Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          RSg1ALbwM+uoLxNKwVJ3zC+cPXTxhK1O8y2mh5maUIg=
Subject key identifier:   8A:34:F4:61:E1:12:A7:FD:D7:39:52:93:25:66:5D:97:A8:8D:4F:B8
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019D98F468F77D7028422CD0807FE1395A98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          18BC
Signing time:             Fri 17 Apr 2026 01:00:47 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:47 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:47 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: s93usBsMiQEDBV2gUyDPm+h2ETs3OlpIA8lGv21n9hM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:68:f7:7d:70:28:42:2c:d0:80:7f:e1:39:5a:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Apr 17 01:00:47 2026 GMT
            Not After : Apr 18 01:00:47 2026 GMT
        Subject: CN=8a34f461e112a7fdd739529325665d97a88d4fb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d2:c0:ea:76:18:6c:f4:dd:e6:0c:f4:63:cd:
                    c0:aa:0f:a7:4e:01:ad:4a:30:f6:8a:ca:11:95:0e:
                    78:4f:7d:66:20:d4:b4:c1:8d:6f:8f:26:4a:d9:c7:
                    3c:eb:bf:a6:de:9e:a9:8c:92:07:b2:0d:04:54:2a:
                    e3:93:1a:d7:bc:79:c2:b3:86:23:9f:f7:c2:78:11:
                    3d:c2:31:84:f1:e8:fa:e3:a6:58:53:11:67:f9:3c:
                    90:92:98:98:a3:ec:90:76:8d:2f:cd:a3:0b:00:45:
                    56:6f:07:a9:24:0d:2f:98:10:f0:6b:35:4a:0d:b8:
                    e1:7f:b3:74:94:d3:67:7b:02:67:51:e6:49:56:15:
                    4b:5d:88:d7:2a:f9:2e:c7:d6:9b:9e:cb:e4:07:b1:
                    ec:f5:69:c3:76:f6:88:6b:f5:b2:47:64:dd:6a:10:
                    ee:1e:b5:b1:47:81:f2:f7:b4:bc:60:b2:dd:28:49:
                    3d:56:2e:b8:2b:89:21:c9:cc:3b:af:b5:86:a1:50:
                    80:ee:cf:18:9a:24:db:9c:30:23:e4:b8:dc:03:f7:
                    fc:ef:15:4e:19:e5:2a:fa:3b:78:d8:58:a6:76:8a:
                    04:47:90:14:ed:fb:09:fe:3d:a9:ab:ad:df:c2:92:
                    a2:e9:31:ab:fb:01:4b:a5:8a:40:ec:d5:24:bf:d6:
                    b4:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:34:F4:61:E1:12:A7:FD:D7:39:52:93:25:66:5D:97:A8:8D:4F:B8
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:04:18:a5:8f:4e:10:ab:e6:49:48:e4:5f:c5:86:c2:3f:44:
         8e:74:3b:b0:ce:31:62:f0:0c:44:1c:90:24:4f:1c:e6:2a:af:
         0c:07:90:06:97:e7:03:ec:f0:19:b1:5a:b9:b2:68:ae:b4:2a:
         39:6e:11:25:24:cb:05:a5:d5:e5:81:85:40:94:43:8c:62:bf:
         26:df:51:6d:04:ec:7d:ee:4a:79:eb:7f:39:ed:08:8d:a3:b2:
         2f:d5:0f:d1:2e:25:7e:23:02:83:b9:77:6f:2e:c0:a9:6b:6f:
         30:4b:d5:30:ee:bc:d1:f6:f2:a1:98:af:ed:df:fc:ed:03:ff:
         0d:4a:4e:c0:99:50:ce:6f:07:dd:39:b0:b9:43:f2:50:f6:08:
         75:a9:3a:0f:9f:da:6b:7c:f6:33:6a:45:59:d8:98:77:71:ff:
         ca:06:a3:ef:90:6c:a5:b4:21:78:d6:cb:27:20:74:49:41:c1:
         3f:8d:11:97:c7:36:5a:50:eb:68:f6:a2:f6:1f:07:8b:1f:aa:
         12:3f:a3:b9:11:f8:c2:54:2b:3f:f5:4d:1c:63:09:5b:59:f2:
         57:8b:49:20:21:ac:2f:2c:ed:07:50:a5:e4:df:0a:47:8d:30:
         54:66:c8:c0:59:f2:b0:b6:79:08:50:4d:73:3a:85:06:3a:c9:
         d8:a5:df:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Gj3fXAoQizQgH/hOVqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjYwNDE3MDEwMDQ3WhcNMjYwNDE4MDEwMDQ3WjAzMTEwLwYDVQQD
Eyg4YTM0ZjQ2MWUxMTJhN2ZkZDczOTUyOTMyNTY2NWQ5N2E4OGQ0ZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9LA6nYYbPTd5gz0Y83Aqg+nTgGt
SjD2isoRlQ54T31mINS0wY1vjyZK2cc867+m3p6pjJIHsg0EVCrjkxrXvHnCs4Yj
n/fCeBE9wjGE8ej646ZYUxFn+TyQkpiYo+yQdo0vzaMLAEVWbwepJA0vmBDwazVK
Dbjhf7N0lNNnewJnUeZJVhVLXYjXKvkux9abnsvkB7Hs9WnDdvaIa/WyR2TdahDu
HrWxR4Hy97S8YLLdKEk9Vi64K4khycw7r7WGoVCA7s8YmiTbnDAj5LjcA/f87xVO
GeUq+jt42FimdooER5AU7fsJ/j2pq63fwpKi6TGr+wFLpYpA7NUkv9a0dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIo09GHhEqf91zlSkyVmXZeojU+4MB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQQYpY9O
EKvmSUjkX8WGwj9EjnQ7sM4xYvAMRByQJE8c5iqvDAeQBpfnA+zwGbFaubJorrQq
OW4RJSTLBaXV5YGFQJRDjGK/Jt9RbQTsfe5Keet/Oe0IjaOyL9UP0S4lfiMCg7l3
by7AqWtvMEvVMO680fbyoZiv7d/87QP/DUpOwJlQzm8H3TmwuUPyUPYIdak6D5/a
a3z2M2pFWdiYd3H/ygaj75BspbQheNbLJyB0SUHBP40Rl8c2WlDraPai9h8Hix+q
Ej+juRH4wlQrP/VNHGMJW1nyV4tJICGsLyztB1Cl5N8KR40wVGbIwFnysLZ5CFBN
czqFBjrJ2KXf8g==
-----END CERTIFICATE-----