Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
File:                     NWlXUM1GUx3eil-yZyzcgw09DG4.mft (raw, json)
Hash identifier:          Jt619JocwiBRNle/oJg+JTQ4f9jgooEeKMYtm3Y6Xnc=
Subject key identifier:   EB:F4:F1:EA:05:81:E6:45:80:9E:74:13:19:EF:B1:44:17:1B:69:20
Authority key identifier: 35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E
Certificate issuer:       /CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
Certificate serial:       019CAE6BEAC5C5E694294511F9FE39E7F66C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
Manifest number:          0664
Signing time:             Mon 02 Mar 2026 12:00:33 +0000
Manifest this update:     Mon 02 Mar 2026 12:00:33 +0000
Manifest next update:     Tue 03 Mar 2026 12:00:33 +0000
Files and hashes:         1: NWlXUM1GUx3eil-yZyzcgw09DG4.crl (hash: M003j8M1Z2jUDUw4L1w5kurk/mi20lxethgz92WWstk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:6b:ea:c5:c5:e6:94:29:45:11:f9:fe:39:e7:f6:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
        Validity
            Not Before: Mar  2 12:00:33 2026 GMT
            Not After : Mar  3 12:00:33 2026 GMT
        Subject: CN=ebf4f1ea0581e645809e741319efb144171b6920
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e3:18:4f:35:8e:a6:7b:d5:3c:23:c6:ea:bb:
                    79:4d:42:e9:7c:55:53:c1:fb:02:45:8f:21:1a:ee:
                    4a:08:4b:66:a0:b8:49:8f:d6:d4:af:36:6a:d4:41:
                    1a:3c:da:31:be:49:80:df:2b:9c:f6:0c:2b:8f:3d:
                    6a:87:ed:18:49:4c:78:a4:ea:de:e9:46:c0:b8:0e:
                    f2:9d:dc:dd:5a:67:8d:1e:fc:ce:e6:c5:3c:38:63:
                    b7:a4:db:1e:0f:bb:3b:30:42:e8:5f:70:ab:b2:69:
                    d3:25:b9:97:d4:0b:de:96:b0:b4:a8:10:69:de:c5:
                    c9:4b:cf:91:27:80:00:33:9c:9b:e6:c8:48:97:d1:
                    d4:62:ba:2d:a5:d8:5d:b3:63:2e:ab:c8:a4:41:52:
                    c5:34:6c:2b:1b:a1:66:03:c5:d7:f9:da:cf:0e:c7:
                    80:9a:83:b4:e5:68:46:04:7e:ba:a7:a6:dd:67:76:
                    7c:45:5b:6c:55:1c:7c:6d:03:46:d2:49:0a:62:0f:
                    d9:a0:b2:57:ab:10:06:33:3f:25:2f:3c:ad:4e:82:
                    7d:26:3f:f3:24:f3:14:0c:13:82:35:b0:43:56:b2:
                    72:17:98:63:cf:59:1c:f0:19:6b:ae:5e:49:1c:da:
                    bc:b5:f9:4a:e2:92:2a:9c:3f:88:68:69:c9:08:c8:
                    d9:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:F4:F1:EA:05:81:E6:45:80:9E:74:13:19:EF:B1:44:17:1B:69:20
            X509v3 Authority Key Identifier:
                keyid:35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:c9:28:cc:f6:4a:a2:39:57:8f:6f:33:da:5f:15:f3:92:e9:
         1f:a5:91:fc:d2:fe:05:0e:e1:92:49:9a:32:31:7d:c1:d3:e9:
         68:53:33:7f:cf:09:b0:bc:57:97:33:18:a4:1a:d7:b7:77:4a:
         c2:d2:83:66:f1:2d:3a:4f:96:d7:bd:0e:40:42:ed:c6:a9:4d:
         26:1c:a1:47:13:ca:df:b8:a9:92:f1:0e:f7:06:eb:50:e4:09:
         e0:2a:78:b4:0e:bc:3d:39:0d:10:13:9d:14:02:2d:13:96:5c:
         5b:10:eb:1f:be:ae:90:f8:9d:27:59:a4:06:b1:c0:18:c1:09:
         6b:d4:e2:ad:87:d7:12:4b:46:99:d1:61:9e:8d:04:55:a0:c0:
         2c:11:fa:95:26:82:fa:b9:c9:a7:c2:4a:7a:bc:4a:3b:78:c1:
         87:65:01:77:d1:eb:e2:b9:ac:34:8e:4f:8e:e0:24:d1:3e:82:
         88:07:d6:7a:3e:e2:7d:3f:f2:f1:3a:bc:60:31:ef:ad:3d:b3:
         77:7d:0c:0a:13:d5:83:1a:4f:a3:cc:71:59:71:f0:52:70:37:
         e2:16:4a:7f:99:b7:49:c0:07:ba:12:e6:4d:d9:52:48:ce:f3:
         bf:c0:48:f8:9e:ca:35:2e:ec:0c:b6:7f:3d:4c:7c:80:41:49:
         0c:b8:0f:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyua+rFxeaUKUUR+f455/ZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Njk1NzUwY2Q0NjUzMWRkZThhNWZiMjY3MmNkYzgzMGQz
ZDBjNmUwHhcNMjYwMzAyMTIwMDMzWhcNMjYwMzAzMTIwMDMzWjAzMTEwLwYDVQQD
EyhlYmY0ZjFlYTA1ODFlNjQ1ODA5ZTc0MTMxOWVmYjE0NDE3MWI2OTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquMYTzWOpnvVPCPG6rt5TULpfFVT
wfsCRY8hGu5KCEtmoLhJj9bUrzZq1EEaPNoxvkmA3yuc9gwrjz1qh+0YSUx4pOre
6UbAuA7yndzdWmeNHvzO5sU8OGO3pNseD7s7MELoX3CrsmnTJbmX1AvelrC0qBBp
3sXJS8+RJ4AAM5yb5shIl9HUYrotpdhds2Muq8ikQVLFNGwrG6FmA8XX+drPDseA
moO05WhGBH66p6bdZ3Z8RVtsVRx8bQNG0kkKYg/ZoLJXqxAGMz8lLzytToJ9Jj/z
JPMUDBOCNbBDVrJyF5hjz1kc8Blrrl5JHNq8tflK4pIqnD+IaGnJCMjZGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOv08eoFgeZFgJ50ExnvsUQXG2kgMB8GA1UdIwQY
MBaAFDVpV1DNRlMd3opfsmcs3IMNPQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDct
NzdiZmEzN2ZhMDcxLzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDctNzdiZmEzN2ZhMDcx
LzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAackozPZK
ojlXj28z2l8V85LpH6WR/NL+BQ7hkkmaMjF9wdPpaFMzf88JsLxXlzMYpBrXt3dK
wtKDZvEtOk+W170OQELtxqlNJhyhRxPK37ipkvEO9wbrUOQJ4Cp4tA68PTkNEBOd
FAItE5ZcWxDrH76ukPidJ1mkBrHAGMEJa9TirYfXEktGmdFhno0EVaDALBH6lSaC
+rnJp8JKerxKO3jBh2UBd9Hr4rmsNI5PjuAk0T6CiAfWej7ifT/y8Tq8YDHvrT2z
d30MChPVgxpPo8xxWXHwUnA34hZKf5m3ScAHuhLmTdlSSM7zv8BI+J7KNS7sDLZ/
PUx8gEFJDLgPVA==
-----END CERTIFICATE-----