Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
File:                     3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json)
Hash identifier:          1iH9nCdVyD3OIvdNNviGlfZROjbTb7kJnGFg2l6cW6k=
Subject key identifier:   76:A8:5C:00:2A:2D:28:E1:6B:44:01:4F:95:CE:94:22:F9:94:DF:97
Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1
Certificate issuer:       /CN=dc4be25375942276b2644097dc3d5a875afb8af1
Certificate serial:       019D2703FF04A155F4C08AD2BDB2354D672B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
Manifest number:          0B3A
Signing time:             Wed 25 Mar 2026 22:01:06 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:06 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:06 +0000
Files and hashes:         1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: 4lL4qeol5AxRpoEGKHSrfI/UrCBaaj2MjZCvp107b4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ff:04:a1:55:f4:c0:8a:d2:bd:b2:35:4d:67:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1
        Validity
            Not Before: Mar 25 22:01:06 2026 GMT
            Not After : Mar 26 22:01:06 2026 GMT
        Subject: CN=76a85c002a2d28e16b44014f95ce9422f994df97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:86:83:52:cf:b0:73:29:9c:3a:01:25:0e:ae:
                    2f:8f:a7:e3:15:3d:99:75:c5:e3:97:39:96:b0:64:
                    e1:47:1c:b0:3e:62:07:4a:83:a1:c7:e9:2c:ad:12:
                    ab:12:bf:8b:df:61:c7:5e:6c:07:04:0f:f5:3f:54:
                    8e:96:0e:25:bc:07:81:1e:a6:34:76:e4:8c:1c:f0:
                    33:fd:f7:03:9b:dd:40:b7:76:3b:7c:a5:76:10:f1:
                    d9:36:13:25:de:a2:fa:eb:b3:5b:7b:07:56:7c:f1:
                    fb:d1:8a:df:87:46:20:40:66:fe:8b:65:10:75:d2:
                    95:6b:15:9d:7c:30:c4:9a:15:a2:9e:35:b0:cf:5f:
                    81:6d:dd:3a:2c:fb:cc:cf:2e:07:63:65:4a:97:f3:
                    e8:aa:cf:77:02:71:30:d6:3c:9e:56:1c:c6:58:b0:
                    76:f6:2d:36:87:10:62:df:50:e6:36:e9:e3:8c:a9:
                    0c:95:3c:8c:17:4f:5c:b2:5c:69:17:c9:ac:20:bf:
                    2a:ea:e8:ce:92:41:b0:35:ca:ce:2d:c9:ff:81:8b:
                    fd:dd:55:2b:36:1f:7a:79:53:14:ff:65:20:7f:9a:
                    c0:ff:48:18:1b:55:95:5a:b1:cb:c4:f3:8a:b1:d6:
                    44:48:7f:92:18:e9:9d:a1:5f:38:32:81:c4:7e:0a:
                    94:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:A8:5C:00:2A:2D:28:E1:6B:44:01:4F:95:CE:94:22:F9:94:DF:97
            X509v3 Authority Key Identifier:
                keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:3f:c5:0a:7b:4d:e3:77:e6:f0:20:5c:e6:53:c1:77:04:c4:
         31:6b:72:f9:4f:9b:33:57:2c:ac:6c:70:95:91:0a:29:bd:82:
         6b:d5:ad:07:5e:82:eb:5a:1e:e2:f7:27:2d:98:a9:bb:82:7d:
         3f:2b:55:77:4d:95:d1:8c:e7:18:79:97:ed:62:16:29:67:a7:
         aa:8c:8f:8a:dc:9d:64:d2:27:7f:d1:2e:fc:75:ff:9e:a5:b5:
         0b:ce:c9:64:92:d0:0b:a4:99:eb:ab:11:3c:ac:21:66:ae:ff:
         27:6c:4a:3e:1f:ac:75:d7:b3:fb:a5:da:f4:40:b0:a0:15:ea:
         9e:06:d2:3f:46:60:6a:8c:f1:38:47:ec:d7:d8:73:65:95:5e:
         aa:53:f5:b3:8c:d0:c7:be:9d:61:99:b6:bb:20:7d:6d:ee:95:
         46:96:0b:6a:d0:44:cb:01:dc:20:64:cc:91:58:0b:b2:b3:af:
         48:39:ff:51:a6:ca:f3:c4:30:69:fa:77:7a:8c:95:0d:97:5d:
         a5:7f:a0:d7:26:93:a6:ce:2e:26:b8:8d:20:d7:33:ad:f4:27:
         74:94:c5:1e:3c:56:6e:69:42:52:08:2f:ce:2f:7b:d9:ae:8f:
         9f:bb:d0:9c:2b:a6:70:3e:35:8f:ed:83:40:a5:a6:28:25:bc:
         8c:5c:21:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/8EoVX0wIrSvbI1TWcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm
YjhhZjEwHhcNMjYwMzI1MjIwMTA2WhcNMjYwMzI2MjIwMTA2WjAzMTEwLwYDVQQD
Eyg3NmE4NWMwMDJhMmQyOGUxNmI0NDAxNGY5NWNlOTQyMmY5OTRkZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYaDUs+wcymcOgElDq4vj6fjFT2Z
dcXjlzmWsGThRxywPmIHSoOhx+ksrRKrEr+L32HHXmwHBA/1P1SOlg4lvAeBHqY0
duSMHPAz/fcDm91At3Y7fKV2EPHZNhMl3qL667NbewdWfPH70Yrfh0YgQGb+i2UQ
ddKVaxWdfDDEmhWinjWwz1+Bbd06LPvMzy4HY2VKl/Poqs93AnEw1jyeVhzGWLB2
9i02hxBi31DmNunjjKkMlTyMF09cslxpF8msIL8q6ujOkkGwNcrOLcn/gYv93VUr
Nh96eVMU/2Ugf5rA/0gYG1WVWrHLxPOKsdZESH+SGOmdoV84MoHEfgqUwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaoXAAqLSjha0QBT5XOlCL5lN+XMB8GA1UdIwQY
MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt
MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl
LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhD/FCntN
43fm8CBc5lPBdwTEMWty+U+bM1csrGxwlZEKKb2Ca9WtB16C61oe4vcnLZipu4J9
PytVd02V0YznGHmX7WIWKWenqoyPitydZNInf9Eu/HX/nqW1C87JZJLQC6SZ66sR
PKwhZq7/J2xKPh+sddez+6Xa9ECwoBXqngbSP0ZgaozxOEfs19hzZZVeqlP1s4zQ
x76dYZm2uyB9be6VRpYLatBEywHcIGTMkVgLsrOvSDn/UabK88Qwafp3eoyVDZdd
pX+g1yaTps4uJriNINczrfQndJTFHjxWbmlCUggvzi972a6Pn7vQnCumcD41j+2D
QKWmKCW8jFwh7A==
-----END CERTIFICATE-----