Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          lpwr1pInInrFbocSF9RgOE6rewtJWBb+vl5N9fV/CvY=
Subject key identifier:   2B:22:FC:D6:B4:F3:25:A6:15:0D:54:C1:53:68:C5:46:6F:AE:C0:4F
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       019CAA213D8745D86FDB562CEDA582852610
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          17D3
Signing time:             Sun 01 Mar 2026 16:00:30 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:30 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:30 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: X9JYn6z2lQ45bFF7mQ3aM9N10BSK83Z5yGXsdFkiWZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:3d:87:45:d8:6f:db:56:2c:ed:a5:82:85:26:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Mar  1 16:00:30 2026 GMT
            Not After : Mar  2 16:00:30 2026 GMT
        Subject: CN=2b22fcd6b4f325a6150d54c15368c5466faec04f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:92:38:3c:1e:f4:21:49:14:7c:35:4c:38:ad:
                    80:6f:a0:c5:75:5d:38:e3:06:f9:3e:d8:30:63:87:
                    e9:2c:ee:73:e3:a5:ef:4a:f2:1f:cc:0a:4e:ef:3d:
                    89:0d:2b:8b:fb:19:c2:06:93:af:80:c6:90:34:a1:
                    c7:a5:36:03:3c:67:b7:b4:e5:b5:55:aa:17:d9:ee:
                    9f:b2:63:18:89:35:36:a6:a4:46:28:52:1c:22:97:
                    2e:09:d7:a2:0e:4e:68:3d:6b:ae:51:0d:f1:15:64:
                    b5:67:cb:7c:19:0c:23:ae:f7:2c:f6:ba:7c:0c:b2:
                    1d:89:97:af:74:30:95:0a:d9:5f:5d:e2:2a:5f:77:
                    99:8c:48:cb:8a:de:0e:ef:1d:1b:bf:23:28:c1:92:
                    e3:86:9d:ca:dc:a3:05:c1:3e:b4:6b:0b:7e:69:d3:
                    cb:2b:55:fa:08:56:98:58:cb:02:0d:a7:47:a1:ac:
                    4e:c6:b9:bb:2b:9f:63:ec:4a:3f:4c:21:86:47:60:
                    d5:d7:53:ec:44:99:62:66:20:ab:db:7b:a3:53:1d:
                    8e:2e:93:53:40:53:2b:0d:b3:6a:e5:bd:7f:53:05:
                    44:3f:9a:8d:6a:1b:13:d5:6b:c4:82:6e:08:1a:69:
                    de:90:1e:6c:91:41:95:b7:50:3e:1a:a3:85:48:de:
                    eb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:22:FC:D6:B4:F3:25:A6:15:0D:54:C1:53:68:C5:46:6F:AE:C0:4F
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:dc:10:a8:06:00:75:00:99:17:ae:63:40:cb:d6:eb:fd:5b:
         f1:e0:58:8e:d3:95:df:72:a3:32:b6:b4:b4:9f:0e:9f:a6:f3:
         1f:e4:4f:42:4d:20:1f:3b:6d:38:ff:de:91:f6:c2:91:13:b1:
         6f:da:36:34:71:99:98:92:d4:d9:31:c4:eb:d8:45:20:ae:9f:
         19:31:6e:f4:3b:e5:df:cc:09:d9:4b:76:13:45:3d:77:68:bc:
         b6:7b:d7:db:61:6d:fc:3c:6c:b1:3f:3d:7d:09:54:64:71:c7:
         11:f0:0f:95:52:fd:71:87:f6:a4:93:ec:d6:89:26:61:43:23:
         2b:c3:21:f7:8c:47:3a:0e:6d:0c:44:6b:1c:60:a2:fb:f2:e8:
         ca:cb:09:f2:08:d0:33:9b:ac:5f:2a:91:de:56:02:ae:a8:79:
         3e:9c:4a:df:e7:d7:76:df:5f:87:70:d3:57:f5:14:c0:e5:96:
         d7:f2:36:6d:87:0a:18:fe:3e:0a:7e:ce:e4:eb:36:ab:5a:77:
         e4:b0:b5:78:05:c5:b6:eb:ae:eb:28:ee:d9:5c:dd:8f:b3:2e:
         8e:86:ab:c0:54:58:a6:38:99:ce:89:54:5a:f0:7d:31:0d:72:
         f5:d5:05:fa:55:f6:98:c8:99:a5:6d:b4:95:bb:27:50:1d:1d:
         f1:2c:6d:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIT2HRdhv21Ys7aWChSYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjYwMzAxMTYwMDMwWhcNMjYwMzAyMTYwMDMwWjAzMTEwLwYDVQQD
EygyYjIyZmNkNmI0ZjMyNWE2MTUwZDU0YzE1MzY4YzU0NjZmYWVjMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZI4PB70IUkUfDVMOK2Ab6DFdV04
4wb5PtgwY4fpLO5z46XvSvIfzApO7z2JDSuL+xnCBpOvgMaQNKHHpTYDPGe3tOW1
VaoX2e6fsmMYiTU2pqRGKFIcIpcuCdeiDk5oPWuuUQ3xFWS1Z8t8GQwjrvcs9rp8
DLIdiZevdDCVCtlfXeIqX3eZjEjLit4O7x0bvyMowZLjhp3K3KMFwT60awt+adPL
K1X6CFaYWMsCDadHoaxOxrm7K59j7Eo/TCGGR2DV11PsRJliZiCr23ujUx2OLpNT
QFMrDbNq5b1/UwVEP5qNahsT1WvEgm4IGmnekB5skUGVt1A+GqOFSN7rZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsi/Na08yWmFQ1UwVNoxUZvrsBPMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn9wQqAYA
dQCZF65jQMvW6/1b8eBYjtOV33KjMra0tJ8On6bzH+RPQk0gHzttOP/ekfbCkROx
b9o2NHGZmJLU2THE69hFIK6fGTFu9Dvl38wJ2Ut2E0U9d2i8tnvX22Ft/DxssT89
fQlUZHHHEfAPlVL9cYf2pJPs1okmYUMjK8Mh94xHOg5tDERrHGCi+/LoyssJ8gjQ
M5usXyqR3lYCrqh5PpxK3+fXdt9fh3DTV/UUwOWW1/I2bYcKGP4+Cn7O5Os2q1p3
5LC1eAXFtuuu6yju2Vzdj7MujoarwFRYpjiZzolUWvB9MQ1y9dUF+lX2mMiZpW20
lbsnUB0d8SxtKQ==
-----END CERTIFICATE-----