Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          0gfWaZl4N1vir40yYjuHN7SbCQiqYYNurovhSKe0u6w=
Subject key identifier:   5C:4A:87:1F:63:53:C6:8C:4A:5D:74:86:6E:01:96:78:11:40:62:62
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       019D28842D3C77132877DDFC78DC8CB2322A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          0644
Signing time:             Thu 26 Mar 2026 05:00:44 +0000
Manifest this update:     Thu 26 Mar 2026 05:00:44 +0000
Manifest next update:     Fri 27 Mar 2026 05:00:44 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: TmsvHjuHvsrmyCD+2ekfPKQwZkGbUgnENfp5tJ9ZZIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 05:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:2d:3c:77:13:28:77:dd:fc:78:dc:8c:b2:32:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Mar 26 05:00:44 2026 GMT
            Not After : Mar 27 05:00:44 2026 GMT
        Subject: CN=5c4a871f6353c68c4a5d74866e01967811406262
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:18:0a:ba:71:b2:ff:8e:c7:ad:32:0a:bf:27:
                    8e:cc:fb:47:9b:92:02:43:92:61:2a:10:c3:ce:ea:
                    44:62:24:de:80:b0:40:de:48:bc:9e:fe:9f:54:49:
                    58:30:cf:a7:d4:0e:23:4f:b5:70:0b:fa:61:c8:68:
                    a7:d6:24:20:53:df:ec:b6:22:a4:0a:2f:fa:61:a6:
                    e6:e8:3b:9a:31:b9:e5:3f:96:53:cd:7f:2a:ba:fb:
                    e8:87:87:df:14:2d:a1:4d:bd:b9:d7:38:ca:c4:90:
                    d4:72:bc:7b:cd:ac:06:1d:17:f8:31:0d:cb:49:33:
                    e3:4e:47:fb:9a:12:86:89:8f:b4:05:17:00:ce:54:
                    f6:17:fe:df:82:1f:f4:d1:80:8d:72:68:c6:a6:e3:
                    5e:0f:64:8f:df:7f:52:f3:e9:73:4c:52:dc:06:57:
                    ce:57:ab:bd:1e:f0:24:a8:91:ee:b3:26:cd:9e:73:
                    a7:00:92:58:d3:3e:18:82:c6:7e:53:56:dc:52:98:
                    f4:3f:78:80:c8:82:78:62:35:a8:59:9c:32:7f:8d:
                    c7:5b:8d:03:a7:b0:94:0c:e3:9c:ea:82:d7:e3:c0:
                    0e:d6:12:a1:15:63:1e:a1:30:f3:49:f1:8e:22:38:
                    b0:cb:bc:42:b8:55:3d:b2:d0:5d:02:e1:1b:62:a2:
                    e9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:4A:87:1F:63:53:C6:8C:4A:5D:74:86:6E:01:96:78:11:40:62:62
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:22:a7:28:42:4c:06:74:38:ba:1d:81:ec:8b:4f:2f:fb:d1:
         c3:4e:cd:0c:45:7c:68:16:aa:22:cd:c6:fa:d3:f2:95:92:ea:
         28:74:b5:91:fe:80:85:4d:ab:54:7c:a2:51:08:89:5d:6a:91:
         3b:1d:8c:48:ae:c4:53:03:43:a4:d5:9d:29:89:8d:33:46:09:
         d1:7b:27:60:17:9b:2e:8d:44:e4:03:f7:d9:32:f7:0d:44:86:
         c3:55:2f:7a:68:f2:88:9e:5e:04:3b:c2:f4:c7:0d:a7:e3:19:
         3a:b6:8e:c4:4c:66:c9:90:04:af:b0:4a:77:3d:ef:2f:f6:b9:
         97:c7:88:09:59:ea:05:dc:58:e2:db:e9:94:fb:ce:d6:7e:e0:
         98:1f:0b:9f:c8:76:09:cc:83:e3:d5:d6:d7:65:90:e7:13:96:
         89:6a:39:89:d3:f6:e9:26:70:22:ac:cf:35:41:85:76:bb:33:
         38:2a:f4:7e:bb:41:64:ed:d2:bb:4d:3a:37:90:d2:5c:28:48:
         73:71:5c:ce:f7:94:0a:ae:22:80:7f:d8:17:6e:19:c2:a2:53:
         7d:42:95:9c:d5:4d:b2:b2:18:50:c0:c9:c3:06:c9:0d:f5:cf:
         47:54:f4:db:3d:e5:1c:f9:3e:34:55:d2:b7:24:7e:bb:68:13:
         5e:eb:8e:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohC08dxMod938eNyMsjIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjYwMzI2MDUwMDQ0WhcNMjYwMzI3MDUwMDQ0WjAzMTEwLwYDVQQD
Eyg1YzRhODcxZjYzNTNjNjhjNGE1ZDc0ODY2ZTAxOTY3ODExNDA2MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRgKunGy/47HrTIKvyeOzPtHm5IC
Q5JhKhDDzupEYiTegLBA3ki8nv6fVElYMM+n1A4jT7VwC/phyGin1iQgU9/stiKk
Ci/6Yabm6DuaMbnlP5ZTzX8quvvoh4ffFC2hTb251zjKxJDUcrx7zawGHRf4MQ3L
STPjTkf7mhKGiY+0BRcAzlT2F/7fgh/00YCNcmjGpuNeD2SP339S8+lzTFLcBlfO
V6u9HvAkqJHusybNnnOnAJJY0z4YgsZ+U1bcUpj0P3iAyIJ4YjWoWZwyf43HW40D
p7CUDOOc6oLX48AO1hKhFWMeoTDzSfGOIjiwy7xCuFU9stBdAuEbYqLpvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxKhx9jU8aMSl10hm4BlngRQGJiMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCKnKEJM
BnQ4uh2B7ItPL/vRw07NDEV8aBaqIs3G+tPylZLqKHS1kf6AhU2rVHyiUQiJXWqR
Ox2MSK7EUwNDpNWdKYmNM0YJ0XsnYBebLo1E5AP32TL3DUSGw1UvemjyiJ5eBDvC
9McNp+MZOraOxExmyZAEr7BKdz3vL/a5l8eICVnqBdxY4tvplPvO1n7gmB8Ln8h2
CcyD49XW12WQ5xOWiWo5idP26SZwIqzPNUGFdrszOCr0frtBZO3Su006N5DSXChI
c3FczveUCq4igH/YF24ZwqJTfUKVnNVNsrIYUMDJwwbJDfXPR1T02z3lHPk+NFXS
tyR+u2gTXuuOrg==
-----END CERTIFICATE-----