Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          uLa+Dq2/cH3/DgTaiAA9PflWtZcFAYhwX6I2V0+2OvE=
Subject key identifier:   43:3F:E0:32:5A:45:1B:EE:0A:13:A4:7F:9D:F8:90:D9:8E:AB:FC:8F
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019CABD90A831967D3140CE92056397539DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 00:00:53 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:53 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:53 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: flyb0WGOOWzU0vrziotN8x/wDqXUEsnJysH1CCEcROk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:0a:83:19:67:d3:14:0c:e9:20:56:39:75:39:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Mar  2 00:00:53 2026 GMT
            Not After : Mar  3 00:00:53 2026 GMT
        Subject: CN=433fe0325a451bee0a13a47f9df890d98eabfc8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e0:7b:bb:b7:fd:d6:42:23:71:69:68:92:fb:
                    b7:09:3d:23:b4:4a:f0:98:e9:94:36:a7:41:2a:29:
                    61:1c:bb:fa:a6:03:9e:81:eb:ee:c7:0a:b8:d8:af:
                    92:07:b3:aa:01:c9:32:4c:15:df:b7:25:5a:4c:28:
                    ad:ab:61:9a:3a:51:73:26:9a:8a:e4:fa:d2:04:4f:
                    82:c4:b1:81:34:e9:74:87:30:e5:39:54:d2:8a:23:
                    b1:2b:fa:f0:b8:89:7b:79:b3:fd:bb:5c:54:ae:12:
                    66:d5:83:89:49:5b:f4:40:fb:55:68:ed:24:b7:26:
                    0c:2a:7c:ef:5e:a8:65:a7:9e:4d:ff:e6:b9:06:07:
                    89:a9:ab:11:f6:e5:4e:58:67:ea:23:3d:24:2c:97:
                    bb:60:b0:d6:fe:a7:0a:5f:51:0a:38:c8:52:94:fa:
                    27:20:c7:ce:b9:f1:7b:89:9f:48:d3:96:b6:99:fa:
                    9e:0a:cd:e7:77:06:23:f5:37:f6:8e:84:29:7c:d0:
                    d6:26:62:4c:79:e6:b7:ad:06:25:bb:17:5d:aa:cd:
                    f0:ef:07:fd:57:5f:ac:6d:eb:bd:7d:13:0d:bc:2d:
                    4d:56:62:fa:a6:8d:42:c4:63:83:e5:c1:bb:11:44:
                    ce:db:dd:92:79:96:31:a9:3a:02:b1:3a:57:3e:bf:
                    35:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:3F:E0:32:5A:45:1B:EE:0A:13:A4:7F:9D:F8:90:D9:8E:AB:FC:8F
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:fa:de:bf:b4:18:0b:5c:60:04:cb:c6:f5:cb:c4:03:ec:42:
         6a:d5:7f:df:f9:0e:a3:e2:fc:53:d5:65:8f:7b:b1:22:57:e7:
         25:c3:92:5d:e9:05:73:02:11:e7:54:3c:e3:44:e7:05:93:77:
         87:c3:48:53:83:1e:eb:b0:ed:41:f5:62:b0:e0:03:6e:97:1b:
         04:cc:3c:86:ac:c3:27:d5:37:79:38:a4:dc:ad:e6:54:91:41:
         f7:93:6c:7f:d4:22:57:80:fe:0e:5a:fc:c7:14:7a:36:6d:01:
         3b:ed:d5:7a:f0:7d:e5:ec:03:94:54:7d:1e:f3:c9:c6:25:db:
         02:56:af:8b:34:3e:a8:5a:09:0c:2d:94:e0:57:5c:5b:f0:70:
         8c:cd:65:5b:89:32:f6:57:ac:b6:b8:16:de:17:e3:56:6f:dd:
         32:46:65:17:0e:ad:f6:ec:7b:1b:47:10:f7:0a:1e:b2:d9:48:
         d6:07:21:56:d8:61:64:cf:8f:96:25:8e:8e:62:85:59:8b:86:
         a1:86:0d:20:82:32:e2:95:f9:f4:70:4a:7c:50:07:c0:18:29:
         f6:32:20:46:61:1c:6f:3a:99:9e:72:fb:fb:cb:db:c3:64:a4:
         f4:04:53:83:68:47:69:10:db:7c:a4:98:bb:00:b4:2c:d1:7d:
         ba:84:ba:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2QqDGWfTFAzpIFY5dTncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjYwMzAyMDAwMDUzWhcNMjYwMzAzMDAwMDUzWjAzMTEwLwYDVQQD
Eyg0MzNmZTAzMjVhNDUxYmVlMGExM2E0N2Y5ZGY4OTBkOThlYWJmYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeB7u7f91kIjcWlokvu3CT0jtErw
mOmUNqdBKilhHLv6pgOegevuxwq42K+SB7OqAckyTBXftyVaTCitq2GaOlFzJpqK
5PrSBE+CxLGBNOl0hzDlOVTSiiOxK/rwuIl7ebP9u1xUrhJm1YOJSVv0QPtVaO0k
tyYMKnzvXqhlp55N/+a5BgeJqasR9uVOWGfqIz0kLJe7YLDW/qcKX1EKOMhSlPon
IMfOufF7iZ9I05a2mfqeCs3ndwYj9Tf2joQpfNDWJmJMeea3rQYluxddqs3w7wf9
V1+sbeu9fRMNvC1NVmL6po1CxGOD5cG7EUTO292SeZYxqToCsTpXPr81iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEM/4DJaRRvuChOkf534kNmOq/yPMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/rev7QY
C1xgBMvG9cvEA+xCatV/3/kOo+L8U9Vlj3uxIlfnJcOSXekFcwIR51Q840TnBZN3
h8NIU4Me67DtQfVisOADbpcbBMw8hqzDJ9U3eTik3K3mVJFB95Nsf9QiV4D+Dlr8
xxR6Nm0BO+3VevB95ewDlFR9HvPJxiXbAlavizQ+qFoJDC2U4FdcW/BwjM1lW4ky
9lestrgW3hfjVm/dMkZlFw6t9ux7G0cQ9woestlI1gchVthhZM+PliWOjmKFWYuG
oYYNIIIy4pX59HBKfFAHwBgp9jIgRmEcbzqZnnL7+8vbw2Sk9ARTg2hHaRDbfKSY
uwC0LNF9uoS6jA==
-----END CERTIFICATE-----