Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
File:                     nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft (raw, json)
Hash identifier:          36UNDuB+qYu/djsLP08zZnKWOaGcZ9/MGg+Yz5gHX+k=
Subject key identifier:   0C:DA:D0:57:DD:FA:52:F0:71:D4:09:4D:A1:D7:82:52:CB:A7:AF:E0
Authority key identifier: 9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA
Certificate issuer:       /CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
Certificate serial:       019D27722E6585D97A4F0332794D8636544C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
Manifest number:          0713
Signing time:             Thu 26 Mar 2026 00:01:27 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:27 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:27 +0000
Files and hashes:         1: nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl (hash: A8CVXJH6y6ZUFUAV+9Dcd2tubWjQLRScoMUd/Y5ufqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:2e:65:85:d9:7a:4f:03:32:79:4d:86:36:54:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
        Validity
            Not Before: Mar 26 00:01:27 2026 GMT
            Not After : Mar 27 00:01:27 2026 GMT
        Subject: CN=0cdad057ddfa52f071d4094da1d78252cba7afe0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2f:b5:6c:f7:41:78:2c:4d:b6:5d:38:b4:bf:
                    6f:27:2e:d7:a1:8e:2b:82:fd:a2:ed:10:1d:e1:36:
                    8f:e6:ca:6b:e0:93:94:51:6e:fc:1f:83:45:69:29:
                    64:57:55:6a:d6:78:83:e1:c1:37:b6:f2:72:75:40:
                    80:10:49:6b:0a:f7:5f:dc:57:85:20:bf:da:a5:f8:
                    13:21:8f:6f:93:b5:39:a8:db:0e:39:51:b7:b4:58:
                    a0:2d:f8:93:49:40:59:0a:24:1b:0f:59:d2:1f:29:
                    71:f2:f7:95:d5:26:c1:66:48:d4:4b:13:ce:62:d5:
                    e8:44:43:8a:b6:5d:a6:24:e3:96:12:1f:b8:3d:7f:
                    29:ef:91:e3:7f:e0:c6:9b:16:83:88:bf:70:ff:5a:
                    8b:19:f0:71:5d:76:21:d5:b7:d3:53:7a:d7:aa:11:
                    fa:45:f4:09:0c:27:68:ad:aa:e2:b4:a9:16:b2:81:
                    bf:47:7f:5f:3d:af:4e:d7:c1:54:d8:ec:05:bd:bc:
                    7c:c6:f5:8c:76:fc:f1:f5:3c:3a:2b:39:09:a7:c7:
                    02:5e:21:5d:72:84:9e:49:e3:92:17:08:75:6d:e7:
                    1d:d5:11:e1:29:b8:2f:35:06:86:38:fb:20:f2:20:
                    13:6d:e7:a5:41:86:10:8d:97:e7:69:9c:f6:9f:e2:
                    33:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:DA:D0:57:DD:FA:52:F0:71:D4:09:4D:A1:D7:82:52:CB:A7:AF:E0
            X509v3 Authority Key Identifier:
                keyid:9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:34:21:d0:df:a8:0a:b7:f2:09:9a:0d:af:ff:32:eb:b5:e4:
         2f:0d:55:1e:81:1c:57:b3:35:f1:e1:06:f7:22:1a:1f:25:ce:
         d1:2c:35:99:36:1a:93:99:a5:15:8e:04:4e:92:b7:05:c5:40:
         4b:2b:86:fa:99:5e:ea:5b:df:9e:0e:84:04:28:86:56:87:ae:
         d6:e5:92:66:b9:85:e8:88:71:7d:b6:b1:23:17:2a:fd:b3:b8:
         24:c8:67:64:df:3c:4a:fa:f9:71:14:86:c4:ff:31:93:e1:e0:
         94:d6:79:63:b9:ca:da:8b:69:44:94:83:3b:4d:77:bc:90:74:
         bc:a5:f2:dc:6f:5a:73:98:c4:13:2b:62:e5:a9:a2:04:c6:72:
         c3:2b:9e:dc:45:c4:c8:e1:ab:59:4d:99:18:d0:2e:0d:3c:22:
         a6:c4:e6:9d:e7:33:35:66:39:32:c9:f3:be:db:2f:3e:37:20:
         66:9a:7c:22:eb:92:9a:38:e9:a7:6d:80:e8:1e:82:4f:89:4f:
         7b:a6:d9:7e:6d:6e:d6:4c:b6:fb:9c:54:26:e0:a2:9b:24:68:
         27:46:12:15:c7:26:0e:f7:c6:cd:93:5b:33:30:08:c2:08:55:
         92:51:45:4f:59:d1:2c:31:59:7b:66:d5:05:0c:d3:ad:12:1a:
         96:c5:98:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nci5lhdl6TwMyeU2GNlRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjA1ZDRiZDVkNDJiNDE3NWFjYzYzNGFjY2YwZmZhMTg3
M2YwYWEwHhcNMjYwMzI2MDAwMTI3WhcNMjYwMzI3MDAwMTI3WjAzMTEwLwYDVQQD
EygwY2RhZDA1N2RkZmE1MmYwNzFkNDA5NGRhMWQ3ODI1MmNiYTdhZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i+1bPdBeCxNtl04tL9vJy7XoY4r
gv2i7RAd4TaP5spr4JOUUW78H4NFaSlkV1Vq1niD4cE3tvJydUCAEElrCvdf3FeF
IL/apfgTIY9vk7U5qNsOOVG3tFigLfiTSUBZCiQbD1nSHylx8veV1SbBZkjUSxPO
YtXoREOKtl2mJOOWEh+4PX8p75Hjf+DGmxaDiL9w/1qLGfBxXXYh1bfTU3rXqhH6
RfQJDCdoraritKkWsoG/R39fPa9O18FU2OwFvbx8xvWMdvzx9Tw6KzkJp8cCXiFd
coSeSeOSFwh1becd1RHhKbgvNQaGOPsg8iATbeelQYYQjZfnaZz2n+IztQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAza0Ffd+lLwcdQJTaHXglLLp6/gMB8GA1UdIwQY
MBaAFJzwXUvV1CtBdazGNKzPD/oYc/CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEt
OGJiYTVmYTNjMzE3LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEtOGJiYTVmYTNjMzE3
LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTQh0N+o
CrfyCZoNr/8y67XkLw1VHoEcV7M18eEG9yIaHyXO0Sw1mTYak5mlFY4ETpK3BcVA
SyuG+ple6lvfng6EBCiGVoeu1uWSZrmF6IhxfbaxIxcq/bO4JMhnZN88Svr5cRSG
xP8xk+HglNZ5Y7nK2otpRJSDO013vJB0vKXy3G9ac5jEEyti5amiBMZywyue3EXE
yOGrWU2ZGNAuDTwipsTmneczNWY5MsnzvtsvPjcgZpp8IuuSmjjpp22A6B6CT4lP
e6bZfm1u1ky2+5xUJuCimyRoJ0YSFccmDvfGzZNbMzAIwghVklFFT1nRLDFZe2bV
BQzTrRIalsWYqg==
-----END CERTIFICATE-----