Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
File:                     ndVRnFTz4jtOEhKogIM58pXaSzQ.mft (raw, json)
Hash identifier:          87nNQo6kxrwEtLPurTOniezyRgHMSLFOPZSoTq1sFog=
Subject key identifier:   CD:14:16:B4:6E:DF:BC:B8:F7:79:D2:6C:86:94:09:3A:21:27:0E:C5
Authority key identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34
Certificate issuer:       /CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
Certificate serial:       019D25BADB7D4CB787B10074048744B50977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 16:01:36 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:36 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:36 +0000
Files and hashes:         1: ndVRnFTz4jtOEhKogIM58pXaSzQ.crl (hash: DjS1Hn/6lZV9MVoTW1CI1T7/m2cCjCCT9YfpEp5SwMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:db:7d:4c:b7:87:b1:00:74:04:87:44:b5:09:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
        Validity
            Not Before: Mar 25 16:01:36 2026 GMT
            Not After : Mar 26 16:01:36 2026 GMT
        Subject: CN=cd1416b46edfbcb8f779d26c8694093a21270ec5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:da:44:a7:ba:ec:47:d3:50:7c:bc:31:b9:eb:
                    8c:cf:c8:f1:1d:15:f2:82:42:0c:da:1d:44:c8:b3:
                    0d:49:62:70:21:de:43:14:86:96:e3:09:5b:31:d5:
                    b1:57:11:a9:60:30:1f:58:6c:09:87:0a:a2:bc:93:
                    0d:b3:47:5f:9b:5d:20:21:cb:47:44:13:ee:43:93:
                    df:14:96:1d:95:20:1f:c2:86:96:59:b1:22:ef:2d:
                    f6:dc:1f:8e:ef:cd:8e:aa:05:98:b3:a9:e4:9c:66:
                    8d:a7:58:c8:e6:61:8c:57:14:04:d9:8a:29:0f:5c:
                    ac:fa:8d:f7:05:a7:b7:23:dc:a1:64:92:ee:79:a2:
                    1c:4c:d9:1e:a1:b3:48:38:86:85:87:42:38:46:14:
                    23:f4:2a:72:d3:d6:7a:07:07:5a:cb:fa:fe:42:49:
                    09:44:00:dc:7c:f9:a3:ec:07:15:61:c5:0f:dd:d2:
                    4a:48:b1:46:5c:b5:24:50:d7:60:f1:1d:30:1b:9e:
                    e3:46:b9:08:85:63:a7:d4:2e:0f:41:06:48:d5:00:
                    1d:5f:98:06:c5:df:ad:ee:93:60:16:ed:f1:6e:79:
                    4e:da:18:36:af:e2:1e:e8:16:bc:ce:7b:66:97:e0:
                    a9:e4:7f:25:3c:a3:a0:34:d0:a0:8a:a1:e6:f9:33:
                    b2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:14:16:B4:6E:DF:BC:B8:F7:79:D2:6C:86:94:09:3A:21:27:0E:C5
            X509v3 Authority Key Identifier:
                keyid:9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:1b:35:78:d5:44:4a:50:9a:68:82:93:e2:25:af:d7:a6:a3:
         ce:af:2c:16:37:d2:76:63:2c:c7:57:fc:d6:9e:58:35:fb:05:
         59:57:51:95:7d:44:46:97:c1:24:24:f8:e2:46:d8:c5:ff:5a:
         15:87:6d:5e:b9:ba:df:86:75:c8:8e:77:86:dd:97:1d:9b:44:
         dd:ca:11:1c:b3:b9:79:b8:3b:d1:fd:f7:8c:f2:68:d6:f8:a0:
         8c:b2:f5:e9:d3:ba:ed:7c:45:4f:14:55:68:b6:ab:af:48:79:
         58:5e:65:05:aa:bb:68:77:23:fa:94:55:72:4f:d5:2b:50:43:
         b5:e9:e2:fc:ea:62:f3:eb:6f:9a:1a:13:fa:ed:02:b4:c1:d4:
         b6:32:27:f0:1b:9f:78:99:95:e8:c6:5a:f4:34:31:ae:f5:d6:
         a5:ab:86:78:88:d5:00:0c:76:67:be:64:3f:0e:d9:52:98:76:
         ad:78:19:e3:19:3f:65:82:d3:9c:fb:cc:3a:80:4f:54:9c:a8:
         97:4c:b5:25:66:21:66:e3:94:3e:c4:44:3d:14:14:0a:24:9c:
         60:e9:75:1b:68:90:f5:32:b3:49:d8:33:e0:76:22:61:61:bd:
         ce:73:cd:c9:c1:de:66:0c:3d:1b:dd:54:7a:77:d0:aa:dc:bd:
         88:e0:aa:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lutt9TLeHsQB0BIdEtQl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDU1MTljNTRmM2UyM2I0ZTEyMTJhODgwODMzOWYyOTVk
YTRiMzQwHhcNMjYwMzI1MTYwMTM2WhcNMjYwMzI2MTYwMTM2WjAzMTEwLwYDVQQD
EyhjZDE0MTZiNDZlZGZiY2I4Zjc3OWQyNmM4Njk0MDkzYTIxMjcwZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tpEp7rsR9NQfLwxueuMz8jxHRXy
gkIM2h1EyLMNSWJwId5DFIaW4wlbMdWxVxGpYDAfWGwJhwqivJMNs0dfm10gIctH
RBPuQ5PfFJYdlSAfwoaWWbEi7y323B+O782OqgWYs6nknGaNp1jI5mGMVxQE2Yop
D1ys+o33Bae3I9yhZJLueaIcTNkeobNIOIaFh0I4RhQj9Cpy09Z6Bwday/r+QkkJ
RADcfPmj7AcVYcUP3dJKSLFGXLUkUNdg8R0wG57jRrkIhWOn1C4PQQZI1QAdX5gG
xd+t7pNgFu3xbnlO2hg2r+Ie6Ba8zntml+Cp5H8lPKOgNNCgiqHm+TOyXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0UFrRu37y493nSbIaUCTohJw7FMB8GA1UdIwQY
MBaAFJ3VUZxU8+I7ThISqICDOfKV2ks0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYt
OGY4YTc3MTE3MTdmLzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYtOGY4YTc3MTE3MTdm
LzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABs1eNVE
SlCaaIKT4iWv16ajzq8sFjfSdmMsx1f81p5YNfsFWVdRlX1ERpfBJCT44kbYxf9a
FYdtXrm634Z1yI53ht2XHZtE3coRHLO5ebg70f33jPJo1vigjLL16dO67XxFTxRV
aLarr0h5WF5lBaq7aHcj+pRVck/VK1BDteni/Opi8+tvmhoT+u0CtMHUtjIn8Buf
eJmV6MZa9DQxrvXWpauGeIjVAAx2Z75kPw7ZUph2rXgZ4xk/ZYLTnPvMOoBPVJyo
l0y1JWYhZuOUPsREPRQUCiScYOl1G2iQ9TKzSdgz4HYiYWG9znPNycHeZgw9G91U
enfQqty9iOCqpg==
-----END CERTIFICATE-----