Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft
File:                     3sQzl3xytL5diI9WhT7TGh_x78Y.mft (raw, json)
Hash identifier:          XTffpR5nkie35fEzzgEyGJXIUXOfVvemVSCkoOVTfik=
Subject key identifier:   A5:BC:9B:E3:88:30:43:01:0E:AE:8E:AA:09:7C:D5:4A:30:D7:CB:01
Authority key identifier: DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6
Certificate issuer:       /CN=dec433977c72b4be5d888f56853ed31a1ff1efc6
Certificate serial:       019CAE35A7DB86841765CF90911D739450BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft
Manifest number:          0F27
Signing time:             Mon 02 Mar 2026 11:01:17 +0000
Manifest this update:     Mon 02 Mar 2026 11:01:17 +0000
Manifest next update:     Tue 03 Mar 2026 11:01:17 +0000
Files and hashes:         1: 3sQzl3xytL5diI9WhT7TGh_x78Y.crl (hash: lfJ+g6eTk1DBpoH1mG/tD21I0cNnnxHQHrTm/W57uTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 11:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:35:a7:db:86:84:17:65:cf:90:91:1d:73:94:50:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dec433977c72b4be5d888f56853ed31a1ff1efc6
        Validity
            Not Before: Mar  2 11:01:17 2026 GMT
            Not After : Mar  3 11:01:17 2026 GMT
        Subject: CN=a5bc9be3883043010eae8eaa097cd54a30d7cb01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9f:cf:b9:27:58:eb:56:b5:8e:67:1d:e6:78:
                    c8:ae:4e:76:3f:e3:c1:b3:a3:3c:73:8f:c8:31:b7:
                    e0:bf:a4:c6:6c:7b:79:cc:be:10:d5:d3:28:4f:e3:
                    37:66:3e:eb:51:4d:51:d9:94:3c:f8:fc:98:36:66:
                    de:93:c4:af:d6:90:9d:ec:94:61:d8:67:54:22:87:
                    62:72:34:25:c9:2c:6c:5a:31:76:c7:13:27:a0:75:
                    b8:43:8b:99:67:dd:fb:79:5b:40:96:87:b0:f4:d5:
                    8b:4b:20:8d:94:0b:9a:ad:65:18:00:19:09:76:59:
                    c7:53:e6:f6:7c:0b:69:86:4c:89:7c:e8:13:be:f7:
                    7a:b1:f6:c7:52:4c:3e:56:27:80:13:a1:e0:d7:b1:
                    7d:35:cd:ba:15:4e:b4:dc:1c:1a:29:0c:85:3e:88:
                    ba:54:5c:67:ac:6c:cf:f9:3f:50:df:eb:15:4c:a0:
                    8d:53:db:8e:eb:c1:5a:96:f4:bb:28:7c:60:88:80:
                    b6:ea:8b:ad:99:78:1d:a9:b3:93:25:46:89:ec:08:
                    18:91:84:cc:80:fa:d4:47:3e:db:d3:e6:53:60:2a:
                    b8:5c:f7:1d:55:bc:7b:e9:ac:0a:3b:c0:63:66:fe:
                    17:c1:f8:e5:b8:77:77:5b:7e:fb:d8:e8:3c:0b:a6:
                    b7:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BC:9B:E3:88:30:43:01:0E:AE:8E:AA:09:7C:D5:4A:30:D7:CB:01
            X509v3 Authority Key Identifier:
                keyid:DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:cc:7f:89:52:dd:65:29:be:ee:28:09:1f:74:f9:68:d6:4e:
         f5:f5:5b:60:60:84:b1:11:ad:09:7b:96:f1:c4:f0:73:4c:60:
         83:de:19:af:86:22:c1:73:c2:d7:62:97:1b:9f:fe:10:6b:ba:
         86:3a:b8:76:aa:d5:52:6e:26:2d:f4:48:70:de:d1:dd:4e:2a:
         e9:13:ce:57:34:b2:6f:75:aa:2c:24:fe:5c:e4:2c:cd:96:67:
         b4:2a:d2:85:6e:73:3f:fc:ad:fe:1e:de:c4:82:f5:09:4a:7e:
         d1:2e:b9:26:d3:a9:b9:19:ee:18:53:a3:5a:31:4c:b4:4f:34:
         6a:7c:bd:f4:8e:bf:27:51:42:81:6f:72:b3:2b:63:f9:2b:68:
         cc:70:2f:f6:47:2a:be:7c:4d:e9:3d:4c:2d:72:e0:4a:40:38:
         53:62:c6:6f:42:29:ef:04:b2:b5:c1:f1:e1:e3:ff:f6:19:db:
         39:1d:7f:b9:f7:58:7b:76:85:dd:f3:02:b2:28:29:0b:d7:df:
         e3:19:3f:40:e1:bf:bf:fb:c4:45:62:72:da:98:63:f3:43:8b:
         1b:41:1f:ce:7f:d2:a8:93:90:27:ca:2e:b4:d0:6e:fb:a0:13:
         4a:b4:e3:b6:c7:9d:74:bb:79:99:2b:83:40:c7:6d:4c:1a:0b:
         8a:fb:46:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNafbhoQXZc+QkR1zlFC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYzQzMzk3N2M3MmI0YmU1ZDg4OGY1Njg1M2VkMzFhMWZm
MWVmYzYwHhcNMjYwMzAyMTEwMTE3WhcNMjYwMzAzMTEwMTE3WjAzMTEwLwYDVQQD
EyhhNWJjOWJlMzg4MzA0MzAxMGVhZThlYWEwOTdjZDU0YTMwZDdjYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ/PuSdY61a1jmcd5njIrk52P+PB
s6M8c4/IMbfgv6TGbHt5zL4Q1dMoT+M3Zj7rUU1R2ZQ8+PyYNmbek8Sv1pCd7JRh
2GdUIodicjQlySxsWjF2xxMnoHW4Q4uZZ937eVtAloew9NWLSyCNlAuarWUYABkJ
dlnHU+b2fAtphkyJfOgTvvd6sfbHUkw+VieAE6Hg17F9Nc26FU603BwaKQyFPoi6
VFxnrGzP+T9Q3+sVTKCNU9uO68FalvS7KHxgiIC26outmXgdqbOTJUaJ7AgYkYTM
gPrURz7b0+ZTYCq4XPcdVbx76awKO8BjZv4XwfjluHd3W3772Og8C6a3qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW8m+OIMEMBDq6Oqgl81Uow18sBMB8GA1UdIwQY
MBaAFN7EM5d8crS+XYiPVoU+0xof8e/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80NTZhODUtYjdhMS00MTgzLWE2NGYt
MjIzZjUwOGMwNTVhLzEvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80NTZhODUtYjdhMS00MTgzLWE2NGYtMjIzZjUwOGMwNTVh
LzEvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMx/iVLd
ZSm+7igJH3T5aNZO9fVbYGCEsRGtCXuW8cTwc0xgg94Zr4YiwXPC12KXG5/+EGu6
hjq4dqrVUm4mLfRIcN7R3U4q6RPOVzSyb3WqLCT+XOQszZZntCrShW5zP/yt/h7e
xIL1CUp+0S65JtOpuRnuGFOjWjFMtE80any99I6/J1FCgW9ysytj+StozHAv9kcq
vnxN6T1MLXLgSkA4U2LGb0Ip7wSytcHx4eP/9hnbOR1/ufdYe3aF3fMCsigpC9ff
4xk/QOG/v/vERWJy2phj80OLG0Efzn/SqJOQJ8outNBu+6ATSrTjtseddLt5mSuD
QMdtTBoLivtGAA==
-----END CERTIFICATE-----