Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          svOj71IS/f+8evp/u35KNb0bO42WGIM+oOfdWOJg9ow=
Subject key identifier:   34:B2:7F:91:0B:FE:6F:DA:AF:B8:C0:01:B3:CD:12:1E:DD:E9:B7:F7
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019CADFE9B0E727F71665AE271FBA07F91B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          1036
Signing time:             Mon 02 Mar 2026 10:01:09 +0000
Manifest this update:     Mon 02 Mar 2026 10:01:09 +0000
Manifest next update:     Tue 03 Mar 2026 10:01:09 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: FVVGxbukaF7phnuFRwy0JGRu0LkUga5jCCrNAbrA+UE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:9b:0e:72:7f:71:66:5a:e2:71:fb:a0:7f:91:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Mar  2 10:01:09 2026 GMT
            Not After : Mar  3 10:01:09 2026 GMT
        Subject: CN=34b27f910bfe6fdaafb8c001b3cd121edde9b7f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:21:b6:42:f6:2b:d0:6f:d1:6f:7d:d7:67:71:
                    69:28:5d:e6:fd:21:9b:8b:d3:17:21:fe:50:9e:6a:
                    fa:0a:54:c7:b3:6a:9d:5b:fd:57:77:47:51:66:77:
                    3d:c5:70:82:2a:92:de:16:d2:65:b2:ed:dc:79:d0:
                    23:49:b5:35:88:a2:7a:03:9e:f0:d3:ff:21:66:ac:
                    da:3d:ce:e3:a0:7f:f9:6f:7c:1a:45:35:a7:26:4e:
                    6c:7a:ab:2c:13:7e:7b:87:09:86:21:a5:0f:9b:f4:
                    d4:64:01:c8:5f:ef:38:1f:b8:68:b6:e8:a1:0a:df:
                    93:d4:13:e6:0c:0e:71:e5:65:92:ad:d2:3d:3f:1c:
                    86:93:4e:2d:3a:c3:94:84:8d:60:e1:75:66:a7:ce:
                    a1:dc:c3:3d:4b:6f:8b:01:e3:fe:48:4a:2c:e3:a7:
                    9d:a1:cd:25:20:54:48:70:5b:46:16:3d:a3:29:53:
                    8f:8c:c7:0c:f9:ab:3f:4e:2a:1e:59:df:45:2b:e5:
                    56:16:ea:55:7b:b9:9f:95:ac:31:56:b6:ae:86:b7:
                    62:22:7d:81:fc:6e:73:fe:c7:89:30:07:fa:44:69:
                    50:b4:d1:56:43:d8:91:5c:2e:bf:a4:6d:14:4d:15:
                    8d:17:77:a9:73:00:6f:de:84:36:2f:9b:fc:0f:d6:
                    23:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:B2:7F:91:0B:FE:6F:DA:AF:B8:C0:01:B3:CD:12:1E:DD:E9:B7:F7
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:d7:4d:ab:48:31:8d:69:af:cb:14:9f:78:c7:b4:01:23:45:
         06:c6:32:e0:6f:f0:01:f2:a4:6b:6f:5c:50:10:0f:5b:db:43:
         f1:8c:24:45:bc:6a:54:28:e3:d3:7b:71:52:f1:af:fc:8b:0e:
         a8:8b:89:06:fc:c3:47:ca:ec:fc:45:71:99:b3:8e:b1:b1:0f:
         15:ba:a8:9d:05:eb:51:ed:cd:d2:18:5c:84:60:db:b4:6f:64:
         de:95:e0:24:52:5b:6f:71:92:9e:98:b3:ce:d8:93:4a:54:cc:
         59:4e:18:75:20:e0:97:0e:74:fb:e2:46:92:e0:de:8d:6b:0d:
         07:d9:2f:df:82:49:c2:3c:51:1d:51:19:97:5f:8f:35:a5:b4:
         c5:23:e8:9e:40:7a:ac:8c:27:45:b3:98:d5:fe:e0:f4:2c:b1:
         54:4c:ef:d4:ee:15:b8:fd:70:a0:72:c7:ed:97:b0:db:c5:08:
         3b:74:68:0c:ab:86:76:e9:a4:17:73:df:b4:68:98:9f:2e:4e:
         32:9b:15:88:67:fb:11:65:4a:f4:aa:04:82:3a:ac:87:ef:05:
         bb:b8:85:94:aa:98:65:37:14:65:de:c7:ae:03:0f:b2:a0:12:
         24:a4:cd:c9:3a:0c:50:f9:f6:84:35:0f:f8:95:7c:0c:d2:c6:
         bb:48:69:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/psOcn9xZlricfugf5G5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjYwMzAyMTAwMTA5WhcNMjYwMzAzMTAwMTA5WjAzMTEwLwYDVQQD
EygzNGIyN2Y5MTBiZmU2ZmRhYWZiOGMwMDFiM2NkMTIxZWRkZTliN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCG2QvYr0G/Rb33XZ3FpKF3m/SGb
i9MXIf5Qnmr6ClTHs2qdW/1Xd0dRZnc9xXCCKpLeFtJlsu3cedAjSbU1iKJ6A57w
0/8hZqzaPc7joH/5b3waRTWnJk5seqssE357hwmGIaUPm/TUZAHIX+84H7hotuih
Ct+T1BPmDA5x5WWSrdI9PxyGk04tOsOUhI1g4XVmp86h3MM9S2+LAeP+SEos46ed
oc0lIFRIcFtGFj2jKVOPjMcM+as/TioeWd9FK+VWFupVe7mflawxVrauhrdiIn2B
/G5z/seJMAf6RGlQtNFWQ9iRXC6/pG0UTRWNF3epcwBv3oQ2L5v8D9YjbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSyf5EL/m/ar7jAAbPNEh7d6bf3MB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNdNq0gx
jWmvyxSfeMe0ASNFBsYy4G/wAfKka29cUBAPW9tD8YwkRbxqVCjj03txUvGv/IsO
qIuJBvzDR8rs/EVxmbOOsbEPFbqonQXrUe3N0hhchGDbtG9k3pXgJFJbb3GSnpiz
ztiTSlTMWU4YdSDglw50++JGkuDejWsNB9kv34JJwjxRHVEZl1+PNaW0xSPonkB6
rIwnRbOY1f7g9CyxVEzv1O4VuP1woHLH7Zew28UIO3RoDKuGdumkF3PftGiYny5O
MpsViGf7EWVK9KoEgjqsh+8Fu7iFlKqYZTcUZd7HrgMPsqASJKTNyToMUPn2hDUP
+JV8DNLGu0hpJQ==
-----END CERTIFICATE-----