Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          ZRAg2uIy3Y4TRGWjyiRCkmsws38roFq0DsWUB6xRSJw=
Subject key identifier:   39:6F:1F:2A:5C:B5:C0:62:FD:3E:B2:7C:BD:27:6C:2A:0E:40:AB:36
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       019D2703D50AF4DB9EC6022D3AA5D671616C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          1880
Signing time:             Wed 25 Mar 2026 22:00:55 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:55 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:55 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: zlG0Gq3zt0LnoSms7HPLD80L5Uyl0t5H3A5Pfu9tCb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d5:0a:f4:db:9e:c6:02:2d:3a:a5:d6:71:61:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Mar 25 22:00:55 2026 GMT
            Not After : Mar 26 22:00:55 2026 GMT
        Subject: CN=396f1f2a5cb5c062fd3eb27cbd276c2a0e40ab36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:30:c5:e3:05:1e:ee:0a:ed:84:ac:61:f1:5b:
                    c7:93:c1:43:bb:ac:fc:cb:1e:cd:19:e4:0b:30:ef:
                    a6:9a:a7:79:8b:d6:d0:12:9a:86:b5:a1:e6:6d:c6:
                    7e:9b:8e:7e:55:ad:55:c5:19:19:43:a0:bb:cf:39:
                    ae:d8:8b:55:d2:b6:88:3a:67:64:cc:3c:d3:a3:27:
                    d5:0c:88:71:c2:8a:77:1f:d2:f6:49:9d:f1:0c:d3:
                    20:fa:7f:5c:2b:71:27:c4:fd:5f:96:1c:ba:9c:f0:
                    b0:cb:cd:04:b3:9c:02:a9:7d:e3:52:13:41:86:37:
                    7d:21:83:f0:af:ed:f3:f5:80:5b:0a:8a:56:bb:10:
                    93:a3:d3:4a:ef:92:16:d3:7e:94:c7:32:0f:4e:ed:
                    06:05:9c:c5:f8:2d:80:cd:db:ce:94:c1:45:4e:c2:
                    28:6d:14:83:1d:46:f2:61:e1:07:98:8f:eb:62:e1:
                    44:f2:99:43:56:14:cf:d2:bc:83:14:92:69:92:81:
                    64:5c:c2:43:c7:2a:1b:88:ac:db:69:63:78:15:21:
                    21:10:40:32:c2:a1:51:11:d4:10:72:49:66:34:e3:
                    0f:28:0c:8f:2c:4c:ac:9d:35:34:51:2d:98:da:97:
                    ce:44:66:ce:95:0d:8e:f0:db:d7:0d:12:14:a4:54:
                    60:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:6F:1F:2A:5C:B5:C0:62:FD:3E:B2:7C:BD:27:6C:2A:0E:40:AB:36
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:32:0e:04:45:84:c4:06:84:b7:53:67:c0:86:22:50:7b:2e:
         50:cf:c2:52:48:4c:1d:2e:b0:b5:76:46:8d:d7:15:10:eb:60:
         80:c2:62:10:b5:61:43:9d:4a:82:a9:1d:eb:9e:42:06:f4:f9:
         41:ad:25:a0:6c:d0:4c:64:0b:d1:9a:f7:c6:0e:56:c2:c1:f3:
         e3:bb:21:b7:d7:a4:5b:0c:52:84:34:a5:aa:f6:6a:eb:79:55:
         f0:b9:b5:28:2f:73:d1:51:4b:86:e9:be:29:99:d0:fa:70:d4:
         31:df:51:f3:51:2b:16:be:ae:f1:45:86:c2:4e:b4:c0:0d:6c:
         e9:95:c3:d8:a9:6b:8e:f1:08:c4:da:27:63:ea:33:95:bd:4c:
         d1:8f:8c:df:4e:5c:19:9a:03:8b:14:18:5a:c7:1b:95:d6:e4:
         90:6c:10:7a:d8:bf:e3:01:2e:f0:7d:49:51:15:91:00:64:48:
         1e:c0:0a:68:52:f6:21:94:cc:e9:c7:25:70:58:e8:c5:a2:92:
         f5:46:8c:86:79:d9:1d:7a:6a:8d:f5:cd:d2:cb:f0:a4:06:fc:
         f8:8e:8f:04:b5:bc:4c:c6:53:81:71:4c:6f:61:33:6e:21:b8:
         d4:81:1c:6f:e3:99:2a:2f:ad:bb:29:10:22:ef:ca:14:a0:84:
         d5:63:fc:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9UK9NuexgItOqXWcWFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjYwMzI1MjIwMDU1WhcNMjYwMzI2MjIwMDU1WjAzMTEwLwYDVQQD
EygzOTZmMWYyYTVjYjVjMDYyZmQzZWIyN2NiZDI3NmMyYTBlNDBhYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjDF4wUe7grthKxh8VvHk8FDu6z8
yx7NGeQLMO+mmqd5i9bQEpqGtaHmbcZ+m45+Va1VxRkZQ6C7zzmu2ItV0raIOmdk
zDzToyfVDIhxwop3H9L2SZ3xDNMg+n9cK3EnxP1flhy6nPCwy80Es5wCqX3jUhNB
hjd9IYPwr+3z9YBbCopWuxCTo9NK75IW036UxzIPTu0GBZzF+C2AzdvOlMFFTsIo
bRSDHUbyYeEHmI/rYuFE8plDVhTP0ryDFJJpkoFkXMJDxyobiKzbaWN4FSEhEEAy
wqFREdQQcklmNOMPKAyPLEysnTU0US2Y2pfORGbOlQ2O8NvXDRIUpFRgHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlvHypctcBi/T6yfL0nbCoOQKs2MB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcDIOBEWE
xAaEt1NnwIYiUHsuUM/CUkhMHS6wtXZGjdcVEOtggMJiELVhQ51Kgqkd655CBvT5
Qa0loGzQTGQL0Zr3xg5WwsHz47sht9ekWwxShDSlqvZq63lV8Lm1KC9z0VFLhum+
KZnQ+nDUMd9R81ErFr6u8UWGwk60wA1s6ZXD2KlrjvEIxNonY+ozlb1M0Y+M305c
GZoDixQYWscbldbkkGwQeti/4wEu8H1JURWRAGRIHsAKaFL2IZTM6cclcFjoxaKS
9UaMhnnZHXpqjfXN0svwpAb8+I6PBLW8TMZTgXFMb2EzbiG41IEcb+OZKi+tuykQ
Iu/KFKCE1WP8dg==
-----END CERTIFICATE-----