Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          b4PYenpyJJ8vSu7LzQfZkTmJVNosspok+cN+FZTAvww=
Subject key identifier:   64:B8:1D:61:58:C6:DC:5B:11:41:21:C2:2F:19:0A:FB:79:50:A3:63
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019D2B84F44B171D0E5AF496947E62B3569A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          1077
Signing time:             Thu 26 Mar 2026 19:00:26 +0000
Manifest this update:     Thu 26 Mar 2026 19:00:26 +0000
Manifest next update:     Fri 27 Mar 2026 19:00:26 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: vZ5hkjEn0thf4oEu4OFpqOCYZVG6N/RKrUER7xsBkBs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:84:f4:4b:17:1d:0e:5a:f4:96:94:7e:62:b3:56:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Mar 26 19:00:26 2026 GMT
            Not After : Mar 27 19:00:26 2026 GMT
        Subject: CN=64b81d6158c6dc5b114121c22f190afb7950a363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d1:ff:38:78:7e:ce:96:45:9a:b0:28:45:01:
                    eb:dd:67:be:cb:21:09:1b:6c:fa:ef:6a:76:4b:a4:
                    ce:c2:f3:5f:aa:c0:e8:92:89:db:cd:90:a1:ec:f5:
                    48:5b:ff:02:22:9b:8b:71:88:b7:6d:6d:3a:3f:b2:
                    57:0f:ac:18:a9:83:6c:2e:ce:6a:d4:50:f7:ec:fa:
                    a7:99:51:c4:2c:a1:41:29:54:f7:a8:f1:28:b2:a1:
                    85:a4:26:4d:86:90:88:04:7b:ea:86:66:89:d1:c8:
                    6d:8a:2d:77:1c:be:f4:85:05:5e:8d:5b:9f:07:18:
                    b7:58:87:a4:af:d9:03:af:4e:48:83:9d:c3:cb:d0:
                    65:03:95:0e:ca:98:41:c9:3c:20:a3:3e:59:be:db:
                    3e:fe:36:2b:00:d5:64:11:f5:a2:53:10:a7:7a:36:
                    e5:35:e6:c5:23:fa:0f:7f:28:fc:ff:4e:de:89:2f:
                    31:79:2d:66:27:3a:c8:26:a8:3e:3d:6e:e9:83:b1:
                    fb:5f:56:0f:03:16:dd:2d:5b:a7:f8:ea:b6:3f:7a:
                    59:4a:7b:a0:b5:a6:68:66:f6:e7:b6:cf:76:ac:58:
                    1d:73:b7:4a:6c:eb:05:dc:6b:75:e5:b6:a8:08:90:
                    6e:17:14:f2:d4:f0:da:20:ae:df:6c:62:e3:0c:42:
                    78:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:B8:1D:61:58:C6:DC:5B:11:41:21:C2:2F:19:0A:FB:79:50:A3:63
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:2e:13:7b:ac:01:b4:48:e8:37:c1:d7:83:eb:9f:83:c7:7e:
         d7:99:38:bb:7d:db:28:6c:8a:3c:8a:83:b7:f6:cc:35:98:45:
         75:75:a4:4b:25:1b:60:81:73:28:a0:f6:57:df:ce:1f:85:b5:
         f6:56:f4:87:24:9b:3e:43:93:aa:b7:84:e2:aa:96:b9:d0:c9:
         53:0e:e6:59:d7:9f:da:a0:f6:57:ca:68:f7:b7:0a:36:a5:74:
         16:fb:9c:2a:d7:70:17:ae:91:a8:1d:36:bc:05:7b:bf:fa:d5:
         38:ab:fe:fc:a0:a8:d1:87:53:67:6b:74:e2:46:25:b6:92:df:
         2e:db:6b:28:89:75:78:68:85:13:f6:e9:81:24:6e:a5:e5:bd:
         3b:17:3a:40:1a:8f:41:c8:70:4e:0d:a9:5f:a1:29:59:09:73:
         6a:36:f0:e3:5c:cd:d4:2b:6d:f8:63:eb:21:c4:c1:63:bd:b5:
         a6:ba:a8:d2:d9:f9:24:60:d0:31:2e:98:54:7b:ac:05:69:d8:
         56:f1:aa:7d:d8:36:ad:8a:ca:2b:04:87:fa:91:18:a7:6d:ce:
         8b:c0:73:83:f2:05:f4:54:88:b6:47:17:33:a9:01:b8:39:12:
         27:41:7a:ea:ea:77:9e:80:da:c5:2d:ec:47:01:46:45:a7:20:
         8c:6c:8b:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rhPRLFx0OWvSWlH5is1aaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjYwMzI2MTkwMDI2WhcNMjYwMzI3MTkwMDI2WjAzMTEwLwYDVQQD
Eyg2NGI4MWQ2MTU4YzZkYzViMTE0MTIxYzIyZjE5MGFmYjc5NTBhMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytH/OHh+zpZFmrAoRQHr3We+yyEJ
G2z672p2S6TOwvNfqsDokonbzZCh7PVIW/8CIpuLcYi3bW06P7JXD6wYqYNsLs5q
1FD37PqnmVHELKFBKVT3qPEosqGFpCZNhpCIBHvqhmaJ0chtii13HL70hQVejVuf
Bxi3WIekr9kDr05Ig53Dy9BlA5UOyphByTwgoz5Zvts+/jYrANVkEfWiUxCnejbl
NebFI/oPfyj8/07eiS8xeS1mJzrIJqg+PW7pg7H7X1YPAxbdLVun+Oq2P3pZSnug
taZoZvbnts92rFgdc7dKbOsF3Gt15baoCJBuFxTy1PDaIK7fbGLjDEJ4/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGS4HWFYxtxbEUEhwi8ZCvt5UKNjMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyC4Te6wB
tEjoN8HXg+ufg8d+15k4u33bKGyKPIqDt/bMNZhFdXWkSyUbYIFzKKD2V9/OH4W1
9lb0hySbPkOTqreE4qqWudDJUw7mWdef2qD2V8po97cKNqV0FvucKtdwF66RqB02
vAV7v/rVOKv+/KCo0YdTZ2t04kYltpLfLttrKIl1eGiFE/bpgSRupeW9Oxc6QBqP
QchwTg2pX6EpWQlzajbw41zN1Ctt+GPrIcTBY721prqo0tn5JGDQMS6YVHusBWnY
VvGqfdg2rYrKKwSH+pEYp23Oi8Bzg/IF9FSItkcXM6kBuDkSJ0F66up3noDaxS3s
RwFGRacgjGyLhg==
-----END CERTIFICATE-----