Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
File:                     NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft (raw, json)
Hash identifier:          5VuiBkiKY1tN/qGl/eO7mBcwHScxvSlWzz9fMLTEYLU=
Subject key identifier:   32:CE:20:8D:50:9F:68:04:C3:06:EA:CE:89:DE:F4:74:0F:86:46:31
Authority key identifier: 36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57
Certificate issuer:       /CN=36d8c1a73b1595109d26067b4291f71dc1db9957
Certificate serial:       019D29CE4244F09B1E490986AB0C0068E9F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
Manifest number:          1293
Signing time:             Thu 26 Mar 2026 11:01:16 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:16 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:16 +0000
Files and hashes:         1: NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl (hash: WyGEH6JxH0Gy29Sz/UowYPQoLDZitTxTt6Q4o04L6CE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:42:44:f0:9b:1e:49:09:86:ab:0c:00:68:e9:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36d8c1a73b1595109d26067b4291f71dc1db9957
        Validity
            Not Before: Mar 26 11:01:16 2026 GMT
            Not After : Mar 27 11:01:16 2026 GMT
        Subject: CN=32ce208d509f6804c306eace89def4740f864631
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b3:0a:4e:1f:8b:3e:4c:73:a8:e7:e6:dd:f3:
                    4b:ed:f3:cb:d4:17:d4:81:30:07:65:3f:53:22:b8:
                    2d:a2:60:f3:5b:3a:f9:08:f6:fa:06:04:38:d5:bc:
                    6f:dc:31:f3:14:4a:ee:77:ef:0b:22:e6:d7:26:ae:
                    47:12:27:73:19:bd:6e:51:36:d4:89:68:ba:a6:4f:
                    96:d4:09:1f:f4:ee:90:24:9b:eb:e3:4b:3a:52:84:
                    a2:72:32:c5:af:d5:fc:cc:f6:cc:10:8b:4f:91:3e:
                    9e:53:d8:87:e9:07:95:ad:aa:5c:5a:66:c7:ee:d1:
                    f9:30:73:67:e9:92:d5:15:19:d0:59:3b:79:8a:ac:
                    c7:8f:6a:e6:e9:2b:59:ba:a1:b3:07:84:95:16:55:
                    f8:ff:cb:53:68:98:93:67:8c:fb:eb:a0:21:8d:5e:
                    b2:f6:77:77:9f:0d:9f:bb:24:04:12:60:ae:d6:4d:
                    e3:8a:32:25:bf:8e:c4:0e:36:3a:06:6b:26:85:bf:
                    54:66:d7:4d:57:ca:3c:fe:a5:fd:ae:e0:f0:bf:37:
                    e7:1d:6f:b3:df:af:03:58:de:2a:02:ac:b9:a3:7e:
                    20:bd:9b:66:a3:45:b1:84:ef:76:a6:63:84:75:2b:
                    59:80:01:c8:b8:f9:8b:60:e7:35:48:c4:08:02:f7:
                    a8:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CE:20:8D:50:9F:68:04:C3:06:EA:CE:89:DE:F4:74:0F:86:46:31
            X509v3 Authority Key Identifier:
                keyid:36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:56:29:5d:6b:a3:dd:87:d0:17:f9:76:2e:ac:f7:ca:6e:cd:
         7e:6a:ec:cc:72:b5:5e:aa:c5:ae:0e:52:13:7e:0a:0c:e1:0c:
         75:37:49:5f:48:f6:90:7d:78:4f:7b:bc:b8:78:6f:fd:47:82:
         47:54:7c:8a:ae:5a:01:3a:a0:54:33:ee:ed:b5:68:71:a1:d5:
         a0:be:22:61:93:fb:47:93:1e:02:4b:7b:c2:d7:7f:91:46:66:
         20:b5:e1:02:18:b5:46:c1:7d:ea:7d:dd:35:2d:64:b4:d6:6c:
         62:db:dd:f1:fd:58:e1:ad:3c:f9:a5:28:6d:f7:f9:1f:e5:86:
         d0:aa:89:a6:d3:5c:e7:8c:8a:2a:a7:64:cd:9a:e6:ca:5c:28:
         6b:b1:6d:30:78:82:e7:3a:ea:c2:c5:29:a4:25:82:73:db:e9:
         e6:0c:d2:c7:13:88:4c:3b:d4:18:e4:65:bb:20:c8:29:71:df:
         89:d2:01:99:90:94:68:33:d8:ab:0c:5c:b4:d2:8b:ae:c3:40:
         86:fe:01:c6:7a:d6:0e:b5:f4:fd:74:20:5a:93:5c:4e:00:d9:
         da:3a:66:22:67:7c:48:44:7f:33:1f:bc:6e:9f:ae:d8:6a:58:
         94:0d:1b:f7:7f:f6:49:3d:ce:35:d0:fd:11:f2:6b:15:51:0d:
         10:06:18:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzkJE8JseSQmGqwwAaOn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZDhjMWE3M2IxNTk1MTA5ZDI2MDY3YjQyOTFmNzFkYzFk
Yjk5NTcwHhcNMjYwMzI2MTEwMTE2WhcNMjYwMzI3MTEwMTE2WjAzMTEwLwYDVQQD
EygzMmNlMjA4ZDUwOWY2ODA0YzMwNmVhY2U4OWRlZjQ3NDBmODY0NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7MKTh+LPkxzqOfm3fNL7fPL1BfU
gTAHZT9TIrgtomDzWzr5CPb6BgQ41bxv3DHzFErud+8LIubXJq5HEidzGb1uUTbU
iWi6pk+W1Akf9O6QJJvr40s6UoSicjLFr9X8zPbMEItPkT6eU9iH6QeVrapcWmbH
7tH5MHNn6ZLVFRnQWTt5iqzHj2rm6StZuqGzB4SVFlX4/8tTaJiTZ4z766AhjV6y
9nd3nw2fuyQEEmCu1k3jijIlv47EDjY6Bmsmhb9UZtdNV8o8/qX9ruDwvzfnHW+z
368DWN4qAqy5o34gvZtmo0WxhO92pmOEdStZgAHIuPmLYOc1SMQIAveobwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLOII1Qn2gEwwbqzone9HQPhkYxMB8GA1UdIwQY
MBaAFDbYwac7FZUQnSYGe0KR9x3B25lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgt
ZjYxZWM4NWQwZjU3LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgtZjYxZWM4NWQwZjU3
LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVYpXWuj
3YfQF/l2Lqz3ym7NfmrszHK1XqrFrg5SE34KDOEMdTdJX0j2kH14T3u8uHhv/UeC
R1R8iq5aATqgVDPu7bVocaHVoL4iYZP7R5MeAkt7wtd/kUZmILXhAhi1RsF96n3d
NS1ktNZsYtvd8f1Y4a08+aUobff5H+WG0KqJptNc54yKKqdkzZrmylwoa7FtMHiC
5zrqwsUppCWCc9vp5gzSxxOITDvUGORluyDIKXHfidIBmZCUaDPYqwxctNKLrsNA
hv4BxnrWDrX0/XQgWpNcTgDZ2jpmImd8SER/Mx+8bp+u2GpYlA0b93/2ST3ONdD9
EfJrFVENEAYYYg==
-----END CERTIFICATE-----