Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          7+Y/8mSDLKH4vafZkIXeueiCa2tO9DMl/nBPOYkipSU=
Subject key identifier:   2F:1B:0E:9B:D1:86:1C:B6:D9:68:05:10:06:C0:8F:44:27:19:AE:98
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019CAF4852A530C2EB290C8965E32E461E7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0FE9
Signing time:             Mon 02 Mar 2026 16:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:18 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: aaaeMTLatdtd5UBStJ/Pz9WE8a6y6FG3moSQrMU4XZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:52:a5:30:c2:eb:29:0c:89:65:e3:2e:46:1e:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Mar  2 16:01:18 2026 GMT
            Not After : Mar  3 16:01:18 2026 GMT
        Subject: CN=2f1b0e9bd1861cb6d968051006c08f442719ae98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:98:e5:e9:a0:7d:e7:ff:6b:b8:dc:d3:49:67:
                    74:77:6e:ca:e9:d6:3a:c4:36:0d:3f:99:46:a8:fb:
                    15:eb:96:20:8b:57:eb:fa:81:02:9c:74:9c:ce:0d:
                    92:d5:82:43:cd:b0:96:de:2a:03:b9:fd:95:1b:b6:
                    b3:77:80:c3:f2:0b:eb:c4:5d:fc:fd:8f:e5:5b:2f:
                    31:e0:19:26:4b:a2:48:3d:50:23:b3:01:56:d1:ce:
                    e1:96:b0:77:8d:b0:01:17:bb:cd:1b:5c:40:a5:b3:
                    82:69:8a:31:7c:10:7b:cf:83:00:5c:98:f4:43:c5:
                    d2:1d:2c:9e:96:a4:55:06:a6:29:80:40:39:65:ad:
                    f1:f5:a6:62:91:7a:33:9c:9e:cb:f3:41:83:47:da:
                    fc:5f:6f:b1:0c:41:5e:c5:7d:a0:ff:14:32:03:19:
                    f3:a6:ee:be:34:7d:60:fa:2e:e7:9b:a0:dc:8b:6f:
                    ce:ac:6b:94:ee:86:73:22:0e:67:98:99:d5:56:b7:
                    da:89:00:a9:a2:9e:e5:6c:2f:ae:41:ce:52:c2:62:
                    fe:64:72:25:9e:4f:f6:de:4a:ea:fe:cd:a8:d7:09:
                    53:b4:1b:5c:d5:85:82:07:51:0d:c7:a0:fe:8c:a9:
                    ef:39:7f:c1:50:dd:1a:e2:2f:01:f4:d1:bc:66:cb:
                    46:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:1B:0E:9B:D1:86:1C:B6:D9:68:05:10:06:C0:8F:44:27:19:AE:98
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:03:f5:10:52:50:34:1e:73:0d:aa:c8:3c:bf:11:5d:e8:53:
         22:6a:e8:15:f6:cd:8a:5a:bf:82:e1:28:6c:58:74:51:74:4c:
         a9:df:81:53:ec:f4:f0:0e:c5:fc:3d:8a:08:07:85:bd:6a:ad:
         cd:e7:ff:e0:0b:9c:db:e7:90:52:b5:d7:a9:d2:85:a6:21:dd:
         67:ed:98:f9:16:26:b0:20:ac:bc:d5:3b:d4:34:02:f3:d3:8f:
         2a:99:04:6e:f3:99:81:bd:9a:74:f2:5f:89:7e:14:15:dd:b0:
         78:bb:31:c3:75:59:85:44:24:3e:04:74:10:b4:79:88:0b:31:
         1d:3c:51:0a:ed:a4:ee:e2:a0:33:f4:a9:97:e9:2e:4b:5a:8e:
         cf:40:df:c4:49:b9:47:23:fd:ca:40:d0:89:6e:11:40:48:97:
         a9:8f:72:73:7e:d6:ea:df:93:50:97:e9:66:30:e7:7a:b6:ed:
         4b:49:3e:3c:c9:43:c2:19:3d:05:29:5b:39:da:ec:7e:38:76:
         7e:2b:e2:bb:9f:fa:4a:b5:79:3c:ed:74:b2:56:f7:82:a3:e9:
         b1:4a:9f:67:59:08:70:6e:06:a3:ad:f9:d5:76:31:10:d1:ee:
         2f:9f:25:5d:73:73:c5:ed:61:fe:a4:5b:0e:39:4b:cf:a4:ea:
         0a:6f:10:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSFKlMMLrKQyJZeMuRh5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjYwMzAyMTYwMTE4WhcNMjYwMzAzMTYwMTE4WjAzMTEwLwYDVQQD
EygyZjFiMGU5YmQxODYxY2I2ZDk2ODA1MTAwNmMwOGY0NDI3MTlhZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZjl6aB95/9ruNzTSWd0d27K6dY6
xDYNP5lGqPsV65Ygi1fr+oECnHSczg2S1YJDzbCW3ioDuf2VG7azd4DD8gvrxF38
/Y/lWy8x4BkmS6JIPVAjswFW0c7hlrB3jbABF7vNG1xApbOCaYoxfBB7z4MAXJj0
Q8XSHSyelqRVBqYpgEA5Za3x9aZikXoznJ7L80GDR9r8X2+xDEFexX2g/xQyAxnz
pu6+NH1g+i7nm6Dci2/OrGuU7oZzIg5nmJnVVrfaiQCpop7lbC+uQc5SwmL+ZHIl
nk/23krq/s2o1wlTtBtc1YWCB1ENx6D+jKnvOX/BUN0a4i8B9NG8ZstG5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8bDpvRhhy22WgFEAbAj0QnGa6YMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAigP1EFJQ
NB5zDarIPL8RXehTImroFfbNilq/guEobFh0UXRMqd+BU+z08A7F/D2KCAeFvWqt
zef/4Auc2+eQUrXXqdKFpiHdZ+2Y+RYmsCCsvNU71DQC89OPKpkEbvOZgb2adPJf
iX4UFd2weLsxw3VZhUQkPgR0ELR5iAsxHTxRCu2k7uKgM/Spl+kuS1qOz0DfxEm5
RyP9ykDQiW4RQEiXqY9yc37W6t+TUJfpZjDnerbtS0k+PMlDwhk9BSlbOdrsfjh2
fiviu5/6SrV5PO10slb3gqPpsUqfZ1kIcG4Go6351XYxENHuL58lXXNzxe1h/qRb
DjlLz6TqCm8Qbw==
-----END CERTIFICATE-----