Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
File:                     Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft (raw, json)
Hash identifier:          iXI92D9AptZevamBKhx5KD23NGoRLEi+SoHJEdpvSP0=
Subject key identifier:   84:F0:68:7F:D5:7B:0A:04:81:A8:5C:C3:F2:84:A3:63:34:B5:F8:96
Authority key identifier: 36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29
Certificate issuer:       /CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
Certificate serial:       019D2704E151F3EF7444D7DEA732BE7B465B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
Manifest number:          0F19
Signing time:             Wed 25 Mar 2026 22:02:04 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:04 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:04 +0000
Files and hashes:         1: Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl (hash: aJUo8FEwrd4C6StwEVFtrIix81HIfvQpgC66tY3NpWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:e1:51:f3:ef:74:44:d7:de:a7:32:be:7b:46:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
        Validity
            Not Before: Mar 25 22:02:04 2026 GMT
            Not After : Mar 26 22:02:04 2026 GMT
        Subject: CN=84f0687fd57b0a0481a85cc3f284a36334b5f896
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:14:89:20:03:32:fa:77:2c:8f:f2:16:a9:d6:
                    82:f7:56:77:ae:42:a8:24:db:98:1a:ed:f6:d5:90:
                    96:31:2d:01:c3:de:35:2f:d6:ac:08:4c:58:36:fe:
                    2d:72:e0:db:f0:bf:45:a6:53:2a:8f:0e:77:77:fa:
                    c5:db:6b:42:5d:b2:1e:06:06:a9:f2:35:0e:83:9f:
                    e1:f4:6c:5e:6c:4b:60:3e:92:76:c3:35:1b:92:aa:
                    02:4b:b3:90:a3:51:72:79:20:61:0c:85:9e:b8:fa:
                    c0:19:9f:d6:4e:26:aa:ac:b2:94:d8:f7:93:42:69:
                    61:5a:39:89:95:8f:cf:b1:3d:67:fc:58:7e:05:be:
                    2f:2b:b2:1e:4a:78:23:5f:a3:54:0c:7f:96:9c:2a:
                    c0:c8:57:ac:e1:a8:14:89:9f:96:3b:44:d9:66:6d:
                    4e:47:bf:2c:23:30:d7:62:bb:0b:a2:8b:8f:84:75:
                    38:99:b4:12:eb:6a:9c:48:60:38:25:a9:1b:52:4e:
                    6a:dc:b2:9b:f9:6d:13:a7:54:4f:24:24:08:a8:70:
                    b6:61:19:c7:87:75:2f:cc:b7:b8:63:d5:55:62:7e:
                    76:49:38:55:97:67:55:7e:af:00:1d:45:35:b3:86:
                    cb:4c:0d:93:ec:c8:89:c8:0d:c1:6a:61:36:3b:b8:
                    3e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F0:68:7F:D5:7B:0A:04:81:A8:5C:C3:F2:84:A3:63:34:B5:F8:96
            X509v3 Authority Key Identifier:
                keyid:36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:2d:11:7e:35:15:6f:60:e1:47:83:e0:cf:d2:eb:c3:b1:d4:
         b2:f5:a2:d3:3f:f7:60:96:8b:a3:53:bd:10:04:95:28:2b:3e:
         6e:e9:b8:cb:6f:bb:2a:de:bd:0d:60:83:75:34:e8:84:73:a3:
         ff:a8:e8:d6:d9:d0:36:ec:8e:9c:22:cf:18:af:5b:3a:fd:a9:
         31:a0:d2:73:a8:f4:5a:4b:96:16:a6:71:b6:23:c2:5d:27:97:
         3f:5c:94:3b:bd:e9:1c:a2:9a:73:21:00:d5:28:2e:42:89:cc:
         8c:b6:0c:73:b1:b2:df:2b:03:b3:66:3e:0c:bb:e2:d7:75:77:
         c4:89:64:7b:30:28:72:9a:6c:26:7e:33:b7:ff:82:b3:c3:27:
         6e:47:e9:8d:dd:e4:19:bd:50:59:b9:41:93:a3:c6:36:ef:6a:
         14:34:96:bd:f8:e9:5d:8b:b8:ab:04:c4:a0:81:b1:cb:6c:f6:
         18:fd:6e:93:5f:49:85:fb:1b:a2:d9:63:32:d4:2c:ba:7e:ca:
         c3:58:72:9a:58:d1:87:d9:47:80:bc:bb:93:5e:31:37:db:ba:
         79:e4:22:2a:6b:0a:39:9d:0b:32:ee:dd:ba:15:35:ab:cc:1b:
         a0:93:08:3b:e8:db:92:3c:b1:02:01:33:93:c1:ed:cf:b9:7a:
         81:c0:0c:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBOFR8+90RNfepzK+e0ZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmRmNjhjZWNhMzc2OWU5MWIwZTc2NDhkMWY5NTU4ZWQ0
YzdjMjkwHhcNMjYwMzI1MjIwMjA0WhcNMjYwMzI2MjIwMjA0WjAzMTEwLwYDVQQD
Eyg4NGYwNjg3ZmQ1N2IwYTA0ODFhODVjYzNmMjg0YTM2MzM0YjVmODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBSJIAMy+ncsj/IWqdaC91Z3rkKo
JNuYGu321ZCWMS0Bw941L9asCExYNv4tcuDb8L9FplMqjw53d/rF22tCXbIeBgap
8jUOg5/h9GxebEtgPpJ2wzUbkqoCS7OQo1FyeSBhDIWeuPrAGZ/WTiaqrLKU2PeT
QmlhWjmJlY/PsT1n/Fh+Bb4vK7IeSngjX6NUDH+WnCrAyFes4agUiZ+WO0TZZm1O
R78sIzDXYrsLoouPhHU4mbQS62qcSGA4JakbUk5q3LKb+W0Tp1RPJCQIqHC2YRnH
h3UvzLe4Y9VVYn52SThVl2dVfq8AHUU1s4bLTA2T7MiJyA3BamE2O7g+yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITwaH/VewoEgahcw/KEo2M0tfiWMB8GA1UdIwQY
MBaAFDb99ozso3aekbDnZI0flVjtTHwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYt
MzUyMzgwNDBlOGY5LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYtMzUyMzgwNDBlOGY5
LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfi0RfjUV
b2DhR4Pgz9Lrw7HUsvWi0z/3YJaLo1O9EASVKCs+bum4y2+7Kt69DWCDdTTohHOj
/6jo1tnQNuyOnCLPGK9bOv2pMaDSc6j0WkuWFqZxtiPCXSeXP1yUO73pHKKacyEA
1SguQonMjLYMc7Gy3ysDs2Y+DLvi13V3xIlkezAocppsJn4zt/+Cs8Mnbkfpjd3k
Gb1QWblBk6PGNu9qFDSWvfjpXYu4qwTEoIGxy2z2GP1uk19JhfsbotljMtQsun7K
w1hymljRh9lHgLy7k14xN9u6eeQiKmsKOZ0LMu7duhU1q8wboJMIO+jbkjyxAgEz
k8Htz7l6gcAMXw==
-----END CERTIFICATE-----