Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          NDrlr5D6CyXKQPKelBM8rljMtsbv+jfADljq+RnUoFE=
Subject key identifier:   43:A2:88:F3:52:9D:E1:48:30:79:B8:D4:0B:EF:76:C5:03:77:63:15
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019D98F49EA3C4A6530E08C81411B5EC6EB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          1062
Signing time:             Fri 17 Apr 2026 01:01:01 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:01 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:01 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: cq17f9YCFHn2f7lzk9epZ3fK2H9nvsHZEpkXskdFrds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:9e:a3:c4:a6:53:0e:08:c8:14:11:b5:ec:6e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Apr 17 01:01:01 2026 GMT
            Not After : Apr 18 01:01:01 2026 GMT
        Subject: CN=43a288f3529de1483079b8d40bef76c503776315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ed:44:60:44:12:47:60:5f:45:25:1f:82:bd:
                    80:1b:c1:23:ce:ef:d2:e0:39:7b:fd:a1:4f:c2:09:
                    e8:d7:97:d3:21:c5:20:41:36:d5:c7:3d:40:36:17:
                    d7:4f:2b:28:ba:f2:fb:b7:e8:9f:97:79:fd:1e:75:
                    cd:6f:a1:fd:4e:0b:7b:3f:27:8a:1b:5e:a0:b3:ac:
                    d8:a4:0f:bc:7b:e5:7e:b5:70:58:84:ab:5f:76:2b:
                    70:72:2c:a9:6c:f2:77:73:57:34:c9:fc:df:a3:aa:
                    7a:8a:e9:f0:d6:2b:82:1a:b5:1e:1c:1e:0d:54:1d:
                    2c:a2:ea:81:bf:3b:12:02:b7:30:60:ee:34:19:d5:
                    08:07:0e:86:7f:92:ef:b2:98:de:3b:8d:ce:06:61:
                    25:f0:6b:f8:6a:ad:ab:34:a2:aa:8a:33:3b:bd:60:
                    c8:a2:b1:47:78:d8:ea:59:b0:ec:61:a3:8a:40:74:
                    68:39:30:af:6e:47:01:71:58:9f:91:e4:0a:d7:97:
                    f8:49:e7:7a:32:4b:f2:ad:5d:59:39:43:a7:fe:98:
                    35:e2:3b:05:e0:1f:d7:f2:4c:eb:08:21:97:8a:41:
                    23:6b:82:7b:5c:a3:b3:d4:24:cd:fc:7c:24:bc:78:
                    55:58:03:60:69:81:2f:99:ee:4e:a9:35:d0:c4:58:
                    98:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A2:88:F3:52:9D:E1:48:30:79:B8:D4:0B:EF:76:C5:03:77:63:15
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:2d:6b:b1:cc:48:fd:80:5c:4e:2e:e7:a0:2f:e4:c3:78:a4:
         bd:92:cd:11:db:80:15:62:2a:24:68:a2:a7:43:d7:e1:24:ee:
         e6:83:17:90:be:8d:71:f2:58:e1:f0:d5:5a:42:45:a0:c2:f4:
         c0:89:a6:af:25:76:12:03:83:99:d7:0c:f8:c3:5d:82:31:26:
         b1:b6:b5:56:21:bc:5e:a3:9b:2c:a1:08:5e:eb:1f:4e:1e:cd:
         43:7e:81:64:73:cf:55:3e:0c:92:9c:fe:25:b1:a9:f8:ed:9c:
         c9:a0:41:1b:a4:6b:42:4a:cb:c6:01:a4:6e:14:2d:31:d5:0c:
         9f:24:1a:85:49:bf:19:6e:c4:ba:81:2b:9d:2f:78:92:05:fb:
         6c:7c:d9:72:4e:83:03:1b:72:95:19:30:ff:ef:88:14:c5:68:
         52:32:8b:bc:a0:d1:ff:67:b1:3d:f4:c6:9d:61:08:71:39:8a:
         11:05:a6:cf:0b:6c:c9:62:6e:69:69:2c:37:52:b3:b1:2a:f9:
         7e:13:1d:4b:53:60:b0:74:d8:e1:41:2f:31:63:72:27:4f:a7:
         43:4e:7c:eb:83:6f:a7:f8:a2:ee:a4:a7:d8:ce:28:60:dd:2b:
         5d:9f:6a:94:3e:93:38:51:a0:46:a5:96:76:3f:4e:29:5b:1b:
         1b:33:77:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9J6jxKZTDgjIFBG17G65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwNDE3MDEwMTAxWhcNMjYwNDE4MDEwMTAxWjAzMTEwLwYDVQQD
Eyg0M2EyODhmMzUyOWRlMTQ4MzA3OWI4ZDQwYmVmNzZjNTAzNzc2MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+1EYEQSR2BfRSUfgr2AG8Ejzu/S
4Dl7/aFPwgno15fTIcUgQTbVxz1ANhfXTysouvL7t+ifl3n9HnXNb6H9Tgt7PyeK
G16gs6zYpA+8e+V+tXBYhKtfditwciypbPJ3c1c0yfzfo6p6iunw1iuCGrUeHB4N
VB0souqBvzsSArcwYO40GdUIBw6Gf5LvspjeO43OBmEl8Gv4aq2rNKKqijM7vWDI
orFHeNjqWbDsYaOKQHRoOTCvbkcBcVifkeQK15f4Sed6MkvyrV1ZOUOn/pg14jsF
4B/X8kzrCCGXikEja4J7XKOz1CTN/HwkvHhVWANgaYEvme5OqTXQxFiYuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOiiPNSneFIMHm41AvvdsUDd2MVMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANy1rscxI
/YBcTi7noC/kw3ikvZLNEduAFWIqJGiip0PX4STu5oMXkL6NcfJY4fDVWkJFoML0
wImmryV2EgODmdcM+MNdgjEmsba1ViG8XqObLKEIXusfTh7NQ36BZHPPVT4Mkpz+
JbGp+O2cyaBBG6RrQkrLxgGkbhQtMdUMnyQahUm/GW7EuoErnS94kgX7bHzZck6D
AxtylRkw/++IFMVoUjKLvKDR/2exPfTGnWEIcTmKEQWmzwtsyWJuaWksN1KzsSr5
fhMdS1NgsHTY4UEvMWNyJ0+nQ05864Nvp/ii7qSn2M4oYN0rXZ9qlD6TOFGgRqWW
dj9OKVsbGzN3/Q==
-----END CERTIFICATE-----