Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          i0H0ujBgzaYXP24n36t7NduvDXzzPqhcTTxGtAJnmZY=
Subject key identifier:   58:DA:C6:D9:03:AC:8D:AC:6F:5C:F5:05:F7:87:C1:FE:73:0A:00:72
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019CAAC61843689C7EA277B631A9BDAB077D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          1552
Signing time:             Sun 01 Mar 2026 19:00:34 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:34 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:34 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: o9KqfTIQHZFLe7+lwHI5TqTUTlp8jU5FS1hTST6fUEw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:18:43:68:9c:7e:a2:77:b6:31:a9:bd:ab:07:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Mar  1 19:00:34 2026 GMT
            Not After : Mar  2 19:00:34 2026 GMT
        Subject: CN=58dac6d903ac8dac6f5cf505f787c1fe730a0072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:94:60:77:b3:1e:ce:bd:c7:f4:b3:65:6f:0f:
                    27:39:50:33:3d:48:9a:f4:ee:54:ef:ac:48:df:f7:
                    e8:de:ed:25:7b:25:4d:3b:67:25:da:eb:68:f3:7b:
                    cb:5d:3a:6d:ba:c8:e3:94:4c:ed:df:b9:c4:74:c5:
                    95:42:54:09:1a:b9:26:25:81:ed:4a:60:1f:25:29:
                    d8:4b:b7:75:49:5a:51:74:b7:7c:6b:6a:fa:aa:2d:
                    4f:3d:18:4c:96:60:59:a7:49:a2:1b:6b:9f:59:c2:
                    46:26:e6:68:e9:7e:8e:3f:1f:e6:1c:cf:2e:66:86:
                    02:19:99:65:2f:3a:b9:be:ef:98:8a:b7:b8:c4:29:
                    bc:99:58:ca:ec:6b:d5:f1:7a:16:42:7c:92:6c:e3:
                    03:32:57:35:ac:b3:35:8c:ab:7c:3b:44:54:ed:7c:
                    8e:96:c1:35:93:01:e5:77:06:ec:92:fe:29:68:ba:
                    14:22:fc:9a:41:15:ad:a7:0b:3b:14:73:f1:24:04:
                    41:65:ce:9c:9b:ab:d8:f8:2a:09:08:d1:8d:47:de:
                    27:5c:59:a9:d8:ac:6c:27:9d:bf:40:25:d6:c7:b5:
                    ac:b6:aa:88:ce:0a:39:b0:f3:a0:0d:d1:9e:cd:48:
                    81:4e:cf:72:f6:3d:19:e8:7b:8d:85:95:c2:8e:71:
                    2d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:DA:C6:D9:03:AC:8D:AC:6F:5C:F5:05:F7:87:C1:FE:73:0A:00:72
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:8c:53:90:5e:88:67:d6:e0:22:64:8b:47:57:9b:30:d6:81:
         d4:cc:99:cf:e5:b9:5d:ac:41:b1:2a:b9:02:db:65:44:2d:d3:
         1e:fc:59:2b:c7:5c:dc:26:d9:3d:69:38:78:c1:71:36:9e:5b:
         46:0f:89:d9:9a:91:66:34:15:89:b5:13:3d:46:b1:81:f5:ec:
         b6:e0:19:ab:28:7a:76:02:ea:fd:7e:47:97:ed:29:8b:4c:4d:
         a3:58:f0:a3:6a:64:0b:29:3e:0e:2e:da:c4:0e:e1:66:35:f2:
         78:32:c0:6b:9a:08:65:a2:6d:f6:23:49:43:e9:c1:35:b2:64:
         e5:53:e4:6f:d8:c1:04:10:35:fb:f3:92:14:a6:32:86:d3:08:
         50:f9:b7:0a:91:92:94:ee:91:c1:e1:a6:7b:31:94:2f:87:c3:
         4f:ff:98:b5:85:ac:4f:53:ca:33:8f:7e:be:d3:e8:36:7f:1d:
         ea:a0:7c:b6:a4:8f:4e:93:4d:06:b3:55:18:25:42:85:7b:bf:
         f2:3e:b9:dc:7f:63:d9:77:84:ab:01:dc:35:81:c8:ef:a8:c4:
         7e:63:aa:87:77:b7:1e:66:5e:0d:fb:93:34:ce:25:42:30:d3:
         59:cf:dc:a4:df:84:4c:7e:7a:69:12:de:18:fa:ae:a1:af:fd:
         2e:ac:d3:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxhhDaJx+one2Mam9qwd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjYwMzAxMTkwMDM0WhcNMjYwMzAyMTkwMDM0WjAzMTEwLwYDVQQD
Eyg1OGRhYzZkOTAzYWM4ZGFjNmY1Y2Y1MDVmNzg3YzFmZTczMGEwMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpRgd7Mezr3H9LNlbw8nOVAzPUia
9O5U76xI3/fo3u0leyVNO2cl2uto83vLXTptusjjlEzt37nEdMWVQlQJGrkmJYHt
SmAfJSnYS7d1SVpRdLd8a2r6qi1PPRhMlmBZp0miG2ufWcJGJuZo6X6OPx/mHM8u
ZoYCGZllLzq5vu+Yire4xCm8mVjK7GvV8XoWQnySbOMDMlc1rLM1jKt8O0RU7XyO
lsE1kwHldwbskv4paLoUIvyaQRWtpws7FHPxJARBZc6cm6vY+CoJCNGNR94nXFmp
2KxsJ52/QCXWx7WstqqIzgo5sPOgDdGezUiBTs9y9j0Z6HuNhZXCjnEtJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjaxtkDrI2sb1z1BfeHwf5zCgByMB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwoxTkF6I
Z9bgImSLR1ebMNaB1MyZz+W5XaxBsSq5AttlRC3THvxZK8dc3CbZPWk4eMFxNp5b
Rg+J2ZqRZjQVibUTPUaxgfXstuAZqyh6dgLq/X5Hl+0pi0xNo1jwo2pkCyk+Di7a
xA7hZjXyeDLAa5oIZaJt9iNJQ+nBNbJk5VPkb9jBBBA1+/OSFKYyhtMIUPm3CpGS
lO6RweGmezGUL4fDT/+YtYWsT1PKM49+vtPoNn8d6qB8tqSPTpNNBrNVGCVChXu/
8j653H9j2XeEqwHcNYHI76jEfmOqh3e3HmZeDfuTNM4lQjDTWc/cpN+ETH56aRLe
GPquoa/9LqzTlQ==
-----END CERTIFICATE-----