Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          oIXktomVjNHWJonEIiNKOERmqrc2Eao/r0lNlX3CK8o=
Subject key identifier:   7D:A4:20:91:89:0A:60:2A:21:99:A3:B7:B9:CA:15:4D:8A:36:17:5D
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019CAD598E8E2AC49254774053DCC6551D3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          1055
Signing time:             Mon 02 Mar 2026 07:00:53 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:53 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:53 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: qkb9AcWf6VYd1me3sGQHLuQXpa6iuL/WLUKm78QtVQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:8e:8e:2a:c4:92:54:77:40:53:dc:c6:55:1d:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Mar  2 07:00:53 2026 GMT
            Not After : Mar  3 07:00:53 2026 GMT
        Subject: CN=7da42091890a602a2199a3b7b9ca154d8a36175d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:23:b4:d9:9c:d1:e5:31:0b:05:0f:6c:13:39:
                    0c:dc:14:6d:18:fd:c4:3c:cc:a7:c6:19:e5:ea:77:
                    0c:4c:af:6c:04:b1:de:82:d0:e0:76:44:5c:cb:7d:
                    61:dc:82:d2:41:b7:30:93:4d:52:ec:a2:7c:84:ce:
                    33:74:7a:40:85:08:6c:9c:b9:e1:86:cf:3d:14:43:
                    ae:59:19:06:97:2d:36:aa:87:24:0f:89:2d:ef:75:
                    ba:42:d4:36:07:2f:8a:14:4a:3a:1e:08:ad:b0:24:
                    cf:91:e5:82:d5:8f:9b:60:f8:f9:e7:b7:9d:39:ba:
                    7f:34:4f:91:a7:71:d4:1a:90:f4:db:6e:a1:0b:dd:
                    a0:78:6d:a5:55:bd:d3:a8:2c:5a:59:d9:04:77:41:
                    81:8f:43:a1:b3:a2:de:a6:cb:68:ad:24:42:79:b8:
                    85:5b:61:75:b1:6c:00:f7:83:9a:87:1e:27:1c:c5:
                    c3:42:4b:8e:43:2e:dc:83:b9:a7:6f:20:a4:22:55:
                    0e:12:13:1d:c7:ce:77:f1:84:ac:c8:74:eb:51:1a:
                    ce:5f:1c:27:d0:fe:37:24:c8:d7:dd:eb:b6:19:62:
                    a8:f4:94:c3:f8:b3:40:e6:9c:96:c2:ec:18:7d:51:
                    47:8d:03:c2:49:03:4e:f9:d5:a6:fa:8e:d1:b2:f9:
                    e8:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:A4:20:91:89:0A:60:2A:21:99:A3:B7:B9:CA:15:4D:8A:36:17:5D
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:a7:c7:cd:bc:dd:2a:3a:e8:e6:ee:ec:2e:9d:28:e3:b1:80:
         db:ca:46:be:c2:74:4d:4c:fc:04:23:00:3b:5a:13:aa:0d:34:
         af:92:64:87:f6:57:a0:09:3f:af:87:44:d9:4d:99:50:5d:00:
         b8:76:90:d2:27:79:9d:5b:86:fd:7f:53:a0:21:8f:21:1a:fc:
         63:18:85:3e:75:44:cc:d8:00:66:9f:e2:e6:80:47:5e:9f:23:
         03:e5:98:11:e2:44:fb:75:fa:58:35:e6:9d:73:82:7d:7c:1d:
         b3:dd:7c:bb:09:00:6c:3d:7c:b8:6d:19:fd:e7:a5:35:00:c4:
         d8:fe:cf:dd:f0:3c:29:95:98:aa:4a:00:63:7e:b2:47:62:ad:
         ba:6d:6e:70:52:e1:ae:4b:56:90:83:b4:4b:3b:94:ac:05:f6:
         41:a1:ca:80:55:1f:d7:0e:72:e6:2f:42:0a:0d:d4:5f:d4:26:
         99:1c:8b:b4:f6:9a:8e:87:89:cf:d9:af:42:42:5d:d6:50:78:
         4a:6b:49:66:d6:1a:9e:e7:80:64:a4:ba:5d:b6:4c:48:97:09:
         be:23:8a:dc:83:be:28:f3:7f:65:1c:93:b0:eb:d8:81:04:dd:
         71:5f:bb:ab:3f:4e:58:f0:d3:86:09:ac:86:a8:74:19:bc:2b:
         fe:a3:53:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWY6OKsSSVHdAU9zGVR07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjYwMzAyMDcwMDUzWhcNMjYwMzAzMDcwMDUzWjAzMTEwLwYDVQQD
Eyg3ZGE0MjA5MTg5MGE2MDJhMjE5OWEzYjdiOWNhMTU0ZDhhMzYxNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyO02ZzR5TELBQ9sEzkM3BRtGP3E
PMynxhnl6ncMTK9sBLHegtDgdkRcy31h3ILSQbcwk01S7KJ8hM4zdHpAhQhsnLnh
hs89FEOuWRkGly02qockD4kt73W6QtQ2By+KFEo6HgitsCTPkeWC1Y+bYPj557ed
Obp/NE+Rp3HUGpD0226hC92geG2lVb3TqCxaWdkEd0GBj0Ohs6LepstorSRCebiF
W2F1sWwA94Oahx4nHMXDQkuOQy7cg7mnbyCkIlUOEhMdx8538YSsyHTrURrOXxwn
0P43JMjX3eu2GWKo9JTD+LNA5pyWwuwYfVFHjQPCSQNO+dWm+o7Rsvno/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2kIJGJCmAqIZmjt7nKFU2KNhddMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqfHzbzd
Kjro5u7sLp0o47GA28pGvsJ0TUz8BCMAO1oTqg00r5Jkh/ZXoAk/r4dE2U2ZUF0A
uHaQ0id5nVuG/X9ToCGPIRr8YxiFPnVEzNgAZp/i5oBHXp8jA+WYEeJE+3X6WDXm
nXOCfXwds918uwkAbD18uG0Z/eelNQDE2P7P3fA8KZWYqkoAY36yR2Ktum1ucFLh
rktWkIO0SzuUrAX2QaHKgFUf1w5y5i9CCg3UX9QmmRyLtPaajoeJz9mvQkJd1lB4
SmtJZtYanueAZKS6XbZMSJcJviOK3IO+KPN/ZRyTsOvYgQTdcV+7qz9OWPDThgms
hqh0Gbwr/qNTDQ==
-----END CERTIFICATE-----