Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
File:                     cs3rVmQuM1iXcef9pxu3HgF_nZY.mft (raw, json)
Hash identifier:          riKmR3uI+LwJc/xxRn0SkYVeebnQnSLmhaYoEBmstxQ=
Subject key identifier:   3A:F2:D4:96:40:5F:9D:5E:00:5E:47:79:71:64:14:97:2E:1F:69:68
Authority key identifier: 72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96
Certificate issuer:       /CN=72cdeb56642e33589771e7fda71bb71e017f9d96
Certificate serial:       019CAE6C8EDA636799ECD38021E2B33A6537
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
Manifest number:          0D65
Signing time:             Mon 02 Mar 2026 12:01:15 +0000
Manifest this update:     Mon 02 Mar 2026 12:01:15 +0000
Manifest next update:     Tue 03 Mar 2026 12:01:15 +0000
Files and hashes:         1: cs3rVmQuM1iXcef9pxu3HgF_nZY.crl (hash: WzEYKzZ+iaQ1LmFDQcStREt8GxVIVpZNMYvpTtyQjMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:6c:8e:da:63:67:99:ec:d3:80:21:e2:b3:3a:65:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cdeb56642e33589771e7fda71bb71e017f9d96
        Validity
            Not Before: Mar  2 12:01:15 2026 GMT
            Not After : Mar  3 12:01:15 2026 GMT
        Subject: CN=3af2d496405f9d5e005e4779716414972e1f6968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:00:ee:a9:95:e6:77:19:a5:a4:96:8d:c6:24:
                    5e:32:25:ba:db:f6:6b:78:7d:9f:ab:97:45:3f:6b:
                    5e:16:66:77:e1:50:09:d4:85:f9:4a:72:74:53:02:
                    8f:1d:95:78:c8:dd:ea:38:b9:ed:99:f9:ac:fb:28:
                    c6:6b:56:0c:d8:2e:f8:cb:57:37:51:04:69:f3:40:
                    53:06:38:d6:c4:41:d8:ee:7c:2c:53:92:6a:36:d8:
                    27:8e:6f:c6:13:ea:4f:82:17:25:81:ca:a2:4d:62:
                    1b:9e:22:fd:de:80:36:a8:a9:61:8c:ba:2e:e6:07:
                    f8:54:fa:1a:08:69:9d:f4:fc:c4:06:85:d4:2e:d2:
                    e7:9b:11:d6:6a:36:27:63:07:d0:65:94:a4:ac:ba:
                    77:a3:85:31:8f:0a:25:13:f9:03:dc:2e:3a:35:50:
                    18:fc:35:20:40:da:cc:36:8f:0a:63:b9:73:ce:fa:
                    24:af:08:99:72:98:31:ac:a0:f6:a3:71:6a:b3:f6:
                    9a:83:22:58:73:d1:45:82:40:5a:c1:8b:d0:ef:22:
                    e3:45:5d:1d:cc:4d:fa:cd:90:d0:2f:58:61:92:4a:
                    3d:2e:af:8d:aa:99:0d:90:54:ad:ae:dd:9c:27:37:
                    11:32:3d:9e:c5:1c:a5:75:4e:2a:51:2a:68:fe:af:
                    40:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F2:D4:96:40:5F:9D:5E:00:5E:47:79:71:64:14:97:2E:1F:69:68
            X509v3 Authority Key Identifier:
                keyid:72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:2c:ad:5b:f6:bd:90:ee:df:4b:a2:2e:bd:a2:57:b2:9d:30:
         d4:2a:3a:15:ca:18:72:3f:b2:b0:37:af:66:48:1b:d4:c1:3d:
         8f:52:f5:dd:f8:d8:10:68:68:b2:c0:c4:d5:c4:99:5d:ee:1e:
         12:b9:1a:d3:18:41:46:7d:65:ac:cd:e0:0e:6d:73:d6:96:2d:
         91:8e:c1:51:37:49:ed:76:f5:1a:43:36:e8:1f:c2:2d:c5:24:
         e5:bf:43:af:5d:a0:95:b4:d8:c0:13:3b:9c:10:73:18:32:03:
         a3:53:80:b0:1f:4d:33:b8:00:98:5b:8b:a8:3a:77:16:03:4d:
         00:98:a3:b7:70:3f:06:13:fd:56:5b:50:8f:26:32:01:6e:69:
         f3:6e:84:c5:24:76:1f:d1:04:80:85:c8:fd:73:0d:28:da:33:
         59:87:f6:fd:fa:5d:9c:6c:63:e0:4a:22:71:e4:d5:00:ae:37:
         9c:c3:25:e0:f7:2a:7a:93:86:a9:1c:7d:88:34:0b:f0:06:e5:
         6c:69:ab:ac:91:11:38:fd:74:5f:75:b4:d9:54:19:5f:39:bb:
         a9:bc:1f:8d:26:62:3c:a6:b0:5b:e1:42:a7:74:4e:b6:bc:e6:
         6f:50:59:31:b7:ae:8c:8d:e4:95:ee:13:14:0a:53:25:e7:76:
         c5:54:38:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubI7aY2eZ7NOAIeKzOmU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2RlYjU2NjQyZTMzNTg5NzcxZTdmZGE3MWJiNzFlMDE3
ZjlkOTYwHhcNMjYwMzAyMTIwMTE1WhcNMjYwMzAzMTIwMTE1WjAzMTEwLwYDVQQD
EygzYWYyZDQ5NjQwNWY5ZDVlMDA1ZTQ3Nzk3MTY0MTQ5NzJlMWY2OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswDuqZXmdxmlpJaNxiReMiW62/Zr
eH2fq5dFP2teFmZ34VAJ1IX5SnJ0UwKPHZV4yN3qOLntmfms+yjGa1YM2C74y1c3
UQRp80BTBjjWxEHY7nwsU5JqNtgnjm/GE+pPghclgcqiTWIbniL93oA2qKlhjLou
5gf4VPoaCGmd9PzEBoXULtLnmxHWajYnYwfQZZSkrLp3o4UxjwolE/kD3C46NVAY
/DUgQNrMNo8KY7lzzvokrwiZcpgxrKD2o3Fqs/aagyJYc9FFgkBawYvQ7yLjRV0d
zE36zZDQL1hhkko9Lq+NqpkNkFStrt2cJzcRMj2exRyldU4qUSpo/q9A8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDry1JZAX51eAF5HeXFkFJcuH2loMB8GA1UdIwQY
MBaAFHLN61ZkLjNYl3Hn/acbtx4Bf52WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEt
ZTgyNzc0YTE2YTU3LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEtZTgyNzc0YTE2YTU3
LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICytW/a9
kO7fS6IuvaJXsp0w1Co6FcoYcj+ysDevZkgb1ME9j1L13fjYEGhossDE1cSZXe4e
Erka0xhBRn1lrM3gDm1z1pYtkY7BUTdJ7Xb1GkM26B/CLcUk5b9Dr12glbTYwBM7
nBBzGDIDo1OAsB9NM7gAmFuLqDp3FgNNAJijt3A/BhP9VltQjyYyAW5p826ExSR2
H9EEgIXI/XMNKNozWYf2/fpdnGxj4EoiceTVAK43nMMl4PcqepOGqRx9iDQL8Abl
bGmrrJEROP10X3W02VQZXzm7qbwfjSZiPKawW+FCp3ROtrzmb1BZMbeujI3kle4T
FApTJed2xVQ4Bg==
-----END CERTIFICATE-----