Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          xYigvCBVRBG+EbxM6whi7x+DU9Elw37S082JUnvYiGk=
Subject key identifier:   09:00:76:11:51:80:BA:9E:DC:75:B3:41:C7:BC:70:CB:62:DD:9C:CF
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019E1CB562B8C992AA68062D429B39A27F28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0CAF
Signing time:             Tue 12 May 2026 15:01:49 +0000
Manifest this update:     Tue 12 May 2026 15:01:49 +0000
Manifest next update:     Wed 13 May 2026 15:01:49 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: HGEiU0zcZUcZSfnv/ZprcDWAZa3fXOajIMhaHf/x8RA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:b5:62:b8:c9:92:aa:68:06:2d:42:9b:39:a2:7f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: May 12 15:01:49 2026 GMT
            Not After : May 13 15:01:49 2026 GMT
        Subject: CN=090076115180ba9edc75b341c7bc70cb62dd9ccf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:43:0f:43:c1:32:63:c3:dc:02:c2:bb:47:92:
                    f6:1d:8d:d1:c8:a9:59:2b:23:04:ea:1d:6c:c6:b9:
                    5d:93:8c:66:02:f2:7b:15:c6:19:43:2f:30:59:8f:
                    7d:0c:71:fe:62:f1:1d:75:2d:aa:52:5a:b5:4e:a7:
                    3a:79:77:c9:c8:0d:25:35:94:c2:9d:aa:6f:8d:28:
                    9a:f5:d8:3b:44:2d:92:c6:e8:95:e9:c0:31:a4:e2:
                    c5:47:f2:1e:ae:7a:bf:e7:f1:63:f6:14:ea:9d:6c:
                    c0:91:87:41:cc:b6:1d:62:4f:81:7d:cf:9d:39:23:
                    39:1f:f1:80:01:2e:69:cd:75:fa:29:8c:42:ed:91:
                    fa:96:86:ef:5a:a6:00:64:96:78:39:1d:50:04:79:
                    0e:18:91:37:63:a9:42:e7:d8:0c:44:09:9e:da:4c:
                    97:01:ce:82:90:c2:73:1b:a1:86:fd:5e:ae:18:92:
                    ca:6b:72:39:92:7c:b9:16:27:1a:92:8e:fc:82:e3:
                    a3:e3:a9:db:40:84:2c:24:37:c2:27:0c:53:93:e1:
                    ac:62:c2:16:16:d9:4b:da:f2:04:1e:17:b2:93:ad:
                    c8:21:21:8c:5c:93:2c:45:f9:38:64:f1:f4:df:af:
                    68:de:50:7d:f5:9e:d7:06:02:4c:df:79:17:29:e0:
                    ff:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:00:76:11:51:80:BA:9E:DC:75:B3:41:C7:BC:70:CB:62:DD:9C:CF
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:3c:5d:5b:e8:75:0f:0b:e6:a1:f5:cc:c2:de:c0:45:87:38:
         1f:18:c6:64:2a:3b:4e:83:da:28:42:b3:b4:66:c4:39:21:19:
         de:67:75:c7:54:3a:6a:45:28:1d:57:48:37:62:5c:49:b3:1d:
         5e:4a:26:4b:88:a5:db:7b:b4:11:94:58:11:4c:a5:21:a2:60:
         3f:8a:a1:71:88:86:08:71:27:8e:56:31:9b:59:d5:ff:64:86:
         d9:27:90:e7:88:cc:20:21:5d:eb:70:a5:d8:ce:86:22:f2:c6:
         6c:32:af:93:ba:fa:24:44:a6:24:a3:70:7a:ae:af:1d:8b:7a:
         e8:72:b3:46:37:08:69:ca:dc:b5:3e:df:93:0b:3d:05:a4:87:
         58:65:be:b8:04:90:ee:3a:2d:30:d8:cf:eb:a4:93:a9:11:e8:
         c8:43:67:ec:25:a6:e4:43:21:f7:3d:50:0b:a9:d5:e1:01:20:
         c7:ec:8d:87:15:97:15:5c:68:0f:2e:30:18:ff:41:91:39:af:
         09:5c:c9:76:75:01:42:b7:98:80:2e:a8:c9:7d:af:57:be:d3:
         d1:d7:21:08:b2:d8:db:da:4e:52:a5:28:fc:84:56:d5:d3:db:
         cb:76:63:e5:c0:e6:6c:3b:aa:1e:9e:ae:5d:4f:21:a6:b4:c9:
         3f:ae:fc:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctWK4yZKqaAYtQps5on8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjYwNTEyMTUwMTQ5WhcNMjYwNTEzMTUwMTQ5WjAzMTEwLwYDVQQD
EygwOTAwNzYxMTUxODBiYTllZGM3NWIzNDFjN2JjNzBjYjYyZGQ5Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEMPQ8EyY8PcAsK7R5L2HY3RyKlZ
KyME6h1sxrldk4xmAvJ7FcYZQy8wWY99DHH+YvEddS2qUlq1Tqc6eXfJyA0lNZTC
napvjSia9dg7RC2SxuiV6cAxpOLFR/Iernq/5/Fj9hTqnWzAkYdBzLYdYk+Bfc+d
OSM5H/GAAS5pzXX6KYxC7ZH6lobvWqYAZJZ4OR1QBHkOGJE3Y6lC59gMRAme2kyX
Ac6CkMJzG6GG/V6uGJLKa3I5kny5Ficako78guOj46nbQIQsJDfCJwxTk+GsYsIW
FtlL2vIEHheyk63IISGMXJMsRfk4ZPH0369o3lB99Z7XBgJM33kXKeD/RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkAdhFRgLqe3HWzQce8cMti3ZzPMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDxdW+h1
DwvmofXMwt7ARYc4HxjGZCo7ToPaKEKztGbEOSEZ3md1x1Q6akUoHVdIN2JcSbMd
XkomS4il23u0EZRYEUylIaJgP4qhcYiGCHEnjlYxm1nV/2SG2SeQ54jMICFd63Cl
2M6GIvLGbDKvk7r6JESmJKNweq6vHYt66HKzRjcIacrctT7fkws9BaSHWGW+uASQ
7jotMNjP66STqRHoyENn7CWm5EMh9z1QC6nV4QEgx+yNhxWXFVxoDy4wGP9BkTmv
CVzJdnUBQreYgC6oyX2vV77T0dchCLLY29pOUqUo/IRW1dPby3Zj5cDmbDuqHp6u
XU8hprTJP678mQ==
-----END CERTIFICATE-----