Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File:                     3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier:          wn1cHOiDXioCIBm9kKa2/Z80XaTs+d88OMQPo8skKxE=
Subject key identifier:   77:C5:CF:57:40:C8:3A:7E:C2:18:F2:89:86:E4:E9:53:6B:48:A9:56
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer:       /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial:       019D27725E4269B4AB2F2D9085200A9165AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number:          1817
Signing time:             Thu 26 Mar 2026 00:01:39 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:39 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:39 +0000
Files and hashes:         1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: f/AJKqLjxsHCit/1nRtA5oBcrKrGltf9x7lO4QLCIOU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:5e:42:69:b4:ab:2f:2d:90:85:20:0a:91:65:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
        Validity
            Not Before: Mar 26 00:01:39 2026 GMT
            Not After : Mar 27 00:01:39 2026 GMT
        Subject: CN=77c5cf5740c83a7ec218f28986e4e9536b48a956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:30:c1:81:24:c3:97:99:e0:60:14:5a:f3:7b:
                    df:d5:50:c2:c3:ae:c1:f7:22:c6:9d:29:22:e9:31:
                    7e:50:da:b3:ec:88:ce:11:15:f2:29:c4:a3:3d:bc:
                    4d:32:8c:2c:d3:f5:60:97:f0:14:e0:39:b7:a7:41:
                    20:97:9f:07:9e:20:1f:9a:49:90:f9:b0:e1:12:f5:
                    82:c6:fb:a6:67:50:37:9d:35:b2:63:aa:7f:3c:3c:
                    dc:98:54:3f:d6:ed:fa:98:10:69:84:92:f6:af:37:
                    d6:47:8c:32:59:6a:10:eb:dc:13:8d:36:5c:28:96:
                    10:c6:56:0e:f1:4a:59:6f:b1:e1:57:07:65:11:3c:
                    7f:32:b2:07:f7:9e:cb:f2:18:7a:2e:7d:cc:18:cd:
                    56:bd:cc:f8:e3:7d:d3:f1:5b:3f:6f:6f:90:12:3f:
                    ef:73:93:c6:27:d8:a8:47:9f:53:7b:86:f0:21:6b:
                    fd:c3:8a:70:6f:83:e1:9b:e4:22:eb:12:d3:59:90:
                    f1:65:c8:89:ab:f1:f1:1b:48:7c:60:e5:fe:93:b5:
                    0a:3b:35:b8:1e:80:11:ea:9a:7a:4b:3a:80:dd:27:
                    86:37:88:dc:2c:0b:f7:23:c1:b4:38:8d:8d:8f:ad:
                    f2:6c:76:1d:3e:6e:03:b1:4b:60:d2:54:72:8d:27:
                    87:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:C5:CF:57:40:C8:3A:7E:C2:18:F2:89:86:E4:E9:53:6B:48:A9:56
            X509v3 Authority Key Identifier:
                keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:f4:31:e4:04:8f:8f:e1:5c:e1:85:46:13:68:97:46:f2:1e:
         6f:0c:bd:bc:a1:a0:22:87:7c:e9:69:98:10:56:f5:6d:94:77:
         1f:8f:8b:40:e7:ca:60:19:31:ae:d8:e9:9c:fe:00:2c:33:e4:
         ad:42:18:b2:2e:a7:5c:f3:d9:6a:6e:43:9b:ca:76:68:41:6c:
         37:e7:cf:fe:6f:34:3a:32:76:05:8e:16:7b:f9:c5:6f:39:da:
         c0:46:92:b9:c7:8e:66:b3:ad:a7:de:7f:92:fa:c1:c0:13:8c:
         30:95:fb:86:0a:ba:30:48:a6:68:97:ae:4f:cb:78:30:6f:cf:
         6b:aa:5a:f7:f4:1a:87:33:b6:65:86:c6:fd:87:50:46:27:3b:
         44:fa:80:76:41:32:8c:82:f4:68:c0:ac:fc:dc:e5:9f:fd:4c:
         5f:30:96:24:66:4a:d5:ad:01:3a:65:8b:ed:b5:21:f0:52:47:
         bc:0e:25:4a:4b:14:ea:76:e8:88:9a:cb:f5:93:d6:d9:d0:a9:
         31:40:83:b6:04:dd:df:03:fb:41:c5:ab:02:4e:e7:66:46:76:
         d9:48:32:1d:30:4b:20:3f:ef:67:5d:0e:9c:df:79:fa:d5:7e:
         27:d5:34:df:40:93:41:74:30:e9:38:af:bd:8d:fb:5c:4f:0c:
         7d:71:30:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncl5CabSrLy2QhSAKkWWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjYwMzI2MDAwMTM5WhcNMjYwMzI3MDAwMTM5WjAzMTEwLwYDVQQD
Eyg3N2M1Y2Y1NzQwYzgzYTdlYzIxOGYyODk4NmU0ZTk1MzZiNDhhOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljDBgSTDl5ngYBRa83vf1VDCw67B
9yLGnSki6TF+UNqz7IjOERXyKcSjPbxNMows0/Vgl/AU4Dm3p0Egl58HniAfmkmQ
+bDhEvWCxvumZ1A3nTWyY6p/PDzcmFQ/1u36mBBphJL2rzfWR4wyWWoQ69wTjTZc
KJYQxlYO8UpZb7HhVwdlETx/MrIH957L8hh6Ln3MGM1Wvcz4433T8Vs/b2+QEj/v
c5PGJ9ioR59Te4bwIWv9w4pwb4Phm+Qi6xLTWZDxZciJq/HxG0h8YOX+k7UKOzW4
HoAR6pp6SzqA3SeGN4jcLAv3I8G0OI2Nj63ybHYdPm4DsUtg0lRyjSeHdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfFz1dAyDp+whjyiYbk6VNrSKlWMB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARPQx5ASP
j+Fc4YVGE2iXRvIebwy9vKGgIod86WmYEFb1bZR3H4+LQOfKYBkxrtjpnP4ALDPk
rUIYsi6nXPPZam5Dm8p2aEFsN+fP/m80OjJ2BY4We/nFbznawEaSuceOZrOtp95/
kvrBwBOMMJX7hgq6MEimaJeuT8t4MG/Pa6pa9/QahzO2ZYbG/YdQRic7RPqAdkEy
jIL0aMCs/Nzln/1MXzCWJGZK1a0BOmWL7bUh8FJHvA4lSksU6nboiJrL9ZPW2dCp
MUCDtgTd3wP7QcWrAk7nZkZ22UgyHTBLID/vZ10OnN95+tV+J9U030CTQXQw6Tiv
vY37XE8MfXEwaw==
-----END CERTIFICATE-----