Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          idjsKa/2fzN0OwEnhfkbTSfTZx5sTalzsgrUWAfDehI=
Subject key identifier:   F1:9C:02:A6:9D:C4:AD:D6:3D:47:94:4F:BE:76:3B:FF:E4:B9:62:2B
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019D2AE0DE736DF02D68B85C831B457B1475
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1858
Signing time:             Thu 26 Mar 2026 16:01:13 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:13 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:13 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: UL/qMvw4pwcK1YLu4763CKTTqJyEq3J4R9fYchH5Cf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:de:73:6d:f0:2d:68:b8:5c:83:1b:45:7b:14:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Mar 26 16:01:13 2026 GMT
            Not After : Mar 27 16:01:13 2026 GMT
        Subject: CN=f19c02a69dc4add63d47944fbe763bffe4b9622b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:72:ea:8c:88:61:27:0d:6a:fb:79:dc:82:6e:
                    00:ef:2d:9f:c3:b1:02:8a:f0:10:ec:ea:99:28:64:
                    c2:95:2e:e3:ed:03:19:8d:29:ad:e7:f4:3e:14:d1:
                    12:77:0f:3f:44:36:96:57:6e:2e:a6:b0:d5:5c:e5:
                    67:10:fc:32:c5:5e:ba:d8:79:78:0a:fe:f8:0a:51:
                    63:c6:2f:2d:c2:98:10:6b:f8:27:a6:34:0d:8e:e3:
                    6d:10:86:3b:9a:8b:89:bd:5f:8b:10:56:90:6d:5b:
                    54:6a:2d:29:39:e2:30:4b:c9:b9:b6:18:b2:be:a3:
                    f6:dc:5f:31:9e:be:b4:79:7b:64:2a:e3:c8:ab:35:
                    0d:45:3b:90:5a:34:19:4a:33:e6:40:c7:69:58:83:
                    89:81:c5:52:c5:85:fb:46:24:bb:f6:07:84:27:4c:
                    21:b4:09:73:96:58:4a:7a:36:1f:ea:64:08:2b:7b:
                    06:52:7d:be:82:61:b6:b4:e8:15:3c:c6:c7:b4:0d:
                    28:9f:ff:be:d0:da:d5:0f:b2:c6:0e:f0:7e:67:a4:
                    44:f8:f4:4b:9d:ce:6d:b0:d7:f7:bf:43:23:58:2c:
                    a8:7e:55:ef:a7:59:53:cc:da:76:4c:7e:f6:a4:df:
                    8e:57:e7:af:d9:6f:dc:5b:11:98:a5:b7:74:e3:a9:
                    3d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:9C:02:A6:9D:C4:AD:D6:3D:47:94:4F:BE:76:3B:FF:E4:B9:62:2B
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:72:ea:b0:33:4d:ef:4d:29:71:10:a2:ca:6d:0e:58:68:dd:
         d0:af:c4:be:b6:1b:f5:3d:92:6c:a4:8a:10:fe:1a:41:fc:a2:
         9a:c9:11:d5:10:f7:1d:96:63:4e:41:65:fb:82:18:12:ea:14:
         26:5d:8b:68:18:ad:c5:60:e5:11:38:0c:20:87:20:39:42:5b:
         16:ca:ad:af:ba:e1:4a:2f:6b:68:c5:a5:87:1c:0f:93:39:93:
         9b:bb:19:a7:12:89:64:71:56:33:83:0f:94:17:76:3e:ab:43:
         f1:bd:f2:16:e1:2a:4f:df:b7:71:d4:f4:9e:c1:ca:68:e6:19:
         0a:e5:f7:64:6c:3e:d8:a0:40:69:bf:4e:ee:d6:27:c5:45:fe:
         0b:64:9e:ea:01:6e:1d:c7:e0:c3:37:06:f9:54:cd:5b:26:a3:
         b9:61:33:ce:d7:f8:df:5b:39:28:aa:df:9b:a3:33:1e:ce:86:
         f7:3b:7c:77:77:bc:a8:3a:cf:9c:4b:26:01:67:00:75:9d:a1:
         71:03:a7:97:9f:32:d8:4e:f0:ab:11:67:5c:80:26:af:5d:9f:
         8e:de:f0:4a:5f:72:12:aa:83:c0:07:9d:06:16:e8:20:b8:47:
         57:d0:c1:36:3b:ad:09:71:71:2f:40:3c:08:4d:b7:49:b4:f2:
         04:da:fc:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4N5zbfAtaLhcgxtFexR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjYwMzI2MTYwMTEzWhcNMjYwMzI3MTYwMTEzWjAzMTEwLwYDVQQD
EyhmMTljMDJhNjlkYzRhZGQ2M2Q0Nzk0NGZiZTc2M2JmZmU0Yjk2MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+nLqjIhhJw1q+3ncgm4A7y2fw7EC
ivAQ7OqZKGTClS7j7QMZjSmt5/Q+FNESdw8/RDaWV24uprDVXOVnEPwyxV662Hl4
Cv74ClFjxi8twpgQa/gnpjQNjuNtEIY7mouJvV+LEFaQbVtUai0pOeIwS8m5thiy
vqP23F8xnr60eXtkKuPIqzUNRTuQWjQZSjPmQMdpWIOJgcVSxYX7RiS79geEJ0wh
tAlzllhKejYf6mQIK3sGUn2+gmG2tOgVPMbHtA0on/++0NrVD7LGDvB+Z6RE+PRL
nc5tsNf3v0MjWCyoflXvp1lTzNp2TH72pN+OV+ev2W/cWxGYpbd046k9YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGcAqadxK3WPUeUT752O//kuWIrMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtnLqsDNN
700pcRCiym0OWGjd0K/EvrYb9T2SbKSKEP4aQfyimskR1RD3HZZjTkFl+4IYEuoU
Jl2LaBitxWDlETgMIIcgOUJbFsqtr7rhSi9raMWlhxwPkzmTm7sZpxKJZHFWM4MP
lBd2PqtD8b3yFuEqT9+3cdT0nsHKaOYZCuX3ZGw+2KBAab9O7tYnxUX+C2Se6gFu
HcfgwzcG+VTNWyajuWEzztf431s5KKrfm6MzHs6G9zt8d3e8qDrPnEsmAWcAdZ2h
cQOnl58y2E7wqxFnXIAmr12fjt7wSl9yEqqDwAedBhboILhHV9DBNjutCXFxL0A8
CE23SbTyBNr8oA==
-----END CERTIFICATE-----