Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          T9bmLfpm4wb0oMP72s+SgTEtjuFjaNvEOvXj3sMYUbM=
Subject key identifier:   30:57:F2:AE:2E:26:7E:C6:D9:34:1E:3C:EF:38:54:85:BF:72:1F:72
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       019CAA5931B9549A5C9A57AE3807F9B89E55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          14F3
Signing time:             Sun 01 Mar 2026 17:01:37 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:37 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:37 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: RqGva7Za8d1LcGhvtzRs48RnpSKB6weFxonLxVnVKRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:31:b9:54:9a:5c:9a:57:ae:38:07:f9:b8:9e:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Mar  1 17:01:37 2026 GMT
            Not After : Mar  2 17:01:37 2026 GMT
        Subject: CN=3057f2ae2e267ec6d9341e3cef385485bf721f72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e1:68:f3:29:7f:c2:31:6a:6b:49:8b:f6:42:
                    8f:f2:4b:fb:2e:0c:27:6f:b5:72:fa:8e:a7:89:8b:
                    8b:42:b8:e5:1f:a5:34:90:4e:b1:a3:4d:94:b4:f4:
                    3a:30:18:91:ed:14:4e:d5:6f:e8:c5:74:8a:2e:64:
                    55:e2:23:c9:e5:ad:92:54:04:7e:39:da:cb:22:50:
                    07:82:38:70:8e:d5:a7:dc:a8:0d:f7:a2:b3:38:71:
                    7b:92:e4:be:90:03:39:e6:a9:44:1b:12:70:96:31:
                    39:85:ef:3e:e4:d6:4e:23:ec:54:d3:3f:ae:01:2b:
                    25:51:96:8b:72:d9:3a:3e:02:a9:bc:3f:83:db:e5:
                    6a:b9:91:88:ec:bf:43:00:48:12:90:92:2c:20:b6:
                    6b:80:12:8d:58:1b:77:d1:bc:d5:8b:da:5b:95:c3:
                    b2:54:4c:c4:e3:21:59:5a:5c:cc:b2:e8:b4:e0:e1:
                    04:1b:f7:2a:b2:35:a2:92:cd:d9:bb:65:16:b4:bd:
                    fc:af:2b:59:a2:be:db:e7:46:69:6f:11:df:e8:64:
                    e4:06:2d:54:52:eb:9a:0d:1d:d5:a6:b3:90:d9:7e:
                    c2:ce:2d:af:bc:fc:db:d0:05:0f:c4:99:13:5f:cb:
                    3a:c9:cb:67:b2:39:eb:55:7a:a5:06:ba:55:12:54:
                    b5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:57:F2:AE:2E:26:7E:C6:D9:34:1E:3C:EF:38:54:85:BF:72:1F:72
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:f0:a5:03:c4:da:01:b2:bd:85:f6:57:51:e0:e2:c2:c3:e1:
         cb:c7:cc:e8:09:bb:93:55:41:24:cf:57:ac:d8:7f:42:eb:b2:
         76:ad:d7:9f:6f:ee:65:95:52:d7:e8:3c:c1:06:24:7e:5f:aa:
         cb:68:61:02:07:56:18:5d:b5:29:7c:c9:82:1a:6f:44:c5:02:
         4b:6d:50:15:39:64:1b:b3:97:df:6d:59:cd:1a:8b:ef:73:f3:
         8e:47:f0:03:22:68:22:38:85:03:1e:63:98:8b:e0:61:92:3a:
         28:3a:2f:7a:e1:9f:34:85:1b:4b:89:ad:1f:9e:97:5e:6c:04:
         54:ac:15:8b:eb:ba:3e:b8:0d:82:38:27:50:c4:3b:23:fa:71:
         94:e1:68:20:d1:ff:da:a4:c4:6b:d6:a3:ac:12:42:d7:5b:b8:
         f4:97:b2:db:7e:a4:42:16:61:63:98:82:eb:72:ca:28:a2:2c:
         db:18:f1:f0:8b:b6:7d:b7:23:29:7a:62:48:57:e0:06:64:3a:
         48:f5:2d:14:15:dc:35:f9:5c:37:bb:b2:cb:7e:6e:3d:86:72:
         19:e9:ab:cd:91:cb:74:af:e2:09:9a:b0:45:3b:2b:df:a8:e1:
         70:31:43:ad:48:f7:08:d8:ff:03:4d:37:53:42:e7:ab:57:13:
         fa:e2:72:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWTG5VJpcmleuOAf5uJ5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjYwMzAxMTcwMTM3WhcNMjYwMzAyMTcwMTM3WjAzMTEwLwYDVQQD
EygzMDU3ZjJhZTJlMjY3ZWM2ZDkzNDFlM2NlZjM4NTQ4NWJmNzIxZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+Fo8yl/wjFqa0mL9kKP8kv7Lgwn
b7Vy+o6niYuLQrjlH6U0kE6xo02UtPQ6MBiR7RRO1W/oxXSKLmRV4iPJ5a2SVAR+
OdrLIlAHgjhwjtWn3KgN96KzOHF7kuS+kAM55qlEGxJwljE5he8+5NZOI+xU0z+u
ASslUZaLctk6PgKpvD+D2+VquZGI7L9DAEgSkJIsILZrgBKNWBt30bzVi9pblcOy
VEzE4yFZWlzMsui04OEEG/cqsjWiks3Zu2UWtL38rytZor7b50ZpbxHf6GTkBi1U
UuuaDR3VprOQ2X7Czi2vvPzb0AUPxJkTX8s6yctnsjnrVXqlBrpVElS1pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBX8q4uJn7G2TQePO84VIW/ch9yMB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKfClA8Ta
AbK9hfZXUeDiwsPhy8fM6Am7k1VBJM9XrNh/Quuydq3Xn2/uZZVS1+g8wQYkfl+q
y2hhAgdWGF21KXzJghpvRMUCS21QFTlkG7OX321ZzRqL73PzjkfwAyJoIjiFAx5j
mIvgYZI6KDoveuGfNIUbS4mtH56XXmwEVKwVi+u6PrgNgjgnUMQ7I/pxlOFoINH/
2qTEa9ajrBJC11u49Jey236kQhZhY5iC63LKKKIs2xjx8Iu2fbcjKXpiSFfgBmQ6
SPUtFBXcNflcN7uyy35uPYZyGemrzZHLdK/iCZqwRTsr36jhcDFDrUj3CNj/A003
U0Lnq1cT+uJy7Q==
-----END CERTIFICATE-----