Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          oy2uLinjUAUVM9Jkkm2QxihR8s8HIIE5I1mhMlVWhmE=
Subject key identifier:   90:E0:84:44:E1:05:9E:F3:19:32:74:95:5A:A7:B3:82:F0:85:41:DF
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019CAB6B23DF293B8A3E94380107A4ECED6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          08D7
Signing time:             Sun 01 Mar 2026 22:00:51 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:51 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:51 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: CjJE9tL2kGpYEYLVeEFPsH1MAJIIYZ4BMYBAaiGRXkE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:23:df:29:3b:8a:3e:94:38:01:07:a4:ec:ed:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Mar  1 22:00:51 2026 GMT
            Not After : Mar  2 22:00:51 2026 GMT
        Subject: CN=90e08444e1059ef3193274955aa7b382f08541df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c0:84:22:d7:5f:f5:45:ed:8c:53:52:d3:24:
                    ea:4a:2b:17:6c:97:f1:df:7b:a8:95:2a:5d:3f:da:
                    5f:be:28:6e:06:f0:19:71:b4:42:a9:26:39:6f:bd:
                    0f:a1:a3:8f:c5:3b:e9:d8:8f:83:b4:06:4b:50:f7:
                    d2:dc:1b:f6:09:46:14:b9:80:f9:49:57:96:51:d5:
                    7f:3e:2e:71:60:6f:11:68:46:a5:03:a2:ab:6d:8b:
                    8a:6f:c1:3c:a9:57:50:1a:c5:9e:d8:3a:22:95:74:
                    49:df:ec:fe:ee:e2:2d:4d:af:1b:55:ad:0c:1b:b8:
                    57:4a:55:ef:4a:3b:a2:b9:65:a7:43:82:22:ef:64:
                    88:b3:a5:01:79:14:c9:ff:de:a5:7f:49:2d:78:78:
                    27:e2:08:38:af:34:e4:ed:ff:b2:58:cb:0d:af:61:
                    0b:ff:7a:e3:8e:ad:10:88:0f:ca:4c:ef:c8:ed:2d:
                    62:4b:8b:ce:73:6c:7c:43:5e:74:3b:0c:be:8b:d6:
                    e3:7c:4d:20:ef:72:7f:6e:d8:f5:8c:0f:75:d2:78:
                    d4:40:a6:22:19:0d:ae:77:a4:22:6b:3f:86:7a:32:
                    81:9f:8d:56:48:b8:d2:d0:8d:ec:5f:33:39:70:df:
                    dc:62:3d:a3:fd:82:ed:01:f5:5b:87:f2:5a:15:14:
                    8a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:E0:84:44:E1:05:9E:F3:19:32:74:95:5A:A7:B3:82:F0:85:41:DF
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:7f:69:01:e0:2b:f5:0a:ac:e8:ca:fb:aa:00:ba:07:4b:6f:
         07:91:db:7c:84:70:5c:44:cf:83:7b:fe:c1:8b:63:c8:9a:51:
         4c:3e:21:3f:61:10:83:4d:ec:76:e6:95:a1:7d:64:64:f1:d9:
         89:79:ce:72:4f:8f:63:1d:29:27:ac:a1:de:84:c6:e9:3a:cf:
         98:20:7b:a8:33:c1:2a:d5:cb:29:61:8a:35:34:0b:80:1b:68:
         38:4f:d9:67:ef:0d:4c:ca:3c:65:35:9e:03:5a:85:9e:5c:03:
         d2:e9:37:42:fa:6a:b7:06:d0:38:86:9b:a4:7c:b7:ca:a6:43:
         92:5f:0b:ef:77:90:f7:20:44:e0:d1:d5:5e:f7:bd:51:d8:bd:
         bc:e2:41:32:37:77:28:b7:f8:55:6b:84:da:6f:66:ed:1d:0d:
         cf:be:10:d8:b9:38:cc:31:43:60:e5:f6:82:b5:77:48:3d:2f:
         4f:1e:57:37:53:31:1e:a7:3a:b9:ed:1d:03:ed:f6:7b:7a:48:
         29:57:28:f4:e8:ed:be:df:ff:a7:1e:15:0f:42:d5:11:fa:b3:
         ec:ec:a6:8b:f1:23:7c:ed:93:3b:25:91:29:13:9e:a6:63:b8:
         ed:d1:b8:f7:96:84:67:90:38:a6:62:8d:cc:40:fa:8a:08:16:
         6f:39:85:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrayPfKTuKPpQ4AQek7O1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjYwMzAxMjIwMDUxWhcNMjYwMzAyMjIwMDUxWjAzMTEwLwYDVQQD
Eyg5MGUwODQ0NGUxMDU5ZWYzMTkzMjc0OTU1YWE3YjM4MmYwODU0MWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMCEItdf9UXtjFNS0yTqSisXbJfx
33uolSpdP9pfvihuBvAZcbRCqSY5b70PoaOPxTvp2I+DtAZLUPfS3Bv2CUYUuYD5
SVeWUdV/Pi5xYG8RaEalA6KrbYuKb8E8qVdQGsWe2DoilXRJ3+z+7uItTa8bVa0M
G7hXSlXvSjuiuWWnQ4Ii72SIs6UBeRTJ/96lf0kteHgn4gg4rzTk7f+yWMsNr2EL
/3rjjq0QiA/KTO/I7S1iS4vOc2x8Q150Owy+i9bjfE0g73J/btj1jA910njUQKYi
GQ2ud6Qiaz+GejKBn41WSLjS0I3sXzM5cN/cYj2j/YLtAfVbh/JaFRSKewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDghEThBZ7zGTJ0lVqns4LwhUHfMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASX9pAeAr
9Qqs6Mr7qgC6B0tvB5HbfIRwXETPg3v+wYtjyJpRTD4hP2EQg03sduaVoX1kZPHZ
iXnOck+PYx0pJ6yh3oTG6TrPmCB7qDPBKtXLKWGKNTQLgBtoOE/ZZ+8NTMo8ZTWe
A1qFnlwD0uk3QvpqtwbQOIabpHy3yqZDkl8L73eQ9yBE4NHVXve9Udi9vOJBMjd3
KLf4VWuE2m9m7R0Nz74Q2Lk4zDFDYOX2grV3SD0vTx5XN1MxHqc6ue0dA+32e3pI
KVco9Ojtvt//px4VD0LVEfqz7Oymi/EjfO2TOyWRKROepmO47dG495aEZ5A4pmKN
zED6iggWbzmFeA==
-----END CERTIFICATE-----