoTADRNEyw7gjIB8BvbyoWH6XD8KVUMPm1/QguX
aAZpHES7ZtTeEgV5LFUZrh5OY8G/8xUF7N5S93sn7EFGegtlvesMPDuroM1pqNd0
86RK5WQkxFgw42eF/sjGD7FNWO2OwhLB/0D4yQqdCjcqaPrhlcdSFR4qpS3JUjBy
rUUyJ3/O8FH+Ht9lFBFbBqv/BNTRUSQ5jO0UjJ37+4LcwFuqww5ejkc1FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzwOJEjjxy9zcTLApQ5ZP0xExAsMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX1ZM8+B9
IQEy7LHrW0Cpaxi0+X4JMK/AZlqCRhxcegzMZxK68wanRpjWqrjkTxyssn4NG+23
UhMF9BZ88uBkRD3v3jo631xuGnmDdON9CVOZvJcSsXL9vGybWwrPWtaQwp6o9htC
y1MF/uO5o40wtM5W2nPiu9qImnCYGWKG1aeMQQvl+Jqe6L5INUMPht4ixOvY9U+K
zzq/VnfaUpP0fusS0zLGKbuNM6gX+BbrtcelmE2JoTg85nGZRB5Lv2nVktQ1uAQy
szHPGkjapqAKXvBwl6J1Mtz9ihpXzFcqs57M6qX8RQJXT+6cSEIu/2zeTkCmw6MW
L1fBf2OCII1rPw==
-----END CERTIFICATE-----