Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          pG3Rqnl4NJNslCwEJpis+S/T4f4v1KCAzZHyvWeBIJY=
Subject key identifier:   27:FA:2B:A1:A8:6C:7C:1A:C1:7F:53:97:C8:2F:71:C4:05:65:18:A9
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019CAC46E26251B00AFF3AF995E9D4085E04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          092B
Signing time:             Mon 02 Mar 2026 02:00:52 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:52 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:52 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: +UStgEPloHswgsqwz5jMJ6GlVgbJIKWER5Fw0IkjkIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:e2:62:51:b0:0a:ff:3a:f9:95:e9:d4:08:5e:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Mar  2 02:00:52 2026 GMT
            Not After : Mar  3 02:00:52 2026 GMT
        Subject: CN=27fa2ba1a86c7c1ac17f5397c82f71c4056518a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c2:6e:45:57:04:40:5c:80:6d:1a:f6:1c:e4:
                    84:b0:b3:f8:8e:cd:1e:9a:89:d7:aa:92:f1:9c:e5:
                    2f:a1:f2:33:0b:52:7c:50:dd:db:6c:9d:59:2a:79:
                    4d:83:81:07:df:97:75:36:0c:3b:3c:2f:d9:f2:7f:
                    c6:cb:cb:58:b5:54:02:67:10:81:7c:90:a6:20:7d:
                    ef:cb:49:dc:9f:06:96:83:a6:43:13:59:cd:2d:28:
                    34:00:51:22:76:22:74:01:be:d8:02:d0:97:9e:4d:
                    6e:fa:e4:de:16:67:7c:fc:3d:3e:15:52:b2:26:a9:
                    29:58:31:3c:50:d6:cb:79:af:cf:94:33:53:00:0c:
                    d8:a3:01:47:15:4c:47:0c:e1:06:7e:7e:54:74:f6:
                    89:38:18:84:6e:7a:33:bf:0e:2b:25:89:ca:12:b6:
                    cc:65:62:79:04:47:fe:90:be:b2:cf:6b:52:8d:40:
                    be:f1:bd:69:cd:51:e6:08:39:07:ea:97:5d:29:44:
                    ca:c3:c7:1b:48:f8:7c:11:8c:2d:62:5c:b0:8c:15:
                    d9:d4:d2:5a:4f:ba:e8:e5:97:a4:24:f4:16:6c:3c:
                    a4:0a:cd:00:b9:09:27:42:09:b2:d0:e2:af:69:d3:
                    82:46:81:66:ac:51:74:bf:20:df:4e:e0:6d:dd:3c:
                    da:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:FA:2B:A1:A8:6C:7C:1A:C1:7F:53:97:C8:2F:71:C4:05:65:18:A9
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:2a:c0:61:a4:28:17:5b:eb:ea:67:6a:14:07:92:f6:6e:04:
         68:ab:27:39:d7:05:94:68:02:37:1b:a4:63:dc:09:bf:2f:34:
         1e:6b:7d:10:f1:5b:fc:0e:e0:af:37:94:86:3e:2b:0b:9b:1f:
         f0:bf:93:ca:1b:c7:20:7d:ff:8a:2d:47:d1:8a:55:54:9e:42:
         88:ef:8a:3d:d4:cd:ad:57:b9:b4:fc:ec:bc:1b:c2:64:3d:d4:
         81:ed:e1:91:43:b1:c5:c5:60:b4:f0:74:d9:e3:9a:62:e0:32:
         2a:96:55:c6:23:08:90:a7:ee:09:30:e8:ef:c5:2a:77:10:ab:
         fb:71:4a:97:2c:da:52:98:ba:2c:54:b1:f2:22:fb:4a:03:24:
         e1:53:ea:68:e1:05:1a:f0:83:d8:b9:e7:ac:bf:9f:ea:55:54:
         fb:43:c5:aa:1d:3a:47:81:a5:be:1e:5e:df:a1:d9:d8:3d:ae:
         da:1f:2d:50:7b:e0:fb:dc:7a:b2:93:a1:7c:66:40:9b:48:08:
         74:6e:ec:23:96:0b:86:32:00:12:ce:b6:c2:c7:18:2d:eb:0b:
         60:01:6e:64:a6:d2:b7:07:31:2c:0f:96:02:ef:7d:e0:5e:4c:
         0a:e7:bf:29:72:fc:24:38:c9:c3:82:22:f2:91:24:47:66:d2:
         6d:04:fe:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRuJiUbAK/zr5lenUCF4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjYwMzAyMDIwMDUyWhcNMjYwMzAzMDIwMDUyWjAzMTEwLwYDVQQD
EygyN2ZhMmJhMWE4NmM3YzFhYzE3ZjUzOTdjODJmNzFjNDA1NjUxOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsJuRVcEQFyAbRr2HOSEsLP4js0e
monXqpLxnOUvofIzC1J8UN3bbJ1ZKnlNg4EH35d1Ngw7PC/Z8n/Gy8tYtVQCZxCB
fJCmIH3vy0ncnwaWg6ZDE1nNLSg0AFEidiJ0Ab7YAtCXnk1u+uTeFmd8/D0+FVKy
JqkpWDE8UNbLea/PlDNTAAzYowFHFUxHDOEGfn5UdPaJOBiEbnozvw4rJYnKErbM
ZWJ5BEf+kL6yz2tSjUC+8b1pzVHmCDkH6pddKUTKw8cbSPh8EYwtYlywjBXZ1NJa
T7ro5ZekJPQWbDykCs0AuQknQgmy0OKvadOCRoFmrFF0vyDfTuBt3TzanwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCf6K6GobHwawX9Tl8gvccQFZRipMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCrAYaQo
F1vr6mdqFAeS9m4EaKsnOdcFlGgCNxukY9wJvy80Hmt9EPFb/A7grzeUhj4rC5sf
8L+TyhvHIH3/ii1H0YpVVJ5CiO+KPdTNrVe5tPzsvBvCZD3Uge3hkUOxxcVgtPB0
2eOaYuAyKpZVxiMIkKfuCTDo78UqdxCr+3FKlyzaUpi6LFSx8iL7SgMk4VPqaOEF
GvCD2LnnrL+f6lVU+0PFqh06R4Glvh5e36HZ2D2u2h8tUHvg+9x6spOhfGZAm0gI
dG7sI5YLhjIAEs62wscYLesLYAFuZKbStwcxLA+WAu994F5MCue/KXL8JDjJw4Ii
8pEkR2bSbQT+ag==
-----END CERTIFICATE-----