Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          hEaSAFuX1xk9mRH5MQgr+8vVceSXKQX79BQVMg1yUgM=
Subject key identifier:   85:EF:6E:D4:EF:3F:79:77:F0:2C:F2:9F:B4:E4:84:A1:D9:FB:7E:2E
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019DA29C962E0A05D0A920D32E655E58845E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          10D4
Signing time:             Sat 18 Apr 2026 22:01:04 +0000
Manifest this update:     Sat 18 Apr 2026 22:01:04 +0000
Manifest next update:     Sun 19 Apr 2026 22:01:04 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: YK88TkSeQNLycl/25NuckX/5uv3ysgqVbAgdp+PQN3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:96:2e:0a:05:d0:a9:20:d3:2e:65:5e:58:84:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Apr 18 22:01:04 2026 GMT
            Not After : Apr 19 22:01:04 2026 GMT
        Subject: CN=85ef6ed4ef3f7977f02cf29fb4e484a1d9fb7e2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:7f:70:94:24:e3:45:d3:ce:00:39:7b:2e:98:
                    d2:1b:ef:9b:ff:d5:4f:e1:73:e6:af:12:75:e0:08:
                    ef:16:c8:64:a8:10:86:fb:66:c6:af:13:ab:60:88:
                    0b:ba:18:7c:71:1b:25:96:c1:d2:87:8f:b7:14:28:
                    a7:9e:5a:cf:f8:44:f7:0d:9e:24:48:a9:9e:51:28:
                    96:c3:1e:2b:ab:d0:f8:d6:69:98:86:f5:10:1c:4b:
                    0b:12:e7:a6:9f:8c:7f:e7:19:cb:12:d6:c8:a1:4e:
                    8b:38:a4:96:33:14:b0:3b:7d:dc:67:9f:fe:16:83:
                    5c:fb:e5:7a:8e:be:93:ea:2c:5f:4d:ea:09:a9:c6:
                    e8:17:af:49:11:f1:21:14:9b:f0:52:39:f4:45:17:
                    c8:33:5c:e3:c8:9d:20:0b:d6:1f:04:04:66:4d:aa:
                    f9:c5:2c:4d:5b:34:a1:9e:2a:b9:d4:0c:5c:b6:84:
                    20:1f:f0:8b:3f:6e:9b:20:39:83:b1:d6:90:98:c6:
                    28:6d:3c:f4:4d:2a:97:50:a9:65:b1:33:97:9f:97:
                    cf:64:eb:aa:22:5a:02:48:a8:df:90:74:c4:74:c2:
                    e4:1d:3a:df:aa:81:1a:35:63:86:4b:48:83:ff:f4:
                    32:09:37:62:49:d2:14:2f:39:3f:47:0c:ac:30:9b:
                    5b:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:EF:6E:D4:EF:3F:79:77:F0:2C:F2:9F:B4:E4:84:A1:D9:FB:7E:2E
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:65:a8:02:e8:83:b0:12:6c:49:f3:d2:82:f4:c8:e9:63:dc:
         c8:0d:82:b4:f1:dc:36:e0:f6:8f:d3:7a:92:ce:63:f4:76:cc:
         3f:21:27:e5:c9:28:43:3b:c6:4d:bf:74:4f:45:89:8b:ef:4c:
         49:4d:8b:f7:d5:6c:dc:10:b1:74:2b:88:a2:10:b9:54:db:78:
         11:94:22:3c:76:76:75:ee:c8:27:53:c6:8a:e8:f2:ec:65:ba:
         52:55:69:47:06:14:a6:09:8a:ab:93:db:12:7a:ee:a7:85:34:
         3b:6e:1b:f2:be:8c:e3:d3:ff:98:0e:bd:ef:16:bd:ee:22:d9:
         a6:5f:48:5a:a0:2d:cd:2c:39:4d:e9:0f:8b:dd:0c:f5:61:33:
         dd:61:16:91:73:4e:46:39:d0:ea:d4:29:b9:2d:65:4a:f5:9e:
         c3:f6:f4:aa:3d:58:bb:dd:26:f9:bf:03:b2:e2:e8:48:82:b1:
         50:b3:9b:8e:24:79:8b:9d:ac:8f:13:c7:af:f8:36:d9:bf:9b:
         e1:3e:13:98:78:ba:67:32:fa:fa:ad:41:54:df:85:5c:31:70:
         8a:1e:83:c1:9c:b1:9a:ba:3a:16:56:1f:79:61:7d:b7:5a:96:
         44:0c:3e:09:c5:46:f7:36:f4:2d:16:a2:a9:4a:4f:c5:99:a0:
         35:54:f1:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inJYuCgXQqSDTLmVeWIReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjYwNDE4MjIwMTA0WhcNMjYwNDE5MjIwMTA0WjAzMTEwLwYDVQQD
Eyg4NWVmNmVkNGVmM2Y3OTc3ZjAyY2YyOWZiNGU0ODRhMWQ5ZmI3ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn9wlCTjRdPOADl7LpjSG++b/9VP
4XPmrxJ14AjvFshkqBCG+2bGrxOrYIgLuhh8cRsllsHSh4+3FCinnlrP+ET3DZ4k
SKmeUSiWwx4rq9D41mmYhvUQHEsLEuemn4x/5xnLEtbIoU6LOKSWMxSwO33cZ5/+
FoNc++V6jr6T6ixfTeoJqcboF69JEfEhFJvwUjn0RRfIM1zjyJ0gC9YfBARmTar5
xSxNWzShniq51AxctoQgH/CLP26bIDmDsdaQmMYobTz0TSqXUKllsTOXn5fPZOuq
IloCSKjfkHTEdMLkHTrfqoEaNWOGS0iD//QyCTdiSdIULzk/RwysMJtbuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXvbtTvP3l38Czyn7TkhKHZ+34uMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGWoAuiD
sBJsSfPSgvTI6WPcyA2CtPHcNuD2j9N6ks5j9HbMPyEn5ckoQzvGTb90T0WJi+9M
SU2L99Vs3BCxdCuIohC5VNt4EZQiPHZ2de7IJ1PGiujy7GW6UlVpRwYUpgmKq5Pb
Enrup4U0O24b8r6M49P/mA697xa97iLZpl9IWqAtzSw5TekPi90M9WEz3WEWkXNO
RjnQ6tQpuS1lSvWew/b0qj1Yu90m+b8DsuLoSIKxULObjiR5i52sjxPHr/g22b+b
4T4TmHi6ZzL6+q1BVN+FXDFwih6DwZyxmro6FlYfeWF9t1qWRAw+CcVG9zb0LRai
qUpPxZmgNVTxeQ==
-----END CERTIFICATE-----