Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
File:                     nTXgMBWeVx-qvTebUsHZoa77FEQ.mft (raw, json)
Hash identifier:          RHFYIK78hEs+BhzQ0omDv/Htp0OL5a6N2Uzj9cmfL3A=
Subject key identifier:   9B:12:AF:8D:B2:14:2D:82:FD:2B:8E:08:EE:54:5C:80:58:96:94:A7
Authority key identifier: 9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44
Certificate issuer:       /CN=9d35e030159e571faabd379b52c1d9a1aefb1444
Certificate serial:       019D29CED83A5F488FB470346501B2F609A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
Manifest number:          0310
Signing time:             Thu 26 Mar 2026 11:01:54 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:54 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:54 +0000
Files and hashes:         1: nTXgMBWeVx-qvTebUsHZoa77FEQ.crl (hash: 1MErgfPxSKXtljgCFypC/RPdvf+Ob+vhp5cqSiOBVCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:d8:3a:5f:48:8f:b4:70:34:65:01:b2:f6:09:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d35e030159e571faabd379b52c1d9a1aefb1444
        Validity
            Not Before: Mar 26 11:01:54 2026 GMT
            Not After : Mar 27 11:01:54 2026 GMT
        Subject: CN=9b12af8db2142d82fd2b8e08ee545c80589694a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:10:64:92:0a:65:c5:22:ac:30:e0:a9:23:01:
                    1d:f8:e2:18:3d:c0:db:c8:8e:8b:db:cc:9a:8f:e8:
                    1b:ae:ad:88:69:92:e4:b9:e3:0c:3c:18:8f:b9:7a:
                    7e:5d:14:73:6b:91:8c:c5:83:43:f4:7c:0e:93:e0:
                    70:84:db:fc:89:b6:ba:63:94:71:82:81:4a:00:c7:
                    a8:d0:1a:24:61:04:80:53:0c:ca:a4:d9:90:49:42:
                    67:e3:5e:4c:65:d4:57:4f:6b:85:18:9b:2c:57:8f:
                    5b:de:6b:99:f1:71:60:71:01:7d:35:45:2e:cb:6a:
                    ba:f2:88:1c:be:39:11:e3:ba:08:4d:fb:73:6d:97:
                    bf:12:4f:26:57:69:c4:32:26:27:c6:6a:e6:64:f5:
                    1e:dc:50:27:86:0f:59:ce:d1:3f:4c:5d:ef:42:b2:
                    04:ff:22:7e:66:4d:70:b9:8f:c8:ed:9e:83:db:25:
                    4e:aa:36:3e:41:c6:74:bb:75:31:0b:d7:a9:25:2c:
                    83:92:49:96:01:d0:e2:87:b2:c1:dd:78:69:dd:19:
                    f2:11:4c:35:5b:6f:78:37:d1:ab:6c:32:0d:ac:2d:
                    6f:6a:4f:24:94:43:a7:91:28:dc:14:bb:cc:72:3a:
                    8a:3e:8a:8c:0d:94:2e:61:41:52:85:a8:4b:f2:a5:
                    f2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:12:AF:8D:B2:14:2D:82:FD:2B:8E:08:EE:54:5C:80:58:96:94:A7
            X509v3 Authority Key Identifier:
                keyid:9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:99:fe:ba:3b:0b:e0:4e:17:35:06:15:8b:23:59:08:73:f8:
         67:ec:10:b1:eb:c2:17:ec:62:86:68:6b:06:7f:06:8e:dd:7d:
         7d:ba:da:ce:06:1a:d0:b1:33:bb:f6:83:54:3b:a7:d8:b4:90:
         f7:e6:cf:f9:56:32:aa:d8:bb:20:c5:32:4e:35:57:91:f1:91:
         35:f2:15:00:fc:45:18:6f:d8:a9:98:0b:cc:b4:3c:a3:f9:f6:
         93:38:87:4c:70:1a:d3:d3:d3:54:f0:ea:60:84:86:20:98:78:
         90:1a:64:5d:88:85:41:df:35:7a:51:a9:36:2e:cb:f6:ea:42:
         9d:6c:bc:bf:c4:3f:14:a9:73:8c:b3:1b:4e:cf:42:87:81:6c:
         2a:27:91:72:9e:e2:cb:7e:78:66:03:a0:a3:9a:62:87:a6:75:
         63:40:ac:78:7e:80:5a:2f:7a:15:96:64:d5:c7:db:9b:92:c2:
         1e:ba:7a:60:e1:43:22:55:72:73:eb:ea:b6:ef:bc:c9:72:c1:
         35:cc:34:cb:f7:36:13:5d:67:90:8c:02:db:04:4b:d2:91:d2:
         ae:3d:c6:3d:3f:55:09:53:b4:63:d5:24:e6:5f:ae:e6:93:0b:
         10:81:e4:8e:d9:e0:75:ce:44:9f:28:0a:89:a4:68:7b:ad:f8:
         88:cb:37:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pztg6X0iPtHA0ZQGy9gmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzVlMDMwMTU5ZTU3MWZhYWJkMzc5YjUyYzFkOWExYWVm
YjE0NDQwHhcNMjYwMzI2MTEwMTU0WhcNMjYwMzI3MTEwMTU0WjAzMTEwLwYDVQQD
Eyg5YjEyYWY4ZGIyMTQyZDgyZmQyYjhlMDhlZTU0NWM4MDU4OTY5NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthBkkgplxSKsMOCpIwEd+OIYPcDb
yI6L28yaj+gbrq2IaZLkueMMPBiPuXp+XRRza5GMxYND9HwOk+BwhNv8iba6Y5Rx
goFKAMeo0BokYQSAUwzKpNmQSUJn415MZdRXT2uFGJssV49b3muZ8XFgcQF9NUUu
y2q68ogcvjkR47oITftzbZe/Ek8mV2nEMiYnxmrmZPUe3FAnhg9ZztE/TF3vQrIE
/yJ+Zk1wuY/I7Z6D2yVOqjY+QcZ0u3UxC9epJSyDkkmWAdDih7LB3Xhp3RnyEUw1
W294N9GrbDINrC1vak8klEOnkSjcFLvMcjqKPoqMDZQuYUFShahL8qXyIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsSr42yFC2C/SuOCO5UXIBYlpSnMB8GA1UdIwQY
MBaAFJ014DAVnlcfqr03m1LB2aGu+xREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1Zjkt
Mjg2YTgyOGRkN2Q1LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1ZjktMjg2YTgyOGRkN2Q1
LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmJn+ujsL
4E4XNQYViyNZCHP4Z+wQsevCF+xihmhrBn8Gjt19fbrazgYa0LEzu/aDVDun2LSQ
9+bP+VYyqti7IMUyTjVXkfGRNfIVAPxFGG/YqZgLzLQ8o/n2kziHTHAa09PTVPDq
YISGIJh4kBpkXYiFQd81elGpNi7L9upCnWy8v8Q/FKlzjLMbTs9Ch4FsKieRcp7i
y354ZgOgo5pih6Z1Y0CseH6AWi96FZZk1cfbm5LCHrp6YOFDIlVyc+vqtu+8yXLB
Ncw0y/c2E11nkIwC2wRL0pHSrj3GPT9VCVO0Y9Uk5l+u5pMLEIHkjtngdc5EnygK
iaRoe634iMs3KA==
-----END CERTIFICATE-----