Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          y7k40+cfIf5gE75jotQsHwHbMQnm0IwuNR5ZatUD7j0=
Subject key identifier:   4F:36:E5:C7:E4:F0:85:54:13:64:76:AA:5B:A4:E9:FB:1F:F0:E7:BF
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019D329A74D23A59BB6F035FEEFD4EFF37A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          109A
Signing time:             Sat 28 Mar 2026 04:01:16 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:16 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:16 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: 2lVZa6DnRJQSmxL2dWNhMytwoMYBMnWRb6jaIbDOaO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:74:d2:3a:59:bb:6f:03:5f:ee:fd:4e:ff:37:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Mar 28 04:01:16 2026 GMT
            Not After : Mar 29 04:01:16 2026 GMT
        Subject: CN=4f36e5c7e4f08554136476aa5ba4e9fb1ff0e7bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:36:d3:18:a8:54:f8:62:04:4a:84:86:eb:81:
                    59:cd:1a:ff:83:dd:09:13:f7:37:46:e8:ab:95:6d:
                    9d:d3:a8:86:d3:d9:6d:06:74:22:50:0c:da:79:45:
                    4e:3c:95:e4:54:a3:1c:ba:57:af:a7:26:0c:42:74:
                    47:b9:fb:d3:c4:bb:60:93:a2:42:c9:18:a4:9b:5a:
                    ec:2a:fe:56:23:9f:a5:47:36:83:ab:fe:64:83:a7:
                    99:ce:f1:ec:24:a8:17:f8:1a:09:02:59:9f:2e:2f:
                    03:43:68:f8:49:ad:31:60:b7:3b:93:96:ae:00:13:
                    2b:d7:7e:1e:ea:d8:a9:18:34:05:b5:35:62:45:03:
                    a1:8a:8b:57:1e:06:df:c8:20:9c:3c:a8:a0:d5:73:
                    c4:9d:47:b8:e9:8b:f3:e2:c3:b3:d3:1d:ce:11:01:
                    cf:b2:80:a0:44:3e:8a:4a:af:f6:13:83:b8:53:82:
                    1a:a5:61:41:b4:90:94:63:9e:9e:cd:4e:e5:23:c9:
                    bc:a9:fa:71:e3:ac:1d:05:b5:b2:94:25:94:66:4c:
                    ef:99:d0:11:8e:eb:02:13:fb:b4:09:03:da:66:52:
                    49:94:97:eb:14:13:4a:2e:45:9e:0b:49:99:b5:c7:
                    dd:86:d2:15:5c:85:3e:d1:00:75:0b:0b:4c:6e:c5:
                    47:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:36:E5:C7:E4:F0:85:54:13:64:76:AA:5B:A4:E9:FB:1F:F0:E7:BF
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:0b:1e:4d:4b:05:69:dc:95:6d:8b:6b:b1:8b:27:e0:c8:68:
         23:2f:58:8f:b7:8b:d9:8b:98:b5:b2:f0:98:35:f3:06:97:6e:
         29:6e:7b:69:04:53:d3:ce:0e:12:91:68:2c:af:ec:3e:6e:2c:
         8a:73:60:8f:5a:d4:0a:7e:a0:aa:0b:16:b4:37:a7:e2:6d:5d:
         82:05:58:62:67:97:ca:51:f7:00:fb:f8:8f:29:2e:16:07:8f:
         f6:cb:5d:81:e7:54:1f:55:2b:fb:5e:6d:0f:7f:6f:27:4b:9a:
         fb:60:33:ca:d7:f2:d9:04:75:2d:01:2b:fa:6d:95:53:c5:48:
         09:77:82:c3:a4:15:26:c5:cb:db:87:65:d9:fb:3e:f5:78:bb:
         33:ce:01:70:04:23:a6:0c:05:5e:14:75:09:61:48:4d:04:da:
         ff:cc:e8:50:f2:ec:22:7d:9d:27:ce:76:91:13:33:f6:a8:1c:
         c4:fd:da:3b:9f:47:4e:34:49:f9:03:75:23:1c:17:4c:ea:a8:
         11:b6:08:1d:1a:bf:fb:7e:a6:50:16:25:47:e0:ff:23:95:04:
         5a:8d:97:74:6d:cf:45:83:d3:50:f6:e6:b7:a0:df:b9:30:ef:
         7e:29:76:c0:e7:03:75:f2:ae:d9:a6:24:fc:9d:d4:d5:77:88:
         fc:9b:5a:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymnTSOlm7bwNf7v1O/zejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjYwMzI4MDQwMTE2WhcNMjYwMzI5MDQwMTE2WjAzMTEwLwYDVQQD
Eyg0ZjM2ZTVjN2U0ZjA4NTU0MTM2NDc2YWE1YmE0ZTlmYjFmZjBlN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DbTGKhU+GIESoSG64FZzRr/g90J
E/c3RuirlW2d06iG09ltBnQiUAzaeUVOPJXkVKMculevpyYMQnRHufvTxLtgk6JC
yRikm1rsKv5WI5+lRzaDq/5kg6eZzvHsJKgX+BoJAlmfLi8DQ2j4Sa0xYLc7k5au
ABMr134e6tipGDQFtTViRQOhiotXHgbfyCCcPKig1XPEnUe46Yvz4sOz0x3OEQHP
soCgRD6KSq/2E4O4U4IapWFBtJCUY56ezU7lI8m8qfpx46wdBbWylCWUZkzvmdAR
jusCE/u0CQPaZlJJlJfrFBNKLkWeC0mZtcfdhtIVXIU+0QB1CwtMbsVHBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE825cfk8IVUE2R2qluk6fsf8Oe/MB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnwseTUsF
adyVbYtrsYsn4MhoIy9Yj7eL2YuYtbLwmDXzBpduKW57aQRT084OEpFoLK/sPm4s
inNgj1rUCn6gqgsWtDen4m1dggVYYmeXylH3APv4jykuFgeP9stdgedUH1Ur+15t
D39vJ0ua+2Azytfy2QR1LQEr+m2VU8VICXeCw6QVJsXL24dl2fs+9Xi7M84BcAQj
pgwFXhR1CWFITQTa/8zoUPLsIn2dJ852kRMz9qgcxP3aO59HTjRJ+QN1IxwXTOqo
EbYIHRq/+36mUBYlR+D/I5UEWo2XdG3PRYPTUPbmt6DfuTDvfil2wOcDdfKu2aYk
/J3U1XeI/JtaVg==
-----END CERTIFICATE-----