Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          M56oSTIap9IFuf7MC0dNIov84ziDyTkEzm/NDsgDFmo=
Subject key identifier:   8A:5B:C9:88:BE:4D:C5:AC:85:C1:16:51:DE:00:31:E0:95:EE:4E:FD
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019D9A3E5B45E055EEBF6F30D39DE4593E5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          15CE
Signing time:             Fri 17 Apr 2026 07:01:10 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:10 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:10 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: JEdIzrFMa4h3v/f7THQai+qM+bIEAs8uASmk2rI8r70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:5b:45:e0:55:ee:bf:6f:30:d3:9d:e4:59:3e:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Apr 17 07:01:10 2026 GMT
            Not After : Apr 18 07:01:10 2026 GMT
        Subject: CN=8a5bc988be4dc5ac85c11651de0031e095ee4efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d2:51:10:e2:64:58:cd:dd:84:7c:d2:6d:42:
                    7f:11:17:19:f7:1e:e9:7b:b6:ad:6c:84:d2:b4:ac:
                    de:e7:5b:9f:8b:0f:52:a2:20:36:f6:23:56:0a:e4:
                    07:62:6f:01:eb:47:d9:f8:69:1e:3f:82:94:22:36:
                    c0:15:77:b0:46:9d:6b:ff:ce:af:57:b2:c5:a5:0a:
                    6c:7a:fc:2b:f4:1e:3e:d3:e7:9d:07:3a:59:52:57:
                    31:0a:c4:ea:67:8f:bf:bc:97:76:a2:34:8c:e2:e9:
                    61:f0:a9:fd:60:c8:8e:ca:a1:7f:37:dc:f4:e8:ef:
                    b6:69:94:ef:d0:cc:53:91:45:34:59:81:8d:1f:12:
                    e9:f1:9b:49:b3:d2:c1:fa:54:c7:5b:4e:07:b5:04:
                    f5:28:1e:a2:0c:1b:7a:f4:6c:ed:12:20:36:66:00:
                    1f:8e:4c:b4:20:ac:c8:cb:d8:5d:6b:c3:18:27:f5:
                    8a:36:e6:9d:8d:64:c6:2e:04:6c:fd:ed:09:f7:43:
                    79:bc:c0:1e:e9:4e:d0:6a:35:60:7b:b2:71:80:2c:
                    4a:b9:70:10:27:8e:28:8b:26:b6:ac:50:96:2c:6a:
                    65:5a:f6:05:80:1a:76:ee:45:08:aa:ee:7d:2c:dd:
                    bb:21:22:8c:75:4f:89:a1:ed:74:d4:34:ad:00:92:
                    b7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:5B:C9:88:BE:4D:C5:AC:85:C1:16:51:DE:00:31:E0:95:EE:4E:FD
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:c0:50:56:a0:86:ea:cb:4a:ec:cc:79:35:b5:71:f4:80:5e:
         c2:b5:e4:c2:a2:c6:c7:6f:fe:c5:bf:b9:ec:e6:9e:cc:39:ae:
         21:cb:f6:4c:58:b6:8e:7c:83:97:9f:c0:06:db:fe:81:18:e4:
         40:be:ba:6a:fc:a7:cf:ee:fc:6d:36:1c:d9:87:fd:60:73:97:
         3c:3c:19:a7:ec:27:bc:3e:80:7e:17:4d:fa:d7:02:fd:bc:4f:
         97:b8:0e:12:dc:d9:b6:88:83:96:43:30:a6:fd:49:69:d3:56:
         64:96:83:24:bd:86:bb:1b:26:2d:88:d0:f5:c6:94:71:e1:11:
         bd:d5:dc:9c:12:91:8e:81:db:f7:b9:8b:14:87:c6:f1:fb:92:
         c3:54:80:7a:93:6f:57:72:65:35:d2:fc:c7:38:97:b6:49:d9:
         a9:3e:d6:02:46:6f:37:d1:0d:c8:a2:37:a7:d3:5c:88:e4:7b:
         31:5c:8f:c9:d5:f5:d9:f0:17:7e:69:bf:79:3a:12:78:05:1b:
         48:d1:02:34:ea:b8:86:42:fb:a5:83:1e:6d:79:b9:22:94:29:
         17:a7:3b:05:60:85:06:a7:db:c9:fc:40:0f:82:92:0f:29:03:
         92:cc:f6:ce:c7:d9:aa:f0:10:17:66:6f:39:4d:8b:d2:ce:72:
         17:46:03:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPltF4FXuv28w053kWT5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjYwNDE3MDcwMTEwWhcNMjYwNDE4MDcwMTEwWjAzMTEwLwYDVQQD
Eyg4YTViYzk4OGJlNGRjNWFjODVjMTE2NTFkZTAwMzFlMDk1ZWU0ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdJREOJkWM3dhHzSbUJ/ERcZ9x7p
e7atbITStKze51ufiw9SoiA29iNWCuQHYm8B60fZ+GkeP4KUIjbAFXewRp1r/86v
V7LFpQpsevwr9B4+0+edBzpZUlcxCsTqZ4+/vJd2ojSM4ulh8Kn9YMiOyqF/N9z0
6O+2aZTv0MxTkUU0WYGNHxLp8ZtJs9LB+lTHW04HtQT1KB6iDBt69GztEiA2ZgAf
jky0IKzIy9hda8MYJ/WKNuadjWTGLgRs/e0J90N5vMAe6U7QajVge7JxgCxKuXAQ
J44oiya2rFCWLGplWvYFgBp27kUIqu59LN27ISKMdU+Joe101DStAJK3BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpbyYi+TcWshcEWUd4AMeCV7k79MB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMBQVqCG
6stK7Mx5NbVx9IBewrXkwqLGx2/+xb+57OaezDmuIcv2TFi2jnyDl5/ABtv+gRjk
QL66avynz+78bTYc2Yf9YHOXPDwZp+wnvD6AfhdN+tcC/bxPl7gOEtzZtoiDlkMw
pv1JadNWZJaDJL2GuxsmLYjQ9caUceERvdXcnBKRjoHb97mLFIfG8fuSw1SAepNv
V3JlNdL8xziXtknZqT7WAkZvN9ENyKI3p9NciOR7MVyPydX12fAXfmm/eToSeAUb
SNECNOq4hkL7pYMebXm5IpQpF6c7BWCFBqfbyfxAD4KSDykDksz2zsfZqvAQF2Zv
OU2L0s5yF0YDaA==
-----END CERTIFICATE-----