Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
File:                     nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft (raw, json)
Hash identifier:          irjCcohFnKYOcerK4wn5rJUSM2mSox91XxqejnOD4/s=
Subject key identifier:   6B:76:3C:79:3D:49:9C:BE:71:B3:CF:A9:D7:EB:69:73:45:DF:41:69
Authority key identifier: 9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A
Certificate issuer:       /CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a
Certificate serial:       019D28F2AB99C751456EABA5ABD0122F6948
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
Manifest number:          0358
Signing time:             Thu 26 Mar 2026 07:01:25 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:25 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:25 +0000
Files and hashes:         1: nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl (hash: PI9efrYbWRX4mygSNuAHRUYoEFUjpOrEyXEjoZ/1SPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:ab:99:c7:51:45:6e:ab:a5:ab:d0:12:2f:69:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a
        Validity
            Not Before: Mar 26 07:01:25 2026 GMT
            Not After : Mar 27 07:01:25 2026 GMT
        Subject: CN=6b763c793d499cbe71b3cfa9d7eb697345df4169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:4b:ed:dc:ac:66:45:52:dd:75:bf:98:e4:c5:
                    77:3e:d1:9e:c9:ce:75:19:09:97:1d:ac:dd:16:75:
                    b6:bf:c6:a2:c9:af:55:bf:a5:3b:d2:88:f1:ac:6b:
                    d3:c0:d4:3c:c4:66:03:50:d9:9e:64:e9:79:b2:77:
                    73:69:31:5e:e9:a6:d5:38:cc:82:51:70:ec:f3:b0:
                    e8:34:fd:cc:36:28:c0:95:16:69:7a:21:3a:d7:fb:
                    a6:9d:2d:4d:da:47:0d:af:4a:33:c6:43:f3:6f:fe:
                    3b:fc:42:ab:d7:7f:dc:35:44:c2:d9:30:1f:04:41:
                    11:0f:b2:25:fa:8a:68:6c:2b:ca:c0:17:69:06:b8:
                    30:2f:40:f7:a1:20:83:c8:b9:bc:72:39:9f:96:dc:
                    fb:ab:b7:cc:2c:40:16:24:80:11:b6:b3:e9:55:7a:
                    2a:b7:f3:46:14:87:88:29:d0:e3:51:df:26:e8:27:
                    e8:8d:21:ac:99:16:ef:ad:aa:4e:39:7d:d4:75:7c:
                    6a:ae:fe:65:b2:9c:f4:59:f0:d0:38:89:54:d3:19:
                    36:ad:6e:b0:50:26:51:22:8f:f5:9d:55:fa:db:fe:
                    9f:e6:28:04:02:13:87:e6:59:95:75:ed:0b:69:2b:
                    ad:8b:a2:7c:fa:44:ae:fb:99:8a:6c:d3:15:d5:28:
                    ee:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:76:3C:79:3D:49:9C:BE:71:B3:CF:A9:D7:EB:69:73:45:DF:41:69
            X509v3 Authority Key Identifier:
                keyid:9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:e1:e1:23:c5:b7:c3:46:d1:8e:b2:19:4b:4b:76:8f:74:86:
         57:f6:17:fc:60:68:92:0c:77:48:b1:36:f3:8c:da:c2:1e:b5:
         3f:2d:3b:44:1a:ba:96:e8:5c:50:d9:5f:67:9e:97:49:ba:79:
         55:7e:d0:fc:da:39:65:af:b2:af:00:c6:13:54:48:33:93:8a:
         4f:e4:9b:5e:29:8f:80:be:df:b4:33:c1:35:f1:33:d8:cb:90:
         e3:9e:50:65:46:9a:f1:1d:81:b8:d6:3c:64:bc:1f:90:d9:e0:
         69:73:bf:1e:5b:f6:09:1b:42:77:68:40:7e:2c:54:13:17:cf:
         79:68:b3:e3:4b:e3:74:ae:bc:eb:29:16:a8:3c:d7:32:f7:fc:
         02:df:fc:c6:d1:f0:61:69:78:b9:75:d3:ef:ee:49:c9:9a:00:
         54:7f:83:be:c6:a9:af:a9:b9:d9:54:d5:6e:9f:ea:5b:42:f9:
         45:60:5d:0d:fe:50:aa:64:6a:09:02:57:83:48:a1:ee:f3:6a:
         ac:bb:21:0c:6d:b8:c3:f4:13:30:73:54:83:a7:63:25:c2:75:
         46:b3:b7:b7:11:ac:a2:31:58:30:04:3d:d0:1a:3a:59:51:65:
         a9:48:59:73:16:54:43:85:b8:30:88:c2:46:d8:4e:18:ff:97:
         e1:c6:f6:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8quZx1FFbqulq9ASL2lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNzY1MGU0NTNiOThmNmY0ZGQzMzM2MzNhZmZhYmJhMmMw
YzhmOGEwHhcNMjYwMzI2MDcwMTI1WhcNMjYwMzI3MDcwMTI1WjAzMTEwLwYDVQQD
Eyg2Yjc2M2M3OTNkNDk5Y2JlNzFiM2NmYTlkN2ViNjk3MzQ1ZGY0MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kvt3KxmRVLddb+Y5MV3PtGeyc51
GQmXHazdFnW2v8aiya9Vv6U70ojxrGvTwNQ8xGYDUNmeZOl5sndzaTFe6abVOMyC
UXDs87DoNP3MNijAlRZpeiE61/umnS1N2kcNr0ozxkPzb/47/EKr13/cNUTC2TAf
BEERD7Il+opobCvKwBdpBrgwL0D3oSCDyLm8cjmfltz7q7fMLEAWJIARtrPpVXoq
t/NGFIeIKdDjUd8m6CfojSGsmRbvrapOOX3UdXxqrv5lspz0WfDQOIlU0xk2rW6w
UCZRIo/1nVX62/6f5igEAhOH5lmVde0LaSuti6J8+kSu+5mKbNMV1SjunQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGt2PHk9SZy+cbPPqdfraXNF30FpMB8GA1UdIwQY
MBaAFJ12UORTuY9vTdMzYzr/q7osDI+KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2It
ZDI0MWY5ZWM1MDQxLzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2ItZDI0MWY5ZWM1MDQx
LzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+HhI8W3
w0bRjrIZS0t2j3SGV/YX/GBokgx3SLE284zawh61Py07RBq6luhcUNlfZ56XSbp5
VX7Q/No5Za+yrwDGE1RIM5OKT+SbXimPgL7ftDPBNfEz2MuQ455QZUaa8R2BuNY8
ZLwfkNngaXO/Hlv2CRtCd2hAfixUExfPeWiz40vjdK686ykWqDzXMvf8At/8xtHw
YWl4uXXT7+5JyZoAVH+Dvsapr6m52VTVbp/qW0L5RWBdDf5QqmRqCQJXg0ih7vNq
rLshDG24w/QTMHNUg6djJcJ1RrO3txGsojFYMAQ90Bo6WVFlqUhZcxZUQ4W4MIjC
RthOGP+X4cb2rg==
-----END CERTIFICATE-----