Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          M7AabvNUrLXTARPw+Qr8WtpmiXMHrxg/BSQUcipZTZ8=
Subject key identifier:   90:81:22:C3:02:04:63:58:06:EC:27:5C:60:3A:B2:42:87:68:B4:D5
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019D28F220D1E1A79E91FD5DB481E92810AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          1882
Signing time:             Thu 26 Mar 2026 07:00:49 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:49 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:49 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: ig2xMcZteXQ9rCBkjjEKFghqnlXwqmnr0aRhWV0DLSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:20:d1:e1:a7:9e:91:fd:5d:b4:81:e9:28:10:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Mar 26 07:00:49 2026 GMT
            Not After : Mar 27 07:00:49 2026 GMT
        Subject: CN=908122c30204635806ec275c603ab2428768b4d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:df:56:82:65:66:95:aa:eb:45:92:ac:eb:ce:
                    d5:20:84:4c:d2:74:64:e9:9e:4e:4a:4a:bf:58:5c:
                    cb:27:2a:25:be:0e:76:53:44:39:3e:8b:cf:1a:e9:
                    f3:82:f6:29:64:c4:57:90:92:92:89:50:f3:b1:f8:
                    3c:ac:de:f2:86:06:34:8b:94:12:d0:1f:7f:76:a7:
                    86:15:8c:df:a5:02:bd:de:84:00:ce:63:c4:50:79:
                    21:22:bf:d7:4a:f0:ff:65:e5:d6:85:7e:a9:d6:50:
                    8e:bf:da:cb:4c:94:d6:09:f1:54:25:f4:44:33:7a:
                    d2:ec:7d:3d:cf:0c:26:0b:37:86:bf:4e:d4:43:23:
                    b9:41:d6:77:75:ea:62:98:93:ec:04:d9:5f:ca:d5:
                    bd:17:e0:95:95:c6:6f:55:0d:98:27:54:b7:2b:ee:
                    72:ed:1c:47:96:9d:ff:7b:c4:38:97:cb:da:c7:18:
                    b0:1b:56:83:d2:79:43:99:96:01:f0:a0:b0:06:11:
                    ca:7c:c4:e3:ec:01:a9:45:0c:76:c1:45:c9:54:f0:
                    05:c8:b7:47:16:4b:02:7a:90:b2:aa:01:8c:51:e8:
                    38:53:96:e1:53:44:7a:8a:d7:5d:63:b7:d2:83:3d:
                    28:e5:c4:ce:64:55:3c:df:ea:70:eb:40:74:70:d7:
                    32:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:81:22:C3:02:04:63:58:06:EC:27:5C:60:3A:B2:42:87:68:B4:D5
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:6f:4b:59:a0:ee:63:bb:01:d5:dc:9e:a4:da:50:c1:95:27:
         d2:5f:4e:b0:55:3a:48:e9:54:6b:52:8a:14:5a:d7:e3:97:8a:
         44:21:b9:62:e7:5d:a0:19:5e:4e:d9:34:a9:6b:ff:b0:46:2e:
         2e:fa:56:3c:85:ce:f6:6d:08:d5:f3:25:f4:a1:54:95:e5:39:
         4e:2b:a8:5e:af:30:29:5c:20:6c:4c:6b:7e:fa:62:d2:49:bb:
         eb:c4:a3:5c:80:d9:1d:c6:2b:7b:d6:e8:11:19:74:d9:0a:51:
         e7:9a:e3:2a:f9:c6:54:23:c6:c9:17:61:dd:6c:f9:12:ec:09:
         4e:84:7a:1f:a2:75:e9:e0:c2:b8:95:ad:63:e1:f1:50:23:a7:
         2f:34:c6:3c:34:47:86:cd:2e:64:89:2c:31:3a:db:5e:35:f8:
         f7:43:37:6f:be:a2:2f:4e:ea:55:26:4e:65:c5:63:e9:37:a0:
         23:fd:d1:09:c7:bf:da:64:86:e1:bc:4f:78:16:e2:b4:28:bd:
         3f:18:d4:d4:6d:38:4e:20:27:c9:c0:5e:2a:5b:7b:1e:1a:34:
         4d:ec:f3:0f:28:44:0b:da:3a:0a:f7:ac:c2:84:c0:5f:23:53:
         f4:ab:b2:5b:7d:b3:2f:78:35:fe:c8:62:a0:7b:a5:a3:6b:96:
         83:59:5f:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8iDR4aeekf1dtIHpKBCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjYwMzI2MDcwMDQ5WhcNMjYwMzI3MDcwMDQ5WjAzMTEwLwYDVQQD
Eyg5MDgxMjJjMzAyMDQ2MzU4MDZlYzI3NWM2MDNhYjI0Mjg3NjhiNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA199WgmVmlarrRZKs687VIIRM0nRk
6Z5OSkq/WFzLJyolvg52U0Q5PovPGunzgvYpZMRXkJKSiVDzsfg8rN7yhgY0i5QS
0B9/dqeGFYzfpQK93oQAzmPEUHkhIr/XSvD/ZeXWhX6p1lCOv9rLTJTWCfFUJfRE
M3rS7H09zwwmCzeGv07UQyO5QdZ3depimJPsBNlfytW9F+CVlcZvVQ2YJ1S3K+5y
7RxHlp3/e8Q4l8vaxxiwG1aD0nlDmZYB8KCwBhHKfMTj7AGpRQx2wUXJVPAFyLdH
FksCepCyqgGMUeg4U5bhU0R6itddY7fSgz0o5cTOZFU83+pw60B0cNcykQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCBIsMCBGNYBuwnXGA6skKHaLTVMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeW9LWaDu
Y7sB1dyepNpQwZUn0l9OsFU6SOlUa1KKFFrX45eKRCG5YuddoBleTtk0qWv/sEYu
LvpWPIXO9m0I1fMl9KFUleU5TiuoXq8wKVwgbExrfvpi0km768SjXIDZHcYre9bo
ERl02QpR55rjKvnGVCPGyRdh3Wz5EuwJToR6H6J16eDCuJWtY+HxUCOnLzTGPDRH
hs0uZIksMTrbXjX490M3b76iL07qVSZOZcVj6TegI/3RCce/2mSG4bxPeBbitCi9
PxjU1G04TiAnycBeKlt7Hho0TezzDyhEC9o6CveswoTAXyNT9KuyW32zL3g1/shi
oHulo2uWg1lfHQ==
-----END CERTIFICATE-----