Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File:                     3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier:          XJXPJ6GIiXmvpzbWxhRGwUjQ30PjV1U0OO7wtbfFT9Y=
Subject key identifier:   19:81:9A:CA:41:7E:5B:94:92:8B:C4:25:B8:62:CB:19:92:85:C9:2F
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer:       /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial:       019D270478B18EB8EB473FE071913130B6B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number:          03C9
Signing time:             Wed 25 Mar 2026 22:01:37 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:37 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:37 +0000
Files and hashes:         1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: BVaJeNldsQDT6COXMFtqsKv8ioP7NPsK6h4y8WvjFaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:78:b1:8e:b8:eb:47:3f:e0:71:91:31:30:b6:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
        Validity
            Not Before: Mar 25 22:01:37 2026 GMT
            Not After : Mar 26 22:01:37 2026 GMT
        Subject: CN=19819aca417e5b94928bc425b862cb199285c92f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a7:92:36:51:f0:93:2d:76:59:64:5b:1e:cf:
                    91:a6:a4:da:5b:d7:6b:c8:39:0a:58:19:e5:cd:81:
                    68:7c:2d:41:04:0d:9f:d9:8f:e7:6c:87:4a:cc:f8:
                    35:49:7f:41:3e:76:4d:72:25:df:d8:47:0f:c8:28:
                    be:ef:46:84:3e:68:19:75:47:39:23:5b:49:d2:d6:
                    8a:07:e4:fe:e9:a4:26:20:f7:5d:50:e6:f2:9a:b0:
                    af:bb:cc:e1:85:d3:c7:c1:c8:63:a7:41:16:52:8f:
                    8d:8c:99:89:12:90:a1:84:5e:49:da:99:e2:55:b2:
                    6a:fc:fc:e4:5d:74:1c:f6:8a:84:fd:7d:e6:57:c0:
                    64:e9:8f:19:cc:43:7f:2c:67:2b:af:23:d5:12:3f:
                    5e:25:3d:fc:33:16:c6:8a:e8:13:07:4e:d7:fb:59:
                    67:08:ea:05:c2:77:f7:f8:d6:e6:88:55:5d:9e:45:
                    3f:42:09:fc:e3:fc:ba:be:5b:c6:ea:f5:08:bb:ae:
                    3c:bd:be:7e:d0:b7:58:fc:ef:eb:2e:ee:3f:f5:83:
                    73:0a:36:cf:91:9f:e1:94:7e:17:c1:a0:89:ec:cb:
                    e3:ec:2d:c3:7f:8e:03:88:ef:a3:78:20:80:91:e4:
                    db:13:98:36:22:61:ed:e4:f9:55:2a:98:6d:3f:58:
                    25:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:81:9A:CA:41:7E:5B:94:92:8B:C4:25:B8:62:CB:19:92:85:C9:2F
            X509v3 Authority Key Identifier:
                keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:fd:bb:fb:4f:35:ad:2f:c4:bf:ec:fc:8b:4e:27:5b:98:4e:
         d7:6d:5a:15:90:a3:0d:36:87:19:d2:02:61:80:3d:d5:87:94:
         f8:af:24:5c:a8:a7:2f:bc:33:c1:ae:dc:06:ff:65:9a:b2:15:
         5b:38:48:ed:f2:13:b0:c6:3c:4c:bc:c3:be:79:ea:6f:03:5f:
         d7:64:f1:8f:cf:69:4f:4a:62:51:be:a1:da:1e:ce:1e:9e:15:
         0b:fe:b8:22:8e:08:54:ba:21:b7:1f:c2:be:c1:0f:7c:f3:46:
         2f:93:91:f6:f7:53:17:3d:2b:67:27:20:05:0f:d8:b9:26:98:
         af:10:d4:9e:ca:87:37:c8:95:3a:d1:32:78:b6:0b:c1:18:0c:
         07:6f:f3:9d:fa:e9:3c:11:20:53:07:24:9d:ae:56:3e:dc:c7:
         cb:db:b6:02:49:c3:23:c0:d6:b1:1e:91:bc:8e:c3:05:71:62:
         bf:00:27:c1:0e:60:ad:cf:fc:d6:9e:a9:a0:96:e5:7f:39:18:
         b8:a2:fa:54:ee:52:33:cf:8f:28:fb:14:dc:df:0f:08:17:66:
         c6:51:a9:4d:98:88:52:11:0d:0e:d2:ee:84:2a:0d:a1:08:25:
         f0:ff:e4:b5:28:3d:1f:e5:a9:cc:6f:c7:dc:ce:e1:12:c0:bf:
         cc:17:f4:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHixjrjrRz/gcZExMLaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjYwMzI1MjIwMTM3WhcNMjYwMzI2MjIwMTM3WjAzMTEwLwYDVQQD
EygxOTgxOWFjYTQxN2U1Yjk0OTI4YmM0MjViODYyY2IxOTkyODVjOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaeSNlHwky12WWRbHs+RpqTaW9dr
yDkKWBnlzYFofC1BBA2f2Y/nbIdKzPg1SX9BPnZNciXf2EcPyCi+70aEPmgZdUc5
I1tJ0taKB+T+6aQmIPddUObymrCvu8zhhdPHwchjp0EWUo+NjJmJEpChhF5J2pni
VbJq/PzkXXQc9oqE/X3mV8Bk6Y8ZzEN/LGcrryPVEj9eJT38MxbGiugTB07X+1ln
COoFwnf3+NbmiFVdnkU/Qgn84/y6vlvG6vUIu648vb5+0LdY/O/rLu4/9YNzCjbP
kZ/hlH4XwaCJ7Mvj7C3Df44DiO+jeCCAkeTbE5g2ImHt5PlVKphtP1glaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmBmspBfluUkovEJbhiyxmShckvMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwv27+081
rS/Ev+z8i04nW5hO121aFZCjDTaHGdICYYA91YeU+K8kXKinL7wzwa7cBv9lmrIV
WzhI7fITsMY8TLzDvnnqbwNf12Txj89pT0piUb6h2h7OHp4VC/64Io4IVLohtx/C
vsEPfPNGL5OR9vdTFz0rZycgBQ/YuSaYrxDUnsqHN8iVOtEyeLYLwRgMB2/znfrp
PBEgUwckna5WPtzHy9u2AknDI8DWsR6RvI7DBXFivwAnwQ5grc/81p6poJblfzkY
uKL6VO5SM8+PKPsU3N8PCBdmxlGpTZiIUhENDtLuhCoNoQgl8P/ktSg9H+WpzG/H
3M7hEsC/zBf0Iw==
-----END CERTIFICATE-----