Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          m2Ia4pZw85fowI1pPM7CMAAirz21KkdSz33M8iXBgQg=
Subject key identifier:   29:BB:24:C9:F1:DC:E8:C0:CB:27:0B:AC:23:B8:9D:9C:BE:58:E7:FC
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       019D27720130C92D2B704A5802021EF05AD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 00:01:15 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:15 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:15 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: 1QXWE6WEyQSAoB4WG0C6h840NgydyE6cEgejab4Jdrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:01:30:c9:2d:2b:70:4a:58:02:02:1e:f0:5a:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Mar 26 00:01:15 2026 GMT
            Not After : Mar 27 00:01:15 2026 GMT
        Subject: CN=29bb24c9f1dce8c0cb270bac23b89d9cbe58e7fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b3:9d:bf:09:3d:13:51:85:03:75:ca:e5:f6:
                    e1:3a:a9:e6:e0:1d:fe:8f:5a:84:13:da:43:2f:ad:
                    e2:b4:a3:56:0a:f7:2f:8a:5f:b8:81:4e:c7:30:83:
                    ea:55:8c:6c:23:b9:a9:69:9b:63:4b:50:a7:67:df:
                    90:50:5a:06:99:22:31:90:07:38:76:09:96:9d:01:
                    af:a0:7f:9a:45:34:30:05:6a:15:b3:66:f1:d1:c0:
                    36:86:93:e4:2b:82:f0:65:90:d8:d6:b1:50:92:da:
                    4b:79:eb:74:12:83:29:22:68:d7:35:44:26:56:07:
                    00:98:6b:23:99:8a:b2:00:eb:6e:66:d2:c9:d5:50:
                    13:28:7e:7d:94:cf:47:15:54:ce:86:ec:25:f6:70:
                    80:51:e2:be:41:4c:f8:46:bb:45:aa:31:d6:09:dc:
                    10:2a:20:74:5f:fe:25:d5:f2:fd:f9:5c:27:4a:b5:
                    cc:39:2c:c4:d9:72:08:52:42:bb:c5:6b:ae:4e:0f:
                    86:73:9f:06:6a:a0:33:49:2c:39:f1:09:b5:0a:41:
                    05:41:53:28:90:aa:05:d1:78:ec:cc:86:fa:0b:c8:
                    25:3f:24:cb:36:e7:4d:5a:2c:59:b3:77:ca:f3:31:
                    07:c5:6f:29:b9:1e:37:84:ce:b7:cd:4a:60:bf:65:
                    64:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:BB:24:C9:F1:DC:E8:C0:CB:27:0B:AC:23:B8:9D:9C:BE:58:E7:FC
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:5c:66:13:cf:62:d1:a3:d0:4d:51:8e:2a:21:a9:9a:ed:34:
         09:2f:b3:99:53:fd:c0:5b:2a:a2:58:4d:8e:92:08:30:bf:7c:
         0a:19:47:29:98:69:0f:9c:9d:17:3c:74:50:e6:e9:77:94:b2:
         4b:d9:9a:15:3f:1d:35:41:5c:1d:6d:0e:22:1a:b7:ac:5e:25:
         11:36:78:82:5d:e5:51:80:28:6f:51:40:e2:84:ae:99:84:b2:
         2d:51:e8:3c:03:9e:df:9b:a4:93:f8:d1:04:31:6b:9c:45:c7:
         eb:23:aa:47:e8:e8:b9:d3:79:92:b8:83:44:42:ce:9b:95:48:
         b0:7c:26:4b:b8:70:89:c9:d1:93:94:bb:b3:d5:dc:a4:9b:74:
         b6:32:4f:50:d3:de:75:b3:1c:07:9d:6f:42:e1:74:76:80:a6:
         15:c5:84:e1:9d:55:b0:e3:0f:e9:d8:03:32:7a:0e:39:f1:76:
         f8:fd:fa:72:76:7c:b6:50:0a:5b:97:f7:7c:02:44:ef:54:1d:
         43:68:ec:0e:8c:ae:c7:5a:81:a2:0d:80:9b:a0:d5:9f:b2:71:
         4b:d5:37:a2:34:a2:5a:46:3e:6a:d8:1d:44:30:a8:ce:07:04:
         c5:24:64:71:a9:6d:83:85:45:b8:db:9a:d9:8f:2a:bd:2d:d9:
         e7:ba:72:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncgEwyS0rcEpYAgIe8FrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjYwMzI2MDAwMTE1WhcNMjYwMzI3MDAwMTE1WjAzMTEwLwYDVQQD
EygyOWJiMjRjOWYxZGNlOGMwY2IyNzBiYWMyM2I4OWQ5Y2JlNThlN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Odvwk9E1GFA3XK5fbhOqnm4B3+
j1qEE9pDL63itKNWCvcvil+4gU7HMIPqVYxsI7mpaZtjS1CnZ9+QUFoGmSIxkAc4
dgmWnQGvoH+aRTQwBWoVs2bx0cA2hpPkK4LwZZDY1rFQktpLeet0EoMpImjXNUQm
VgcAmGsjmYqyAOtuZtLJ1VATKH59lM9HFVTOhuwl9nCAUeK+QUz4RrtFqjHWCdwQ
KiB0X/4l1fL9+VwnSrXMOSzE2XIIUkK7xWuuTg+Gc58GaqAzSSw58Qm1CkEFQVMo
kKoF0XjszIb6C8glPyTLNudNWixZs3fK8zEHxW8puR43hM63zUpgv2VkawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm7JMnx3OjAyycLrCO4nZy+WOf8MB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYlxmE89i
0aPQTVGOKiGpmu00CS+zmVP9wFsqolhNjpIIML98ChlHKZhpD5ydFzx0UObpd5Sy
S9maFT8dNUFcHW0OIhq3rF4lETZ4gl3lUYAob1FA4oSumYSyLVHoPAOe35ukk/jR
BDFrnEXH6yOqR+joudN5kriDRELOm5VIsHwmS7hwicnRk5S7s9XcpJt0tjJPUNPe
dbMcB51vQuF0doCmFcWE4Z1VsOMP6dgDMnoOOfF2+P36cnZ8tlAKW5f3fAJE71Qd
Q2jsDoyux1qBog2Am6DVn7JxS9U3ojSiWkY+atgdRDCozgcExSRkcaltg4VFuNua
2Y8qvS3Z57pyCw==
-----END CERTIFICATE-----