Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          TNQSkCIIZw8i70sAACuyBJAVWmB6f73gAhxtQkmJxAg=
Subject key identifier:   50:88:D1:77:9C:A1:B2:BB:9F:BE:7B:76:50:7B:9B:6A:53:F0:F4:13
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019CAB6B7B301848A4AC9CB904622A7358BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          096C
Signing time:             Sun 01 Mar 2026 22:01:13 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:13 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:13 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: jh0BUjosYKdr4opwIoP3HioUNMAEmy19AePc7Ig8ue8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:7b:30:18:48:a4:ac:9c:b9:04:62:2a:73:58:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Mar  1 22:01:13 2026 GMT
            Not After : Mar  2 22:01:13 2026 GMT
        Subject: CN=5088d1779ca1b2bb9fbe7b76507b9b6a53f0f413
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:55:b2:6e:c2:f7:d1:d2:82:6e:2b:6c:c4:01:
                    7a:5b:28:c2:b7:0c:b4:b4:aa:66:50:c0:0c:ab:71:
                    5a:49:b5:a6:25:b5:c1:b4:e1:0d:17:12:86:9d:02:
                    a6:94:6a:cc:12:67:02:48:70:22:d2:df:57:a2:f0:
                    20:c8:42:62:35:64:7b:b2:a1:24:a1:52:1d:85:be:
                    3e:7d:37:cc:77:84:0c:ee:5d:c8:1c:8e:d7:9f:20:
                    d4:77:ed:e3:17:c2:5f:1f:b8:14:9c:fb:c4:d3:8a:
                    75:05:3e:49:ca:22:22:41:d8:39:07:09:66:c9:dc:
                    d3:52:0d:90:e1:68:19:6f:58:5e:33:c7:af:3c:a8:
                    dc:79:40:24:bc:f1:04:f3:e5:5e:c4:04:b0:bc:01:
                    35:ec:f1:78:f8:e8:be:84:49:40:b3:f6:e4:78:3f:
                    44:c8:f2:76:44:cd:b9:05:b2:7b:92:1e:3a:35:27:
                    1e:61:36:7a:7c:55:46:54:1c:18:e4:22:c7:5b:20:
                    83:9a:80:ba:af:27:94:fd:ae:0f:b1:cb:54:b9:29:
                    fd:9d:c5:af:9c:51:f0:98:9d:24:9a:ac:12:66:c0:
                    f1:4b:d0:42:af:22:52:fb:67:3c:af:e3:8d:ff:07:
                    48:47:80:c5:58:27:43:70:68:c7:95:1c:46:19:74:
                    c4:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:88:D1:77:9C:A1:B2:BB:9F:BE:7B:76:50:7B:9B:6A:53:F0:F4:13
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:16:e7:44:5f:38:15:5b:3f:26:47:ba:cc:34:d4:36:01:fa:
         72:d9:a5:2e:c1:95:98:27:a1:20:41:17:49:d5:bd:5c:20:54:
         8a:69:ef:0a:6f:bc:45:e9:44:da:ce:95:ce:33:80:41:6e:2f:
         34:6e:3b:63:a3:f1:21:f9:1f:c4:d8:56:47:3c:05:45:bd:a7:
         18:60:07:ad:60:d5:67:90:e0:26:cd:b7:3a:6b:a4:33:43:61:
         5d:e9:f6:05:cc:09:d1:e1:b3:07:e9:bb:cc:9c:2f:cc:f9:16:
         64:20:b0:d1:63:c3:d4:58:ed:37:4d:21:f1:bf:df:a0:8a:7a:
         cb:fd:d3:63:d9:0f:75:0b:9d:ba:24:20:50:70:64:80:f3:40:
         54:19:12:67:a5:ea:c0:1e:52:de:b9:06:ef:91:8b:86:29:06:
         e6:5b:f0:ba:94:bc:c7:fb:d2:5e:2e:d7:9e:8a:b8:f0:4b:05:
         5e:79:d0:4f:e7:98:de:d8:3a:b9:b7:33:7c:e7:7b:94:bb:f6:
         ac:6d:68:6b:e8:65:54:88:fa:3f:bc:7e:5d:6c:23:96:0f:df:
         d4:f5:e8:4c:4b:c1:38:0e:72:93:20:28:82:41:20:ef:b8:ff:
         6c:49:05:4c:e7:52:74:e1:0e:2e:3a:2c:60:7c:29:41:4b:83:
         01:80:b2:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3swGEikrJy5BGIqc1i/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwMzAxMjIwMTEzWhcNMjYwMzAyMjIwMTEzWjAzMTEwLwYDVQQD
Eyg1MDg4ZDE3NzljYTFiMmJiOWZiZTdiNzY1MDdiOWI2YTUzZjBmNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FWybsL30dKCbitsxAF6WyjCtwy0
tKpmUMAMq3FaSbWmJbXBtOENFxKGnQKmlGrMEmcCSHAi0t9XovAgyEJiNWR7sqEk
oVIdhb4+fTfMd4QM7l3IHI7XnyDUd+3jF8JfH7gUnPvE04p1BT5JyiIiQdg5Bwlm
ydzTUg2Q4WgZb1heM8evPKjceUAkvPEE8+VexASwvAE17PF4+Oi+hElAs/bkeD9E
yPJ2RM25BbJ7kh46NSceYTZ6fFVGVBwY5CLHWyCDmoC6ryeU/a4PsctUuSn9ncWv
nFHwmJ0kmqwSZsDxS9BCryJS+2c8r+ON/wdIR4DFWCdDcGjHlRxGGXTEXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCI0XecobK7n757dlB7m2pT8PQTMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhRbnRF84
FVs/Jke6zDTUNgH6ctmlLsGVmCehIEEXSdW9XCBUimnvCm+8RelE2s6VzjOAQW4v
NG47Y6PxIfkfxNhWRzwFRb2nGGAHrWDVZ5DgJs23OmukM0NhXen2BcwJ0eGzB+m7
zJwvzPkWZCCw0WPD1FjtN00h8b/foIp6y/3TY9kPdQuduiQgUHBkgPNAVBkSZ6Xq
wB5S3rkG75GLhikG5lvwupS8x/vSXi7Xnoq48EsFXnnQT+eY3tg6ubczfOd7lLv2
rG1oa+hlVIj6P7x+XWwjlg/f1PXoTEvBOA5ykyAogkEg77j/bEkFTOdSdOEOLjos
YHwpQUuDAYCyfQ==
-----END CERTIFICATE-----