Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          5ZMpZzbJvu3eFbU6zO0UGwF7zOJcBHw1JktPfmF2oKI=
Subject key identifier:   FE:A2:AF:6B:A3:7B:C4:D3:10:D5:BD:93:6D:D3:47:35:8F:EF:87:3C
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019CAD5A24F775848A5C249AFB82B4BB25D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 07:01:31 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:31 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:31 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: tKi8Qhqm9mcfjF9npwhoj+84g8a4WLXqiBCdv5ERplA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:24:f7:75:84:8a:5c:24:9a:fb:82:b4:bb:25:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Mar  2 07:01:31 2026 GMT
            Not After : Mar  3 07:01:31 2026 GMT
        Subject: CN=fea2af6ba37bc4d310d5bd936dd347358fef873c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a4:09:4e:ce:0d:cc:ef:ef:ab:a3:cb:a4:2b:
                    2a:14:a1:66:ce:0f:bf:18:18:6b:12:4d:4b:46:4e:
                    44:f5:f0:b1:b4:56:42:d2:70:14:22:e9:25:4a:77:
                    54:df:b6:2f:ee:70:97:8c:73:cd:28:67:2e:d7:bd:
                    b3:82:fb:6d:49:54:c4:de:de:d9:f8:1a:1d:d2:f9:
                    a4:70:14:37:66:f9:30:fe:e3:b6:df:22:a6:20:04:
                    02:f5:6a:35:a6:a6:ef:4e:5e:95:a8:04:a1:b2:74:
                    4c:7e:63:73:55:fa:a3:bd:56:06:0d:33:c2:9c:be:
                    b3:2c:6a:a5:64:25:ef:f6:f2:b2:eb:e5:64:a4:c3:
                    45:8e:ff:b6:ff:57:a2:78:c4:45:18:00:c6:bf:14:
                    15:13:bd:4d:4d:84:ff:0f:8d:db:e1:58:ca:1a:1b:
                    d5:02:48:35:ca:90:0c:ff:a7:92:c7:8a:c3:de:ee:
                    9f:9b:d4:a4:f8:55:2c:90:30:74:e6:8a:24:b1:38:
                    af:25:81:e8:76:ee:f4:79:1d:11:50:f2:e9:92:db:
                    30:88:92:7e:b2:55:c4:d3:62:f9:01:65:c0:c4:0e:
                    8f:a9:e3:fe:54:ba:d5:ff:81:ff:00:7e:e9:77:58:
                    27:a1:07:18:92:88:c1:7a:17:bb:c1:d4:ba:57:8f:
                    77:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:A2:AF:6B:A3:7B:C4:D3:10:D5:BD:93:6D:D3:47:35:8F:EF:87:3C
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:83:27:b5:8f:b7:6c:8b:db:f2:52:c1:b7:df:28:27:0d:7f:
         82:c0:89:64:d5:18:2b:02:c6:d7:a5:b6:b4:ec:8b:ef:50:7a:
         a3:dd:ce:ef:d7:50:d4:c4:db:9c:90:80:aa:d2:70:e5:d4:38:
         a0:c0:59:7f:9d:c4:2b:95:57:bb:3e:3a:48:0b:62:02:c3:2d:
         7e:ce:2b:79:7d:71:eb:47:49:2a:d6:6b:72:cc:8b:a7:58:64:
         53:02:20:40:d8:e4:c9:f6:3e:cc:7e:e4:70:ee:cf:ad:9c:e4:
         41:fb:6a:fe:1a:5a:ae:c9:ea:57:56:be:75:c7:4b:5b:d2:3b:
         02:ce:56:83:0d:ed:c2:ad:e0:14:ac:aa:fc:40:fa:bd:a8:57:
         74:a8:fc:c8:49:35:fe:96:c2:8b:65:ec:10:e8:2f:48:29:af:
         b6:71:c1:33:bf:b3:ff:aa:c9:8f:14:8f:a3:54:9c:d8:7a:7e:
         99:2d:b8:31:08:31:93:2e:61:63:dc:34:27:51:d1:a8:40:5b:
         e7:63:41:85:8d:04:29:b3:df:e7:44:e1:da:e5:9c:f0:0c:60:
         0a:9a:86:8a:20:4c:8a:2f:17:b8:0a:e8:fe:e3:54:f8:23:cd:
         b5:7a:59:21:a4:18:ad:fb:af:60:99:1b:79:ec:1a:18:ce:c7:
         29:4d:a1:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWiT3dYSKXCSa+4K0uyXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjYwMzAyMDcwMTMxWhcNMjYwMzAzMDcwMTMxWjAzMTEwLwYDVQQD
EyhmZWEyYWY2YmEzN2JjNGQzMTBkNWJkOTM2ZGQzNDczNThmZWY4NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKQJTs4NzO/vq6PLpCsqFKFmzg+/
GBhrEk1LRk5E9fCxtFZC0nAUIuklSndU37Yv7nCXjHPNKGcu172zgvttSVTE3t7Z
+Bod0vmkcBQ3Zvkw/uO23yKmIAQC9Wo1pqbvTl6VqAShsnRMfmNzVfqjvVYGDTPC
nL6zLGqlZCXv9vKy6+VkpMNFjv+2/1eieMRFGADGvxQVE71NTYT/D43b4VjKGhvV
Akg1ypAM/6eSx4rD3u6fm9Sk+FUskDB05ooksTivJYHodu70eR0RUPLpktswiJJ+
slXE02L5AWXAxA6PqeP+VLrV/4H/AH7pd1gnoQcYkojBehe7wdS6V493VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6ir2uje8TTENW9k23TRzWP74c8MB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4MntY+3
bIvb8lLBt98oJw1/gsCJZNUYKwLG16W2tOyL71B6o93O79dQ1MTbnJCAqtJw5dQ4
oMBZf53EK5VXuz46SAtiAsMtfs4reX1x60dJKtZrcsyLp1hkUwIgQNjkyfY+zH7k
cO7PrZzkQftq/hparsnqV1a+dcdLW9I7As5Wgw3twq3gFKyq/ED6vahXdKj8yEk1
/pbCi2XsEOgvSCmvtnHBM7+z/6rJjxSPo1Sc2Hp+mS24MQgxky5hY9w0J1HRqEBb
52NBhY0EKbPf50Th2uWc8AxgCpqGiiBMii8XuAro/uNU+CPNtXpZIaQYrfuvYJkb
eewaGM7HKU2hhA==
-----END CERTIFICATE-----