Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft
File:                     3LvdnN1oHwNDXWI8gxkw8ifwub8.mft (raw, json)
Hash identifier:          pwxyC6Ih7E5AndzzktB4hM7KQVBj6qCUorLJd/8iXWc=
Subject key identifier:   23:8F:88:09:BE:CB:D8:6E:62:3A:FD:EB:6C:54:CD:74:EB:1B:21:F5
Authority key identifier: DC:BB:DD:9C:DD:68:1F:03:43:5D:62:3C:83:19:30:F2:27:F0:B9:BF
Certificate issuer:       /CN=dcbbdd9cdd681f03435d623c831930f227f0b9bf
Certificate serial:       019D25BA24CEE08F6706A8E7814ACF366F3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3LvdnN1oHwNDXWI8gxkw8ifwub8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft
Manifest number:          DC
Signing time:             Wed 25 Mar 2026 16:00:49 +0000
Manifest this update:     Wed 25 Mar 2026 16:00:49 +0000
Manifest next update:     Thu 26 Mar 2026 16:00:49 +0000
Files and hashes:         1: 3LvdnN1oHwNDXWI8gxkw8ifwub8.crl (hash: evz2rlo443Ev1CAQN8k3AaEIqgyp2pxaioGxhI/P/tQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3LvdnN1oHwNDXWI8gxkw8ifwub8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:24:ce:e0:8f:67:06:a8:e7:81:4a:cf:36:6f:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcbbdd9cdd681f03435d623c831930f227f0b9bf
        Validity
            Not Before: Mar 25 16:00:49 2026 GMT
            Not After : Mar 26 16:00:49 2026 GMT
        Subject: CN=238f8809becbd86e623afdeb6c54cd74eb1b21f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fa:05:6a:c2:f8:c1:5a:d5:d0:09:1a:1d:4b:
                    3c:d4:e3:89:73:52:18:ad:db:e4:ee:95:6f:35:0d:
                    29:77:90:d8:9d:67:b0:5d:8a:9c:18:a3:36:15:c8:
                    72:3f:58:b1:f9:8b:8a:d0:ec:c6:0e:0d:4d:0e:df:
                    86:c8:eb:d1:cd:b4:80:3c:a8:df:aa:54:ab:a8:25:
                    6e:ff:33:d6:3d:e3:ef:23:92:5d:68:e1:e3:ee:be:
                    f5:16:7a:34:ee:f0:5b:e4:0c:92:1b:df:4c:27:34:
                    12:c4:ea:97:fc:98:2f:8b:1b:3e:92:d9:38:11:0d:
                    5c:e6:76:b1:e5:b6:d1:f2:76:4b:b6:df:3f:60:7e:
                    a5:f8:90:69:4c:26:7e:44:fe:7b:fe:a0:98:24:6b:
                    17:5e:e9:8a:8a:87:b1:25:1d:76:8c:53:eb:55:05:
                    d4:0e:a6:99:43:9b:96:a8:4e:ab:68:1c:12:9e:db:
                    54:b5:af:5f:51:bc:fb:47:35:52:8f:ad:3c:73:ea:
                    82:46:78:87:8d:21:3f:fa:bb:e8:37:92:ed:0c:0b:
                    5f:29:8b:47:99:2f:7b:a7:70:09:92:68:a8:ec:ad:
                    a9:2d:3e:cb:ff:e9:f7:0d:4f:f2:1b:ba:19:b9:e6:
                    af:47:6c:1d:97:a2:19:49:3d:1d:6a:f8:38:ca:5e:
                    f6:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:8F:88:09:BE:CB:D8:6E:62:3A:FD:EB:6C:54:CD:74:EB:1B:21:F5
            X509v3 Authority Key Identifier:
                keyid:DC:BB:DD:9C:DD:68:1F:03:43:5D:62:3C:83:19:30:F2:27:F0:B9:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LvdnN1oHwNDXWI8gxkw8ifwub8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8aaa54-4315-48d4-9f7a-89846582cbad/1/3LvdnN1oHwNDXWI8gxkw8ifwub8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:4f:49:5e:ee:d9:4c:5b:89:49:d8:6a:2a:15:de:f9:e3:37:
         99:1a:e3:86:80:95:8b:35:86:da:b9:7c:3e:f1:c3:63:ff:82:
         1a:3f:c6:44:9c:3d:b1:7c:b1:4d:2c:9d:e0:c9:0d:0a:90:c5:
         84:5e:03:65:ed:dd:16:7d:3d:af:17:65:c5:30:18:af:3e:0d:
         c7:95:2d:bb:33:eb:d2:e4:65:f5:85:27:54:72:40:87:66:12:
         45:cb:89:41:7f:e3:7d:86:09:31:6f:1e:59:96:6a:f9:c6:27:
         55:5c:f4:92:8b:6d:d5:59:4b:47:e1:e4:2c:9a:14:e9:15:23:
         67:40:db:90:05:31:03:68:00:68:1b:80:3a:ce:94:2d:dc:0b:
         4a:f4:fd:01:68:59:83:01:15:9e:1a:d4:21:91:21:42:dc:a2:
         a8:e9:42:ce:6c:a1:70:ed:a5:37:aa:36:e1:80:83:3b:73:3b:
         30:70:22:a2:a9:dc:a2:d2:01:16:74:87:ec:5d:66:e7:f8:12:
         da:61:b4:a1:53:83:ee:db:e3:96:d2:b9:22:b3:e4:a5:47:ba:
         84:e0:93:59:05:f4:ec:be:ff:32:41:7f:51:ae:a6:68:e2:c0:
         13:1c:ee:66:0e:65:d6:ea:6d:58:fb:e6:3e:23:5b:b6:e9:29:
         73:1a:67:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luiTO4I9nBqjngUrPNm86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmJkZDljZGQ2ODFmMDM0MzVkNjIzYzgzMTkzMGYyMjdm
MGI5YmYwHhcNMjYwMzI1MTYwMDQ5WhcNMjYwMzI2MTYwMDQ5WjAzMTEwLwYDVQQD
EygyMzhmODgwOWJlY2JkODZlNjIzYWZkZWI2YzU0Y2Q3NGViMWIyMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/oFasL4wVrV0AkaHUs81OOJc1IY
rdvk7pVvNQ0pd5DYnWewXYqcGKM2FchyP1ix+YuK0OzGDg1NDt+GyOvRzbSAPKjf
qlSrqCVu/zPWPePvI5JdaOHj7r71Fno07vBb5AySG99MJzQSxOqX/Jgvixs+ktk4
EQ1c5nax5bbR8nZLtt8/YH6l+JBpTCZ+RP57/qCYJGsXXumKioexJR12jFPrVQXU
DqaZQ5uWqE6raBwSnttUta9fUbz7RzVSj608c+qCRniHjSE/+rvoN5LtDAtfKYtH
mS97p3AJkmio7K2pLT7L/+n3DU/yG7oZueavR2wdl6IZST0davg4yl72BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOPiAm+y9huYjr962xUzXTrGyH1MB8GA1UdIwQY
MBaAFNy73ZzdaB8DQ11iPIMZMPIn8Lm/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0x2ZG5OMW9Id05EWFdJOGd4a3c4aWZ3dWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84YWFhNTQtNDMxNS00OGQ0LTlmN2Et
ODk4NDY1ODJjYmFkLzEvM0x2ZG5OMW9Id05EWFdJOGd4a3c4aWZ3dWI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84YWFhNTQtNDMxNS00OGQ0LTlmN2EtODk4NDY1ODJjYmFk
LzEvM0x2ZG5OMW9Id05EWFdJOGd4a3c4aWZ3dWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUk9JXu7Z
TFuJSdhqKhXe+eM3mRrjhoCVizWG2rl8PvHDY/+CGj/GRJw9sXyxTSyd4MkNCpDF
hF4DZe3dFn09rxdlxTAYrz4Nx5UtuzPr0uRl9YUnVHJAh2YSRcuJQX/jfYYJMW8e
WZZq+cYnVVz0kott1VlLR+HkLJoU6RUjZ0DbkAUxA2gAaBuAOs6ULdwLSvT9AWhZ
gwEVnhrUIZEhQtyiqOlCzmyhcO2lN6o24YCDO3M7MHAioqncotIBFnSH7F1m5/gS
2mG0oVOD7tvjltK5IrPkpUe6hOCTWQX07L7/MkF/Ua6maOLAExzuZg5l1uptWPvm
PiNbtukpcxpn5A==
-----END CERTIFICATE-----