Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          HoTvPlKtA3Adoq2YLfEVLdrmoP5ah86Z81uysBnEGVQ=
Subject key identifier:   0C:63:9F:A6:4C:5E:E8:69:FE:CF:B2:DC:B4:3E:2D:20:96:59:F8:39
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019D2960BCA1A337217B0F26FAA3EB1BAAA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0CE9
Signing time:             Thu 26 Mar 2026 09:01:38 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:38 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:38 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: LIJ2s77fI1PfHED4Lz7FaC2t7R1dRWTYSVQVbfYRk/E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:bc:a1:a3:37:21:7b:0f:26:fa:a3:eb:1b:aa:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Mar 26 09:01:38 2026 GMT
            Not After : Mar 27 09:01:38 2026 GMT
        Subject: CN=0c639fa64c5ee869fecfb2dcb43e2d209659f839
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:04:19:4e:cd:fe:6f:f4:7e:ff:39:98:05:d6:
                    e8:22:1b:f6:28:79:31:e0:76:b5:f4:fc:e7:4c:38:
                    d2:da:e4:9e:65:d2:b1:4f:df:ee:1a:c1:f1:8f:33:
                    72:0b:0a:7e:bd:4a:bf:2f:cc:c6:04:ee:13:cc:41:
                    e9:6b:64:71:12:34:ee:9b:e7:4c:77:9b:d4:2f:68:
                    da:91:ca:2f:dd:76:9e:6e:e9:ae:d3:5e:23:e2:af:
                    70:8d:74:44:73:22:93:c2:51:5b:ac:85:e0:db:32:
                    57:24:8b:c2:7e:76:2b:19:ba:9d:a4:25:66:81:56:
                    c6:dd:3b:74:77:04:7d:33:a2:49:be:dc:b0:38:4a:
                    6b:6f:28:49:53:ba:0f:5f:65:7b:97:d1:0f:38:d3:
                    7a:05:de:73:21:ee:42:0d:09:34:9f:ea:08:5a:50:
                    c5:bb:84:70:19:b3:64:f0:d2:29:c8:3e:0f:1c:be:
                    42:74:46:61:4d:1a:8c:cb:f9:fd:fb:82:58:59:31:
                    68:4f:37:fc:1d:a1:e1:ce:74:8a:4f:11:71:99:3d:
                    2b:16:55:eb:0b:83:3f:75:34:d0:b5:27:5c:b5:7f:
                    18:39:28:08:51:61:5e:c2:d1:fb:1f:2c:62:d9:79:
                    99:18:e4:43:ed:96:70:f9:f0:cc:bc:72:3f:a7:73:
                    38:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:63:9F:A6:4C:5E:E8:69:FE:CF:B2:DC:B4:3E:2D:20:96:59:F8:39
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:e0:17:9c:18:a7:44:87:04:8a:27:8d:0c:4c:27:cf:f5:e6:
         3e:b4:77:c4:4d:97:af:56:03:a0:d5:55:6a:ff:e6:b6:43:46:
         21:36:fe:6a:7a:18:4b:6a:df:a9:d2:77:a4:39:33:39:89:93:
         e6:41:6c:93:f8:71:93:2f:b3:5b:8f:69:97:0e:db:55:28:fe:
         e3:ab:aa:47:d3:ea:2b:81:54:a4:81:23:67:76:45:0d:07:8c:
         21:8c:fc:46:0c:d1:cf:1c:5e:87:bf:cd:7b:a3:74:60:c3:36:
         23:97:48:cc:9f:a8:46:35:e3:63:46:3d:2f:08:a7:fe:dd:84:
         15:e1:19:67:fd:24:ab:4c:ae:f3:46:cd:fc:68:f8:36:61:87:
         ad:49:40:94:35:62:9d:b1:57:d7:de:8a:a6:cf:1c:0d:a9:9d:
         37:1f:b2:3e:72:c3:8f:66:3c:f2:1e:ae:d7:65:87:c6:14:00:
         d5:a8:94:83:11:23:12:78:5b:8a:3c:e1:ee:0c:42:9e:46:f9:
         7f:76:75:4f:5c:10:7d:56:78:fe:bd:6e:38:cd:ec:e1:3a:f3:
         3e:a3:d7:2c:41:59:fd:02:c0:89:81:43:ed:ae:f3:6f:86:67:
         d2:01:46:18:20:99:04:45:b7:ce:3b:c9:0b:7a:8a:f1:43:90:
         20:4d:4c:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYLyhozchew8m+qPrG6qiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjYwMzI2MDkwMTM4WhcNMjYwMzI3MDkwMTM4WjAzMTEwLwYDVQQD
EygwYzYzOWZhNjRjNWVlODY5ZmVjZmIyZGNiNDNlMmQyMDk2NTlmODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgQZTs3+b/R+/zmYBdboIhv2KHkx
4Ha19PznTDjS2uSeZdKxT9/uGsHxjzNyCwp+vUq/L8zGBO4TzEHpa2RxEjTum+dM
d5vUL2jakcov3Xaebumu014j4q9wjXREcyKTwlFbrIXg2zJXJIvCfnYrGbqdpCVm
gVbG3Tt0dwR9M6JJvtywOEprbyhJU7oPX2V7l9EPONN6Bd5zIe5CDQk0n+oIWlDF
u4RwGbNk8NIpyD4PHL5CdEZhTRqMy/n9+4JYWTFoTzf8HaHhznSKTxFxmT0rFlXr
C4M/dTTQtSdctX8YOSgIUWFewtH7Hyxi2XmZGORD7ZZw+fDMvHI/p3M4yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxjn6ZMXuhp/s+y3LQ+LSCWWfg5MB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKOAXnBin
RIcEiieNDEwnz/XmPrR3xE2Xr1YDoNVVav/mtkNGITb+anoYS2rfqdJ3pDkzOYmT
5kFsk/hxky+zW49plw7bVSj+46uqR9PqK4FUpIEjZ3ZFDQeMIYz8RgzRzxxeh7/N
e6N0YMM2I5dIzJ+oRjXjY0Y9Lwin/t2EFeEZZ/0kq0yu80bN/Gj4NmGHrUlAlDVi
nbFX196Kps8cDamdNx+yPnLDj2Y88h6u12WHxhQA1aiUgxEjEnhbijzh7gxCnkb5
f3Z1T1wQfVZ4/r1uOM3s4TrzPqPXLEFZ/QLAiYFD7a7zb4Zn0gFGGCCZBEW3zjvJ
C3qK8UOQIE1Mcw==
-----END CERTIFICATE-----