Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
File:                     nwAKfifXFIcphPrjeIda9lvkBWw.mft (raw, json)
Hash identifier:          cniDSWz11m7LXyTEHMzHDzR050XpKJipQu1e2VzEjU8=
Subject key identifier:   92:62:55:A1:92:E8:AA:62:CB:19:6E:AF:F7:70:16:33:C8:1F:2D:79
Authority key identifier: 9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
Certificate issuer:       /CN=9f000a7e27d714872984fae378875af65be4056c
Certificate serial:       019D273AF0352C9F6FC570239BDD1BCBC76E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
Manifest number:          02DA
Signing time:             Wed 25 Mar 2026 23:01:06 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:06 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:06 +0000
Files and hashes:         1: nwAKfifXFIcphPrjeIda9lvkBWw.crl (hash: QPddQhBP+GRn5NyygUUp/viiAlILKfK6Mju1x1oD7+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3a:f0:35:2c:9f:6f:c5:70:23:9b:dd:1b:cb:c7:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f000a7e27d714872984fae378875af65be4056c
        Validity
            Not Before: Mar 25 23:01:06 2026 GMT
            Not After : Mar 26 23:01:06 2026 GMT
        Subject: CN=926255a192e8aa62cb196eaff7701633c81f2d79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:cd:f2:3a:87:4a:2f:5f:c7:fa:2b:ce:88:12:
                    9f:b2:8e:93:d9:c3:3e:b3:ae:38:5e:94:30:5d:c5:
                    58:cd:45:39:fe:a7:84:1d:69:e9:24:c6:7f:e5:77:
                    20:ca:92:f7:16:c9:e6:ed:23:a3:e4:18:17:52:7f:
                    0c:c3:03:2b:a7:b6:7b:96:55:9f:d8:f0:51:e4:e2:
                    03:a4:15:ca:f0:21:fa:9b:7d:74:d8:2e:52:e9:18:
                    7a:8a:61:96:ac:c6:10:0d:b7:8c:ab:29:9a:d2:61:
                    88:9e:b1:e8:18:43:3b:d3:a3:31:82:03:5f:b9:6c:
                    99:f2:f1:d2:c3:9e:73:97:46:bc:93:3f:9d:0e:90:
                    9e:28:86:29:64:3a:a9:f9:34:3f:4a:ba:02:17:9c:
                    7f:90:f5:86:c3:d1:cf:c0:cb:63:5b:ec:c6:66:c5:
                    e5:55:3e:83:06:b0:90:38:47:db:54:14:7b:11:5c:
                    25:1d:e9:ae:b4:02:33:cd:01:c9:b3:c5:91:8c:3a:
                    01:26:ca:bc:57:11:41:8f:b2:dc:05:c2:c3:7a:da:
                    71:1f:90:03:2e:90:1a:b7:44:fe:26:0e:b0:da:1a:
                    11:84:fb:70:76:18:d6:f6:54:f1:57:21:91:01:c8:
                    3b:23:a7:76:a5:ff:3c:d9:69:04:00:9b:b0:5e:df:
                    1b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:62:55:A1:92:E8:AA:62:CB:19:6E:AF:F7:70:16:33:C8:1F:2D:79
            X509v3 Authority Key Identifier:
                keyid:9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:a8:e0:5e:c7:01:8a:3c:38:84:fd:22:f9:8b:a0:e5:53:63:
         3f:b6:11:ac:07:c0:c5:8b:3c:af:19:f6:6f:7b:c5:45:0c:62:
         fd:1c:40:73:f8:d3:cd:d7:8c:26:3e:5d:e9:00:67:62:96:ad:
         67:d8:c2:95:62:57:ec:04:ab:c5:2b:e5:dc:7b:29:80:57:53:
         8e:14:52:5f:32:51:51:22:48:7a:97:a7:6a:a9:f0:05:9f:74:
         1a:c8:18:e7:94:a0:40:89:5c:86:12:10:24:95:cd:f5:31:ee:
         ed:c4:3a:76:36:11:2d:78:13:43:9a:d6:64:88:46:2b:cf:85:
         a0:32:c0:37:f6:f3:48:c9:4a:a7:26:48:b2:b2:87:6b:d2:78:
         8a:97:82:49:44:cc:30:c7:de:17:89:c8:df:c1:e2:e4:b0:5c:
         e7:43:35:29:0a:35:cb:f9:d1:80:8e:5e:da:07:9d:57:94:5f:
         ee:61:39:0c:45:e5:67:24:a4:fd:63:66:ca:d7:53:b8:1a:72:
         b9:36:32:d5:11:9b:e9:f9:ba:46:76:5a:cc:f9:1b:32:ae:a2:
         72:aa:8f:d0:1a:d6:9d:cb:75:2a:18:bb:ac:9d:f6:7e:f1:b5:
         09:35:bb:9d:af:9b:e1:5f:81:1f:f3:ac:a1:dd:20:0a:ab:e1:
         d4:bf:15:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOvA1LJ9vxXAjm90by8duMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDAwYTdlMjdkNzE0ODcyOTg0ZmFlMzc4ODc1YWY2NWJl
NDA1NmMwHhcNMjYwMzI1MjMwMTA2WhcNMjYwMzI2MjMwMTA2WjAzMTEwLwYDVQQD
Eyg5MjYyNTVhMTkyZThhYTYyY2IxOTZlYWZmNzcwMTYzM2M4MWYyZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc3yOodKL1/H+ivOiBKfso6T2cM+
s644XpQwXcVYzUU5/qeEHWnpJMZ/5XcgypL3Fsnm7SOj5BgXUn8MwwMrp7Z7llWf
2PBR5OIDpBXK8CH6m3102C5S6Rh6imGWrMYQDbeMqyma0mGInrHoGEM706MxggNf
uWyZ8vHSw55zl0a8kz+dDpCeKIYpZDqp+TQ/SroCF5x/kPWGw9HPwMtjW+zGZsXl
VT6DBrCQOEfbVBR7EVwlHemutAIzzQHJs8WRjDoBJsq8VxFBj7LcBcLDetpxH5AD
LpAat0T+Jg6w2hoRhPtwdhjW9lTxVyGRAcg7I6d2pf882WkEAJuwXt8b3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJiVaGS6Kpiyxlur/dwFjPIHy15MB8GA1UdIwQY
MBaAFJ8ACn4n1xSHKYT643iHWvZb5AVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQt
YTAzODkyZmMzNDBiLzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQtYTAzODkyZmMzNDBi
LzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS6jgXscB
ijw4hP0i+Yug5VNjP7YRrAfAxYs8rxn2b3vFRQxi/RxAc/jTzdeMJj5d6QBnYpat
Z9jClWJX7ASrxSvl3HspgFdTjhRSXzJRUSJIepenaqnwBZ90GsgY55SgQIlchhIQ
JJXN9THu7cQ6djYRLXgTQ5rWZIhGK8+FoDLAN/bzSMlKpyZIsrKHa9J4ipeCSUTM
MMfeF4nI38Hi5LBc50M1KQo1y/nRgI5e2gedV5Rf7mE5DEXlZySk/WNmytdTuBpy
uTYy1RGb6fm6RnZazPkbMq6icqqP0BrWnct1Khi7rJ32fvG1CTW7na+b4V+BH/Os
od0gCqvh1L8Vqg==
-----END CERTIFICATE-----