Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          qfQkLYB4zD5IRNJgy1/gKB6T6FCaGofyV6Whiuvfl98=
Subject key identifier:   9B:8C:A5:71:E9:E0:50:C5:F5:72:75:36:D2:B1:4B:1F:61:3A:A9:7B
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019D9962ABD8C04DCEDED9ACD0B1FE71C5CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0C6B
Signing time:             Fri 17 Apr 2026 03:01:13 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:13 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:13 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: SqT+TrV2DIFVrlaPIWwSD1FNJkUYEkPai2sQ8C12LZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:ab:d8:c0:4d:ce:de:d9:ac:d0:b1:fe:71:c5:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Apr 17 03:01:13 2026 GMT
            Not After : Apr 18 03:01:13 2026 GMT
        Subject: CN=9b8ca571e9e050c5f5727536d2b14b1f613aa97b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:db:55:20:8a:98:2c:71:8a:d7:3b:92:45:62:
                    35:7b:9c:93:9c:0c:8d:25:a9:20:4e:a1:0d:a8:28:
                    35:65:b3:fd:13:ea:23:fe:ab:ea:14:1f:57:ca:60:
                    f5:83:4a:9c:a3:da:ec:b3:63:fd:03:cf:53:7f:f2:
                    67:6c:13:64:61:6b:9d:b4:de:51:fd:d2:a8:a8:f0:
                    e5:03:7a:b3:e0:f3:9c:cd:68:88:62:15:cd:f0:a5:
                    b4:9b:16:b9:8f:ba:b7:39:61:42:f2:b9:24:34:cf:
                    7a:39:b8:0c:e3:d7:cd:be:5b:d6:4b:56:95:0e:54:
                    18:f1:4c:3f:cb:20:bf:dd:37:4d:b5:83:f0:60:56:
                    f6:e6:4b:ff:d0:ee:b7:e5:50:34:20:ce:68:37:e3:
                    e3:9b:cc:8d:d2:c3:7b:b8:87:01:cb:cf:9d:20:69:
                    7e:90:ca:30:64:59:a6:be:7c:d6:95:a9:e8:3b:59:
                    84:93:fc:d9:8a:a3:7e:f9:8d:8c:8f:22:10:51:eb:
                    c9:11:d3:15:08:ca:e8:fa:de:14:8c:2d:cd:f7:38:
                    e0:71:a0:0b:ae:25:3a:78:61:cb:47:57:eb:1a:5c:
                    de:43:68:d4:97:fe:35:78:20:69:1d:57:d4:bd:c8:
                    7a:00:89:46:00:24:d9:78:52:64:e2:80:bd:70:c4:
                    fd:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:8C:A5:71:E9:E0:50:C5:F5:72:75:36:D2:B1:4B:1F:61:3A:A9:7B
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:0f:3a:48:92:40:3f:e7:b5:7f:80:5c:57:b0:fb:f8:b0:d4:
         b5:67:a3:7f:f3:36:29:38:dd:8d:b5:f5:a8:22:24:be:d9:1e:
         d2:61:94:28:c7:48:42:bf:12:03:b5:76:37:f0:73:5e:ea:ca:
         a0:00:6c:8a:92:42:27:77:3a:cd:12:1b:89:14:5a:30:d0:e7:
         44:e3:cd:75:52:42:2d:11:3f:ab:09:dd:79:54:54:5a:a4:d7:
         ea:a7:39:fe:74:23:8e:cc:5b:7c:20:12:19:e7:51:15:4e:ad:
         40:0a:22:64:92:4b:1f:3a:ae:4d:1b:43:fe:b4:ad:66:6d:17:
         43:1a:76:02:4a:4b:54:7b:41:d6:c0:27:d4:19:90:51:38:38:
         3a:6d:d4:9e:5b:81:77:b4:2e:8e:28:9b:5b:3a:88:8e:d1:58:
         67:80:cc:c0:3e:8c:4c:7a:b6:0d:11:bc:6c:28:f5:24:cc:36:
         ff:92:8b:45:04:f4:0e:70:d9:8f:8e:e1:5d:60:94:b8:e2:0b:
         1f:23:1b:af:3e:a7:5e:fe:66:b7:b9:07:29:a1:96:63:72:b4:
         69:53:7c:c0:87:e9:62:f0:0b:a9:cd:2c:9a:85:69:14:d5:99:
         dc:c4:0f:fb:6a:13:b0:01:1a:1e:36:3d:55:a4:45:b6:ac:71:
         51:f0:54:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYqvYwE3O3tms0LH+ccXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjYwNDE3MDMwMTEzWhcNMjYwNDE4MDMwMTEzWjAzMTEwLwYDVQQD
Eyg5YjhjYTU3MWU5ZTA1MGM1ZjU3Mjc1MzZkMmIxNGIxZjYxM2FhOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9tVIIqYLHGK1zuSRWI1e5yTnAyN
JakgTqENqCg1ZbP9E+oj/qvqFB9XymD1g0qco9rss2P9A89Tf/JnbBNkYWudtN5R
/dKoqPDlA3qz4POczWiIYhXN8KW0mxa5j7q3OWFC8rkkNM96ObgM49fNvlvWS1aV
DlQY8Uw/yyC/3TdNtYPwYFb25kv/0O635VA0IM5oN+Pjm8yN0sN7uIcBy8+dIGl+
kMowZFmmvnzWlanoO1mEk/zZiqN++Y2MjyIQUevJEdMVCMro+t4UjC3N9zjgcaAL
riU6eGHLR1frGlzeQ2jUl/41eCBpHVfUvch6AIlGACTZeFJk4oC9cMT9BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuMpXHp4FDF9XJ1NtKxSx9hOql7MB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkg86SJJA
P+e1f4BcV7D7+LDUtWejf/M2KTjdjbX1qCIkvtke0mGUKMdIQr8SA7V2N/BzXurK
oABsipJCJ3c6zRIbiRRaMNDnROPNdVJCLRE/qwndeVRUWqTX6qc5/nQjjsxbfCAS
GedRFU6tQAoiZJJLHzquTRtD/rStZm0XQxp2AkpLVHtB1sAn1BmQUTg4Om3UnluB
d7QujiibWzqIjtFYZ4DMwD6MTHq2DRG8bCj1JMw2/5KLRQT0DnDZj47hXWCUuOIL
HyMbrz6nXv5mt7kHKaGWY3K0aVN8wIfpYvALqc0smoVpFNWZ3MQP+2oTsAEaHjY9
VaRFtqxxUfBUOg==
-----END CERTIFICATE-----