Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          vv0KcEToy5Bs7cbH5wFh7Fiud26oM7S2w9pQ++ZfD0k=
Subject key identifier:   C7:59:6E:30:02:D5:3F:D6:20:14:24:36:90:07:CF:D3:3A:05:F7:A6
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019CABD9FBD679835917C63A9313AC9DBD40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0CA8
Signing time:             Mon 02 Mar 2026 00:01:55 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:55 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:55 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: oFif6f8kCK0LDWG3Jx0v66dFzgcrl+rpoGPwThaUhcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:fb:d6:79:83:59:17:c6:3a:93:13:ac:9d:bd:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Mar  2 00:01:55 2026 GMT
            Not After : Mar  3 00:01:55 2026 GMT
        Subject: CN=c7596e3002d53fd6201424369007cfd33a05f7a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d5:01:20:0f:3b:ad:c0:eb:ed:82:d1:90:ca:
                    1a:e4:d8:cd:44:eb:70:bd:d3:d1:e3:65:62:12:eb:
                    5b:9c:99:28:42:f9:a1:01:f9:3c:ad:d9:7b:b4:48:
                    1b:33:cd:f0:ee:1f:87:6e:4c:37:21:0e:70:32:ee:
                    70:b8:cf:69:9f:0d:ca:5a:87:0c:43:c9:7f:a6:36:
                    57:c7:cc:09:f9:f3:2b:75:06:b5:95:87:c4:78:e2:
                    fb:4d:74:91:9e:24:15:96:9d:8a:1f:8e:af:c0:dd:
                    a4:31:4a:e1:65:5e:ab:cb:2f:06:13:7f:b2:8f:61:
                    5b:82:a7:f0:63:50:a3:24:11:5c:0f:96:62:73:38:
                    7d:26:da:37:b3:34:8a:1f:80:00:21:3b:af:5a:23:
                    57:65:37:d5:51:e0:84:58:5c:46:e8:a0:2a:95:81:
                    cf:b9:85:80:51:99:5c:00:0b:bb:70:60:dd:19:08:
                    19:99:74:f9:85:e3:a9:02:d6:0f:f7:c6:03:2d:ce:
                    ff:aa:7a:ba:b6:77:01:f1:54:1c:2c:f2:e8:d2:a1:
                    31:f6:d5:88:9e:73:59:26:7f:6c:55:91:ec:06:6b:
                    c7:8f:eb:c0:01:cd:a5:1b:3c:2c:b9:70:d5:b4:cc:
                    2f:a3:11:c8:94:60:bb:b4:1a:26:ba:54:f8:99:23:
                    ac:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:59:6E:30:02:D5:3F:D6:20:14:24:36:90:07:CF:D3:3A:05:F7:A6
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:6f:e7:9c:7f:ea:51:af:24:7a:1c:f7:8a:61:dd:c5:c0:7f:
         c3:7d:41:cb:6f:c8:17:66:9b:0c:df:dd:cb:76:87:66:0f:2b:
         6f:a7:6c:46:9b:a6:86:ff:e2:dc:ce:4b:9f:b0:66:bf:ec:8a:
         db:57:59:87:7c:49:5b:a8:7e:18:ab:55:a4:f1:db:24:15:ce:
         e4:9f:9d:cd:fa:84:5c:76:68:c1:d8:8a:6b:34:7f:bf:99:13:
         65:08:ef:c3:f8:e0:c1:74:20:6f:2e:8f:a8:e2:87:a9:28:0c:
         f4:32:6c:1a:8f:69:3a:df:33:e0:da:43:ad:50:dc:c0:c5:00:
         aa:15:d7:cc:74:6b:13:85:35:5b:0b:86:c7:37:30:3a:43:b6:
         13:ac:79:f3:58:71:8a:6c:88:ae:0a:b2:1c:da:28:71:71:59:
         a8:b9:71:e7:dc:f6:7d:84:ca:9e:62:66:7c:7e:38:a4:1f:12:
         96:49:3e:6e:f8:77:d7:19:66:2a:b8:38:c6:93:63:a5:73:e8:
         6c:e2:b2:bf:53:97:5e:f0:81:3c:8b:1b:fe:fd:af:09:4d:cb:
         89:a5:68:1c:3b:67:14:4c:71:07:e0:30:ba:84:4c:20:7e:b1:
         39:bf:46:20:3f:a6:ba:ed:9c:01:81:4a:03:90:a0:22:43:2d:
         a2:e0:22:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2fvWeYNZF8Y6kxOsnb1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjYwMzAyMDAwMTU1WhcNMjYwMzAzMDAwMTU1WjAzMTEwLwYDVQQD
EyhjNzU5NmUzMDAyZDUzZmQ2MjAxNDI0MzY5MDA3Y2ZkMzNhMDVmN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9UBIA87rcDr7YLRkMoa5NjNROtw
vdPR42ViEutbnJkoQvmhAfk8rdl7tEgbM83w7h+Hbkw3IQ5wMu5wuM9pnw3KWocM
Q8l/pjZXx8wJ+fMrdQa1lYfEeOL7TXSRniQVlp2KH46vwN2kMUrhZV6ryy8GE3+y
j2FbgqfwY1CjJBFcD5Ziczh9Jto3szSKH4AAITuvWiNXZTfVUeCEWFxG6KAqlYHP
uYWAUZlcAAu7cGDdGQgZmXT5heOpAtYP98YDLc7/qnq6tncB8VQcLPLo0qEx9tWI
nnNZJn9sVZHsBmvHj+vAAc2lGzwsuXDVtMwvoxHIlGC7tBomulT4mSOsAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMdZbjAC1T/WIBQkNpAHz9M6BfemMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAem/nnH/q
Ua8kehz3imHdxcB/w31By2/IF2abDN/dy3aHZg8rb6dsRpumhv/i3M5Ln7Bmv+yK
21dZh3xJW6h+GKtVpPHbJBXO5J+dzfqEXHZowdiKazR/v5kTZQjvw/jgwXQgby6P
qOKHqSgM9DJsGo9pOt8z4NpDrVDcwMUAqhXXzHRrE4U1WwuGxzcwOkO2E6x581hx
imyIrgqyHNoocXFZqLlx59z2fYTKnmJmfH44pB8Slkk+bvh31xlmKrg4xpNjpXPo
bOKyv1OXXvCBPIsb/v2vCU3LiaVoHDtnFExxB+AwuoRMIH6xOb9GID+muu2cAYFK
A5CgIkMtouAieg==
-----END CERTIFICATE-----