Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          7HksFBrCcL5RubFcndF4pjgbTGYg2NMgW6BFDJSplX4=
Subject key identifier:   82:C6:D1:B1:BF:95:95:E5:2E:46:07:52:EB:67:F8:68:43:2E:A8:1E
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019D98F4A9F5DF9E2E26A8AD46922F8EC560
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          09E7
Signing time:             Fri 17 Apr 2026 01:01:04 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:04 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:04 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: Ex02Z3ZO+qrG6Fa5JuG9RDoQH8ndyjHUB9K2kIgZLOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:a9:f5:df:9e:2e:26:a8:ad:46:92:2f:8e:c5:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Apr 17 01:01:04 2026 GMT
            Not After : Apr 18 01:01:04 2026 GMT
        Subject: CN=82c6d1b1bf9595e52e460752eb67f868432ea81e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:be:b7:96:ce:e4:4b:0b:ab:83:44:46:02:b8:
                    ae:04:b6:15:d4:db:f2:8c:5d:76:29:5a:33:87:0a:
                    d7:fc:2c:38:f4:86:62:9e:07:5f:35:0c:b2:28:40:
                    e0:f2:79:05:71:04:7e:a4:43:8e:18:b2:c1:b3:28:
                    07:a0:20:de:72:ab:e6:40:b4:e7:c5:a3:cf:ec:2f:
                    e5:63:4c:c3:37:90:5f:41:5d:8c:bf:9a:fa:ec:08:
                    08:21:e9:ec:be:4e:db:b6:32:f3:8a:e0:82:fa:cb:
                    5f:b9:8f:d5:08:ac:12:b2:31:e0:13:a8:c3:d2:d6:
                    71:37:6b:04:51:f8:cc:2d:c5:f3:4e:73:ec:86:bb:
                    d1:87:37:b7:69:9d:40:1c:43:e8:60:48:8e:eb:1a:
                    77:3c:a8:01:20:e4:9f:b6:8e:37:9b:12:8f:8a:e1:
                    d1:e1:4a:01:c7:a4:b1:72:93:fd:cd:fe:e7:c6:2e:
                    8a:41:96:78:02:2e:5c:35:5a:4f:10:ab:93:0b:89:
                    fd:dc:95:18:67:89:c7:e6:46:77:ff:cc:4f:1a:3e:
                    ee:69:f2:9f:98:68:7b:2a:f9:12:98:1e:39:70:a7:
                    51:9e:89:30:de:77:a5:be:74:25:c2:9d:5c:17:46:
                    99:a3:d5:c6:b1:f0:4a:40:86:2d:ba:08:c3:99:23:
                    98:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C6:D1:B1:BF:95:95:E5:2E:46:07:52:EB:67:F8:68:43:2E:A8:1E
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:40:13:88:7a:98:e3:e3:75:57:9c:d2:e7:50:55:38:fd:87:
         37:b9:e8:9d:52:39:62:fa:1c:60:19:04:54:fb:40:5e:d9:95:
         3f:4d:e9:96:45:24:16:6e:18:bf:11:e8:60:82:05:a7:75:f4:
         b4:09:54:0c:ef:95:a7:ef:2c:6a:f3:63:0b:9e:1e:f5:0f:48:
         fd:fd:ef:17:92:27:fb:34:d2:c8:ba:a4:80:37:5f:40:ba:58:
         7b:de:8a:e7:38:f1:53:89:ae:6d:aa:82:40:9d:f8:00:d2:f6:
         78:97:00:54:f9:6e:4c:cd:7f:37:40:f2:9c:9e:b4:47:d5:35:
         de:64:01:3a:50:d8:85:17:3f:ba:30:9f:71:8e:0d:c3:db:ec:
         44:5a:26:1d:5a:34:07:6e:ad:15:4f:bd:6a:3f:b1:39:e5:8b:
         ce:73:86:af:f2:9e:1b:86:ab:57:74:90:6d:43:e4:a9:83:f3:
         fd:d4:03:7f:7c:d0:1c:7b:bd:13:bf:10:ec:60:25:ca:71:e0:
         59:9b:f8:22:d6:ca:76:8c:c2:8b:ae:cb:9e:b4:b4:c8:21:04:
         05:3d:3c:4d:39:d9:32:ba:97:79:3f:07:73:f8:5d:b6:1f:ea:
         f9:55:07:14:42:66:ca:83:6e:a8:fa:e9:e8:38:3e:1f:87:36:
         eb:1e:a8:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Kn1354uJqitRpIvjsVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjYwNDE3MDEwMTA0WhcNMjYwNDE4MDEwMTA0WjAzMTEwLwYDVQQD
Eyg4MmM2ZDFiMWJmOTU5NWU1MmU0NjA3NTJlYjY3Zjg2ODQzMmVhODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL63ls7kSwurg0RGAriuBLYV1Nvy
jF12KVozhwrX/Cw49IZingdfNQyyKEDg8nkFcQR+pEOOGLLBsygHoCDecqvmQLTn
xaPP7C/lY0zDN5BfQV2Mv5r67AgIIensvk7btjLziuCC+stfuY/VCKwSsjHgE6jD
0tZxN2sEUfjMLcXzTnPshrvRhze3aZ1AHEPoYEiO6xp3PKgBIOSfto43mxKPiuHR
4UoBx6SxcpP9zf7nxi6KQZZ4Ai5cNVpPEKuTC4n93JUYZ4nH5kZ3/8xPGj7uafKf
mGh7KvkSmB45cKdRnokw3nelvnQlwp1cF0aZo9XGsfBKQIYtugjDmSOYywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILG0bG/lZXlLkYHUutn+GhDLqgeMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdUATiHqY
4+N1V5zS51BVOP2HN7nonVI5YvocYBkEVPtAXtmVP03plkUkFm4YvxHoYIIFp3X0
tAlUDO+Vp+8savNjC54e9Q9I/f3vF5In+zTSyLqkgDdfQLpYe96K5zjxU4mubaqC
QJ34ANL2eJcAVPluTM1/N0DynJ60R9U13mQBOlDYhRc/ujCfcY4Nw9vsRFomHVo0
B26tFU+9aj+xOeWLznOGr/KeG4arV3SQbUPkqYPz/dQDf3zQHHu9E78Q7GAlynHg
WZv4ItbKdozCi67LnrS0yCEEBT08TTnZMrqXeT8Hc/hdth/q+VUHFEJmyoNuqPrp
6Dg+H4c26x6ofQ==
-----END CERTIFICATE-----