Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          gPSIZtMP39uIh+InlsYtgzPq6YOb4BXngb9S+FEzFlc=
Subject key identifier:   8A:D9:52:46:C9:A7:05:E4:A5:C5:9D:D0:1B:03:72:DC:AA:95:A1:A9
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       019D2A050DD9DF0953D22D112771F08C70AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          0960
Signing time:             Thu 26 Mar 2026 12:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 12:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 12:01:07 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: Hsx7NL8kID2erowVGPGMq/oNhs3/vUmLv/ZFGhex1sg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:05:0d:d9:df:09:53:d2:2d:11:27:71:f0:8c:70:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Mar 26 12:01:07 2026 GMT
            Not After : Mar 27 12:01:07 2026 GMT
        Subject: CN=8ad95246c9a705e4a5c59dd01b0372dcaa95a1a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:0e:3a:22:29:f0:cf:ec:c8:fa:06:66:ce:78:
                    e1:82:8d:47:46:b9:d8:9b:ac:65:97:13:cf:6d:2e:
                    31:d1:f8:b9:b5:5e:98:82:5b:0b:0e:9b:06:ab:88:
                    98:12:c3:ee:bb:35:77:7e:cb:9b:76:e8:aa:c7:bc:
                    c0:fa:b1:cd:6e:c4:6e:9a:f4:af:21:25:d1:10:1c:
                    6a:bb:37:eb:34:8b:47:bc:95:bb:d1:4e:33:5b:6b:
                    cb:70:da:4d:0f:d1:13:50:7c:a1:a6:0b:a0:ec:67:
                    51:7d:c3:74:02:53:07:3d:e4:5d:ae:01:bc:31:cc:
                    d0:d9:94:ae:30:77:19:d4:88:61:2d:b5:cf:96:54:
                    f6:02:60:f8:20:5f:b9:e3:7d:f9:09:a4:19:1d:38:
                    59:d3:13:1f:b7:5b:8b:08:8f:19:f4:ea:2c:32:b4:
                    47:eb:62:ad:36:f6:e4:55:38:e9:f5:02:ca:1f:f7:
                    8c:0a:58:41:83:a1:11:93:ae:41:0f:a3:ab:c4:ad:
                    85:6e:a7:9c:f7:77:a1:80:bc:af:39:81:b1:45:4f:
                    11:04:05:0e:1a:b8:6e:12:92:89:cc:fb:f6:6d:b9:
                    72:48:9b:63:32:bf:ea:17:20:79:d4:8b:1b:42:32:
                    bd:b3:51:61:49:39:5e:fd:44:1b:df:66:4e:f6:75:
                    b7:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:D9:52:46:C9:A7:05:E4:A5:C5:9D:D0:1B:03:72:DC:AA:95:A1:A9
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:6a:be:b8:6b:75:dc:b1:f6:31:49:69:a4:98:30:2c:3e:87:
         bd:56:4c:3c:d2:2e:f8:6f:d5:63:d3:b9:ec:ad:11:7a:a9:13:
         16:eb:56:77:0e:58:fb:8e:65:b2:cc:57:43:54:27:74:35:51:
         bd:fe:bf:90:d4:d0:eb:a3:92:12:32:66:ed:4a:88:11:9d:0c:
         d1:69:bf:56:dd:b5:2d:36:17:0b:33:1d:ea:ac:63:ed:7c:af:
         4a:7f:7c:ab:ef:68:91:da:f4:f6:83:99:71:1d:1c:48:2e:61:
         d0:37:a4:2e:78:8b:0e:35:2a:6e:34:ca:bb:89:cc:af:bd:fc:
         88:c3:d6:fa:44:de:52:18:e5:11:95:aa:b0:8c:49:48:62:b4:
         75:9f:1f:f4:78:5a:58:84:83:fc:57:ed:20:f3:89:46:6f:49:
         05:41:76:17:eb:58:4b:c4:43:cc:9c:c2:11:44:ed:e7:df:2a:
         62:ea:d3:14:83:de:8c:3b:0c:80:a6:cb:cf:4f:b3:97:29:92:
         68:77:45:02:44:f0:db:44:68:14:9c:b0:da:02:3c:9f:e3:63:
         b7:dd:42:38:df:6e:30:dc:86:b1:41:87:20:ff:98:ef:53:21:
         83:49:3f:1d:1e:cd:3b:04:b6:23:05:2f:7e:f2:5c:d3:45:d5:
         d2:46:7b:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBQ3Z3wlT0i0RJ3HwjHCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjYwMzI2MTIwMTA3WhcNMjYwMzI3MTIwMTA3WjAzMTEwLwYDVQQD
Eyg4YWQ5NTI0NmM5YTcwNWU0YTVjNTlkZDAxYjAzNzJkY2FhOTVhMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ46Iinwz+zI+gZmznjhgo1HRrnY
m6xllxPPbS4x0fi5tV6YglsLDpsGq4iYEsPuuzV3fsubduiqx7zA+rHNbsRumvSv
ISXREBxquzfrNItHvJW70U4zW2vLcNpND9ETUHyhpgug7GdRfcN0AlMHPeRdrgG8
MczQ2ZSuMHcZ1IhhLbXPllT2AmD4IF+54335CaQZHThZ0xMft1uLCI8Z9OosMrRH
62KtNvbkVTjp9QLKH/eMClhBg6ERk65BD6OrxK2Fbqec93ehgLyvOYGxRU8RBAUO
GrhuEpKJzPv2bblySJtjMr/qFyB51IsbQjK9s1FhSTle/UQb32ZO9nW3HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrZUkbJpwXkpcWd0BsDctyqlaGpMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmq+uGt1
3LH2MUlppJgwLD6HvVZMPNIu+G/VY9O57K0ReqkTFutWdw5Y+45lssxXQ1QndDVR
vf6/kNTQ66OSEjJm7UqIEZ0M0Wm/Vt21LTYXCzMd6qxj7XyvSn98q+9okdr09oOZ
cR0cSC5h0DekLniLDjUqbjTKu4nMr738iMPW+kTeUhjlEZWqsIxJSGK0dZ8f9Hha
WISD/FftIPOJRm9JBUF2F+tYS8RDzJzCEUTt598qYurTFIPejDsMgKbLz0+zlymS
aHdFAkTw20RoFJyw2gI8n+Njt91CON9uMNyGsUGHIP+Y71Mhg0k/HR7NOwS2IwUv
fvJc00XV0kZ7HQ==
-----END CERTIFICATE-----