Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
File:                     _Nq63VYraOxeFY4easdvfalucyM.mft (raw, json)
Hash identifier:          Z/8Nu203RbC0q1txTfjA683gkgIfOx1kCR8PwmS7P2I=
Subject key identifier:   AD:09:FA:52:C9:5D:6E:A6:5B:97:4D:78:53:8B:B6:67:54:39:6B:8B
Authority key identifier: FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23
Certificate issuer:       /CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
Certificate serial:       019D2961974DBEB15F63AC5421E61CF81E69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 09:02:34 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:34 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:34 +0000
Files and hashes:         1: _Nq63VYraOxeFY4easdvfalucyM.crl (hash: LW5kBtkoEwr7Oqdpwc9383ndCK8Q/Dpm53Ej9VW5IHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:97:4d:be:b1:5f:63:ac:54:21:e6:1c:f8:1e:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
        Validity
            Not Before: Mar 26 09:02:34 2026 GMT
            Not After : Mar 27 09:02:34 2026 GMT
        Subject: CN=ad09fa52c95d6ea65b974d78538bb66754396b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:9e:6f:49:eb:bf:9d:04:63:30:d3:d2:57:cb:
                    e9:f0:39:b5:89:25:5e:fb:f6:2e:a6:83:87:f5:b3:
                    e9:ad:9f:2a:b5:09:3a:83:84:fd:b6:b7:d4:c6:6b:
                    d8:e2:a1:93:8e:71:73:bc:e9:9a:25:40:e4:b1:5f:
                    2b:e8:74:ae:c7:cd:ff:26:4f:29:54:84:73:b7:29:
                    b1:8a:b4:be:96:5a:0a:26:84:22:ea:99:29:85:80:
                    29:8c:17:e4:ea:3d:b5:f6:e4:f9:8f:27:40:56:97:
                    ed:65:a1:1c:af:ef:60:e0:19:a1:9f:a8:d0:75:fb:
                    db:0e:62:b7:d8:e3:c7:93:02:24:3e:4d:d4:3d:53:
                    f2:35:e9:05:59:bf:96:94:f9:ed:49:c8:60:c7:e5:
                    db:d2:a4:6c:5c:e5:8c:c9:19:a1:79:f0:d1:90:29:
                    77:46:db:f3:c5:71:da:4e:f8:b1:7e:10:22:80:c5:
                    ff:f1:63:61:17:10:8a:ef:8f:21:60:f4:4f:92:3f:
                    39:d7:16:90:cd:5c:ee:52:6d:b2:e9:4b:91:cc:42:
                    15:d8:43:e4:2b:68:c4:17:fa:f8:6f:69:22:c1:cd:
                    a7:60:9f:7e:08:85:f7:a3:52:09:c1:d0:59:5b:18:
                    b1:c5:00:b3:4d:91:96:ac:ff:28:1f:70:b4:92:0c:
                    72:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:09:FA:52:C9:5D:6E:A6:5B:97:4D:78:53:8B:B6:67:54:39:6B:8B
            X509v3 Authority Key Identifier:
                keyid:FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:34:fd:0b:9d:ba:88:94:1f:0b:e0:42:21:fd:5c:23:88:90:
         79:d7:f9:1e:5a:c6:94:7b:59:1e:a7:e9:0d:29:9d:11:2c:b2:
         1d:d6:21:17:ab:ab:02:1a:70:bc:b3:30:5b:8a:93:28:fa:b9:
         d8:83:95:c2:f1:d3:d8:f2:35:a1:17:74:00:7c:9a:8b:65:63:
         43:f6:ef:bc:2c:e3:bf:38:a5:b6:5c:76:5e:b8:46:97:10:ca:
         32:72:aa:74:f4:35:3d:21:96:3c:f1:56:6b:d1:80:47:94:2a:
         2d:a3:78:df:13:a7:a8:4a:91:9c:b0:a4:89:7a:42:f0:51:76:
         a2:25:f6:6f:d0:bc:16:1d:06:50:8a:f3:dc:af:5c:25:fc:6e:
         5d:a2:0f:91:39:75:a9:13:57:68:da:5e:64:0c:ac:d9:8b:46:
         9c:3e:1a:10:75:91:3f:25:1d:51:38:a6:2e:fb:0b:9c:78:43:
         62:84:af:87:a6:11:32:84:e9:36:ef:4f:96:65:53:b0:58:a9:
         7b:19:02:de:30:1a:87:21:7c:8f:86:4a:1e:7f:3e:8f:c4:21:
         67:11:06:f3:93:dd:7f:87:77:d7:2f:05:78:fc:b8:b3:73:22:
         a2:b0:55:85:aa:a9:48:4b:54:fe:8a:fc:aa:9e:9b:11:cd:82:
         6b:80:f4:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYZdNvrFfY6xUIeYc+B5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZGFiYWRkNTYyYjY4ZWM1ZTE1OGUxZTZhYzc2ZjdkYTk2
ZTczMjMwHhcNMjYwMzI2MDkwMjM0WhcNMjYwMzI3MDkwMjM0WjAzMTEwLwYDVQQD
EyhhZDA5ZmE1MmM5NWQ2ZWE2NWI5NzRkNzg1MzhiYjY2NzU0Mzk2YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ5vSeu/nQRjMNPSV8vp8Dm1iSVe
+/YupoOH9bPprZ8qtQk6g4T9trfUxmvY4qGTjnFzvOmaJUDksV8r6HSux83/Jk8p
VIRztymxirS+lloKJoQi6pkphYApjBfk6j219uT5jydAVpftZaEcr+9g4Bmhn6jQ
dfvbDmK32OPHkwIkPk3UPVPyNekFWb+WlPntSchgx+Xb0qRsXOWMyRmhefDRkCl3
RtvzxXHaTvixfhAigMX/8WNhFxCK748hYPRPkj851xaQzVzuUm2y6UuRzEIV2EPk
K2jEF/r4b2kiwc2nYJ9+CIX3o1IJwdBZWxixxQCzTZGWrP8oH3C0kgxyuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0J+lLJXW6mW5dNeFOLtmdUOWuLMB8GA1UdIwQY
MBaAFPzaut1WK2jsXhWOHmrHb32pbnMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmIt
YTM5NGU4NjZiMzdjLzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmItYTM5NGU4NjZiMzdj
LzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAETT9C526
iJQfC+BCIf1cI4iQedf5HlrGlHtZHqfpDSmdESyyHdYhF6urAhpwvLMwW4qTKPq5
2IOVwvHT2PI1oRd0AHyai2VjQ/bvvCzjvziltlx2XrhGlxDKMnKqdPQ1PSGWPPFW
a9GAR5QqLaN43xOnqEqRnLCkiXpC8FF2oiX2b9C8Fh0GUIrz3K9cJfxuXaIPkTl1
qRNXaNpeZAys2YtGnD4aEHWRPyUdUTimLvsLnHhDYoSvh6YRMoTpNu9PlmVTsFip
exkC3jAahyF8j4ZKHn8+j8QhZxEG85Pdf4d31y8FePy4s3MiorBVhaqpSEtU/or8
qp6bEc2Ca4D0NA==
-----END CERTIFICATE-----