Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          +OSa+Zz2XYuh4Ufm73p69Ff7I5qyBKZVWpYbX7E1FgI=
Subject key identifier:   5C:C5:57:19:4B:FF:37:52:E6:B3:1A:AC:FE:31:78:81:3F:0B:9D:D8
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       019D27E09180D6560AC9CBEB60D28D1F0D17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          0395
Signing time:             Thu 26 Mar 2026 02:02:01 +0000
Manifest this update:     Thu 26 Mar 2026 02:02:01 +0000
Manifest next update:     Fri 27 Mar 2026 02:02:01 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: viasdKohm114lf9G8CwoUis1Kfom4F9ehI1mhW0vdCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:91:80:d6:56:0a:c9:cb:eb:60:d2:8d:1f:0d:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Mar 26 02:02:01 2026 GMT
            Not After : Mar 27 02:02:01 2026 GMT
        Subject: CN=5cc557194bff3752e6b31aacfe3178813f0b9dd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6e:4c:db:c8:44:77:c1:24:22:a9:28:28:76:
                    8b:f1:15:10:b8:41:e8:92:5e:6f:41:18:ec:dd:30:
                    30:9a:d1:02:41:0e:67:06:57:a4:d6:5e:35:0c:9b:
                    79:a8:42:e4:37:13:0d:ec:6b:6a:07:7f:c4:b1:34:
                    df:e2:c7:e4:f3:83:3e:d9:b4:65:66:e9:74:5d:f0:
                    92:87:36:0d:e5:74:42:88:88:a5:c4:81:90:85:14:
                    84:46:9f:8b:24:76:7d:d2:4f:27:81:f4:0d:45:c2:
                    4f:a2:01:59:54:ee:21:b5:ee:84:e8:8b:00:f0:e8:
                    cd:42:25:07:12:2b:96:87:68:cb:41:1a:2b:88:78:
                    83:c1:04:18:56:7a:71:43:fa:2a:d6:5f:0c:85:ac:
                    07:70:af:dc:ab:e6:6b:0f:04:cc:4d:53:1a:6d:42:
                    a9:13:a0:f4:e7:4e:07:80:6e:7f:0c:2a:81:70:4e:
                    82:e4:24:12:51:e2:ab:1b:cb:9c:9a:d4:a5:35:a5:
                    dc:8c:e1:ce:f6:76:5e:c9:ab:86:c8:4b:b3:91:c7:
                    b5:2f:0f:97:9f:62:80:fd:ea:6d:4e:76:6b:d6:a6:
                    3d:ba:87:7a:fa:bc:d2:8c:a5:c2:9b:23:b7:c4:d3:
                    ed:e3:b7:43:b0:33:46:c1:b7:d6:db:87:ad:75:28:
                    17:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C5:57:19:4B:FF:37:52:E6:B3:1A:AC:FE:31:78:81:3F:0B:9D:D8
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:bc:96:a9:07:07:11:d2:41:76:8c:56:e6:74:3a:e1:75:6d:
         56:5b:48:d2:31:db:cc:fa:24:8c:ef:56:7c:bc:28:21:09:34:
         02:00:90:2c:1e:3d:0e:36:47:54:a4:d3:11:c5:12:89:46:88:
         29:68:3b:68:ff:c3:d3:4b:d1:1b:8f:3a:46:a8:66:92:5f:50:
         f6:fb:06:a9:3a:d8:2e:1a:d4:e7:f0:4a:82:10:65:b2:d4:df:
         67:c4:8c:3f:20:36:3b:0a:88:df:b6:77:70:94:6f:70:b2:8b:
         02:e9:0e:c8:35:45:a1:46:2d:1d:fd:99:fb:2a:9f:5b:7f:e9:
         9c:ab:1b:e7:da:b9:4a:a0:3e:37:71:f9:93:5e:83:6b:a5:7a:
         b7:09:68:7e:40:41:2d:ae:5b:54:b1:97:0b:31:c4:48:bd:e9:
         6e:f4:23:20:17:04:6e:13:2c:91:96:a9:92:2e:de:a1:9b:37:
         9e:87:5d:13:37:a8:3d:f7:36:7b:cd:35:f0:c4:26:4f:a3:0c:
         21:33:2b:fd:49:1b:ea:a5:cf:40:e7:1d:0c:b7:b2:00:21:d0:
         c1:83:99:aa:0b:4e:79:19:19:bd:4e:6f:79:b4:24:43:7a:75:
         7d:f4:38:6c:e9:1b:43:6a:6c:0f:9e:bc:70:2b:b3:84:00:95:
         8d:02:3e:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4JGA1lYKycvrYNKNHw0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjYwMzI2MDIwMjAxWhcNMjYwMzI3MDIwMjAxWjAzMTEwLwYDVQQD
Eyg1Y2M1NTcxOTRiZmYzNzUyZTZiMzFhYWNmZTMxNzg4MTNmMGI5ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv25M28hEd8EkIqkoKHaL8RUQuEHo
kl5vQRjs3TAwmtECQQ5nBlek1l41DJt5qELkNxMN7GtqB3/EsTTf4sfk84M+2bRl
Zul0XfCShzYN5XRCiIilxIGQhRSERp+LJHZ90k8ngfQNRcJPogFZVO4hte6E6IsA
8OjNQiUHEiuWh2jLQRoriHiDwQQYVnpxQ/oq1l8MhawHcK/cq+ZrDwTMTVMabUKp
E6D0504HgG5/DCqBcE6C5CQSUeKrG8ucmtSlNaXcjOHO9nZeyauGyEuzkce1Lw+X
n2KA/eptTnZr1qY9uod6+rzSjKXCmyO3xNPt47dDsDNGwbfW24etdSgX5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzFVxlL/zdS5rMarP4xeIE/C53YMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMLyWqQcH
EdJBdoxW5nQ64XVtVltI0jHbzPokjO9WfLwoIQk0AgCQLB49DjZHVKTTEcUSiUaI
KWg7aP/D00vRG486Rqhmkl9Q9vsGqTrYLhrU5/BKghBlstTfZ8SMPyA2OwqI37Z3
cJRvcLKLAukOyDVFoUYtHf2Z+yqfW3/pnKsb59q5SqA+N3H5k16Da6V6twlofkBB
La5bVLGXCzHESL3pbvQjIBcEbhMskZapki7eoZs3noddEzeoPfc2e8018MQmT6MM
ITMr/Ukb6qXPQOcdDLeyACHQwYOZqgtOeRkZvU5vebQkQ3p1ffQ4bOkbQ2psD568
cCuzhACVjQI+iQ==
-----END CERTIFICATE-----