Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          cM8ebl6z3Q6Vei7Q8iulwyrpUTAqe0sain0YCTVcqYo=
Subject key identifier:   31:A7:D7:83:6E:14:16:97:5D:C3:E8:E9:54:6A:B9:3A:DB:13:24:54
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019D97AAE82B5B8D8D98AE47CE3107B6B512
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0C92
Signing time:             Thu 16 Apr 2026 19:00:53 +0000
Manifest this update:     Thu 16 Apr 2026 19:00:53 +0000
Manifest next update:     Fri 17 Apr 2026 19:00:53 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: dgSpydu5p8i8GTGUKSWGV4RLRPSP87jxiiTE85dYn6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 19:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:aa:e8:2b:5b:8d:8d:98:ae:47:ce:31:07:b6:b5:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Apr 16 19:00:53 2026 GMT
            Not After : Apr 17 19:00:53 2026 GMT
        Subject: CN=31a7d7836e1416975dc3e8e9546ab93adb132454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0d:6e:55:d9:19:2f:79:87:6e:09:34:d6:5f:
                    ea:9e:2b:85:47:53:c0:b1:89:d0:c8:b8:6a:0e:7d:
                    e9:26:d2:28:4e:81:56:ba:21:61:1f:4b:6f:c9:59:
                    dd:44:1e:a3:d6:7d:33:14:15:c5:49:60:10:1c:fb:
                    19:c8:e4:58:98:58:4f:5b:d4:79:d7:12:6c:35:fc:
                    5d:35:5d:ee:25:3d:14:6c:cf:d7:42:47:82:b9:de:
                    f3:82:68:d9:7c:0c:5b:6b:25:70:72:7f:9c:12:a1:
                    09:65:61:b3:bf:d5:ac:6c:9a:8d:a1:f3:a0:76:71:
                    c4:0c:c6:f7:01:8f:1d:a7:cd:ce:8f:66:79:68:67:
                    93:1a:02:cf:79:15:f9:cd:ee:f4:27:bd:3f:ca:88:
                    a7:e1:86:75:2e:be:6c:46:9a:b5:9c:d1:4e:12:1a:
                    8b:94:77:09:c9:f9:13:6c:39:b4:cd:e5:35:ee:dc:
                    40:85:77:4c:db:6c:a0:b9:93:56:dd:5c:de:ec:42:
                    89:c5:15:9d:2a:e4:d0:63:95:45:d5:da:fa:85:1e:
                    dd:a4:53:e0:b0:ad:c9:98:6f:d0:5a:fc:db:42:80:
                    f1:0b:cb:ca:42:87:f1:af:08:c4:d0:73:2e:ae:85:
                    46:78:ae:81:3d:ee:1d:1a:6d:a0:51:65:89:6f:bb:
                    e4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:A7:D7:83:6E:14:16:97:5D:C3:E8:E9:54:6A:B9:3A:DB:13:24:54
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:bf:56:e1:d5:1f:26:65:eb:13:87:06:c0:01:86:36:1a:1a:
         49:dc:59:3e:98:2c:11:b8:54:7b:15:a0:42:78:5c:77:c0:21:
         af:18:fa:75:ad:88:02:bd:25:8b:d0:9f:27:4b:a9:d6:90:11:
         1f:d1:82:94:24:e5:0d:a7:28:91:95:8f:5c:20:d5:41:92:e5:
         74:d9:5b:8c:6e:c8:1f:40:be:ee:26:a5:b9:a8:26:f2:01:f1:
         23:16:52:83:c6:ae:18:cb:9a:6c:37:1e:22:c0:73:9e:ed:ff:
         94:60:42:47:af:82:ad:98:63:d2:75:5f:a0:39:3a:e6:fc:a2:
         a9:cc:bf:48:13:43:22:d7:2a:8f:4b:a3:7b:62:ba:57:f4:8f:
         f7:79:4e:aa:52:a1:71:d3:f6:75:37:18:51:50:08:67:c8:14:
         df:6d:3a:70:54:a1:f4:18:93:8c:61:d9:08:9f:92:d4:e1:d8:
         40:bb:62:54:c5:55:50:48:d5:c2:93:54:a1:a6:d8:5b:a0:4f:
         4a:ba:52:d6:d9:16:65:7b:0a:07:54:d5:04:15:6e:68:ef:7d:
         95:72:c2:4c:a3:09:4b:a7:ad:29:cc:31:34:81:b4:0f:a7:71:
         4d:00:22:29:e3:a6:2d:fa:bd:f0:fe:ab:4c:2b:99:eb:4b:38:
         ea:66:fc:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqugrW42NmK5HzjEHtrUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjYwNDE2MTkwMDUzWhcNMjYwNDE3MTkwMDUzWjAzMTEwLwYDVQQD
EygzMWE3ZDc4MzZlMTQxNjk3NWRjM2U4ZTk1NDZhYjkzYWRiMTMyNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw1uVdkZL3mHbgk01l/qniuFR1PA
sYnQyLhqDn3pJtIoToFWuiFhH0tvyVndRB6j1n0zFBXFSWAQHPsZyORYmFhPW9R5
1xJsNfxdNV3uJT0UbM/XQkeCud7zgmjZfAxbayVwcn+cEqEJZWGzv9WsbJqNofOg
dnHEDMb3AY8dp83Oj2Z5aGeTGgLPeRX5ze70J70/yoin4YZ1Lr5sRpq1nNFOEhqL
lHcJyfkTbDm0zeU17txAhXdM22yguZNW3Vze7EKJxRWdKuTQY5VF1dr6hR7dpFPg
sK3JmG/QWvzbQoDxC8vKQofxrwjE0HMuroVGeK6BPe4dGm2gUWWJb7vkUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGn14NuFBaXXcPo6VRquTrbEyRUMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARL9W4dUf
JmXrE4cGwAGGNhoaSdxZPpgsEbhUexWgQnhcd8Ahrxj6da2IAr0li9CfJ0up1pAR
H9GClCTlDacokZWPXCDVQZLldNlbjG7IH0C+7ialuagm8gHxIxZSg8auGMuabDce
IsBznu3/lGBCR6+CrZhj0nVfoDk65vyiqcy/SBNDItcqj0uje2K6V/SP93lOqlKh
cdP2dTcYUVAIZ8gU3206cFSh9BiTjGHZCJ+S1OHYQLtiVMVVUEjVwpNUoabYW6BP
SrpS1tkWZXsKB1TVBBVuaO99lXLCTKMJS6etKcwxNIG0D6dxTQAiKeOmLfq98P6r
TCuZ60s46mb8yA==
-----END CERTIFICATE-----