Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
File:                     NO2iVBz8z2guKd2uYx7cjR57b2A.mft (raw, json)
Hash identifier:          QdDl6UA/o9xgdkTMBGfdHCjoYm1ZdE7hMz5rMIO2bKE=
Subject key identifier:   90:BE:6E:B5:01:BA:78:6D:37:1A:FF:75:1B:E7:61:7A:D3:31:AA:F1
Authority key identifier: 34:ED:A2:54:1C:FC:CF:68:2E:29:DD:AE:63:1E:DC:8D:1E:7B:6F:60
Certificate issuer:       /CN=34eda2541cfccf682e29ddae631edc8d1e7b6f60
Certificate serial:       019D98F46B1B8546582AD2963D55BEDF0D42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
Manifest number:          096F
Signing time:             Fri 17 Apr 2026 01:00:48 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:48 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:48 +0000
Files and hashes:         1: NO2iVBz8z2guKd2uYx7cjR57b2A.crl (hash: tssQE3Ka/USs0GPvrqVi8ikCxhnnXNMGtHdaLKZ3Cjg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:6b:1b:85:46:58:2a:d2:96:3d:55:be:df:0d:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34eda2541cfccf682e29ddae631edc8d1e7b6f60
        Validity
            Not Before: Apr 17 01:00:48 2026 GMT
            Not After : Apr 18 01:00:48 2026 GMT
        Subject: CN=90be6eb501ba786d371aff751be7617ad331aaf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a5:2f:37:0c:f8:9c:60:94:54:3a:9b:70:31:
                    9f:8b:de:cf:8c:3f:d3:29:19:57:7e:e7:34:bc:31:
                    3d:36:9a:a3:e1:40:20:f1:c8:ad:14:d6:16:8a:c7:
                    46:24:66:e6:d8:e4:85:4a:77:fb:c0:e5:17:51:24:
                    7d:ca:60:eb:1b:b0:66:38:f4:a3:b0:84:bd:cf:8e:
                    84:fe:bd:7a:9b:95:fb:07:92:6c:39:91:de:c4:88:
                    a0:b9:0e:9c:e0:37:03:d6:6e:c4:81:ba:4f:41:8f:
                    cc:bc:dd:df:fb:ae:39:1f:ee:74:74:d6:ae:5f:24:
                    ab:5c:58:1e:6a:84:8e:40:63:90:ac:3d:5b:91:79:
                    9d:01:d1:55:6b:1d:78:1c:d8:c5:2f:70:4e:91:78:
                    22:db:f1:ea:31:52:4d:88:b8:bd:ea:86:6e:db:81:
                    8a:8b:43:ef:83:b8:52:b4:fc:ea:fa:66:36:cb:dd:
                    de:68:27:f4:85:be:c5:c4:7d:97:55:46:3a:2e:19:
                    5a:cc:7b:7e:36:4b:4d:3f:3c:47:3a:9d:4c:21:2a:
                    90:bd:88:bf:26:94:36:04:17:9b:3a:16:76:b0:93:
                    7b:21:f8:6c:04:d9:f9:75:19:ab:72:b2:98:37:20:
                    63:90:97:30:bd:46:f5:9d:6e:21:92:a0:2c:dd:1b:
                    0c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:BE:6E:B5:01:BA:78:6D:37:1A:FF:75:1B:E7:61:7A:D3:31:AA:F1
            X509v3 Authority Key Identifier:
                keyid:34:ED:A2:54:1C:FC:CF:68:2E:29:DD:AE:63:1E:DC:8D:1E:7B:6F:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:7e:9e:ca:b6:6e:81:87:32:f6:74:3d:c4:5d:a5:64:cb:f1:
         0a:be:b7:2c:2c:59:6c:d7:55:71:62:54:5d:ff:58:be:60:ad:
         4c:61:cc:93:28:9f:98:e2:04:1e:aa:f1:bc:15:50:c9:a1:76:
         a2:fa:0b:24:21:ed:c3:74:14:89:61:3b:ad:e1:ae:6e:e5:67:
         ac:58:71:ea:17:68:e9:50:01:c7:3d:18:6f:61:9d:fe:23:d1:
         ba:cf:23:1c:b4:b2:63:cb:c7:c2:e1:f3:89:d3:55:f1:23:60:
         83:5b:bb:44:22:5d:ff:5a:b2:a1:d4:3e:66:b7:33:3f:ed:39:
         fb:19:1e:a8:86:d1:de:80:72:c2:e9:5d:cc:30:c7:4e:ab:2d:
         7a:56:8b:60:07:b1:6b:8e:1b:0a:91:4c:27:ff:e1:4b:5a:cb:
         e4:6b:f4:6c:ab:78:83:9e:cd:87:e8:6d:73:1e:c3:2e:6d:b2:
         26:ed:ba:69:a9:9a:c7:88:14:c7:fe:22:b9:f2:39:c9:c0:aa:
         6c:a1:81:7e:99:b6:39:9b:f7:24:c4:91:2e:81:ba:5b:47:7f:
         c3:5e:2f:e4:c5:0d:30:9e:2d:7a:9b:33:95:1c:ba:d4:25:ba:
         9f:95:8d:6f:59:85:d1:bc:8f:23:ad:75:15:a2:02:62:55:87:
         e2:86:39:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9GsbhUZYKtKWPVW+3w1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZWRhMjU0MWNmY2NmNjgyZTI5ZGRhZTYzMWVkYzhkMWU3
YjZmNjAwHhcNMjYwNDE3MDEwMDQ4WhcNMjYwNDE4MDEwMDQ4WjAzMTEwLwYDVQQD
Eyg5MGJlNmViNTAxYmE3ODZkMzcxYWZmNzUxYmU3NjE3YWQzMzFhYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6UvNwz4nGCUVDqbcDGfi97PjD/T
KRlXfuc0vDE9Npqj4UAg8citFNYWisdGJGbm2OSFSnf7wOUXUSR9ymDrG7BmOPSj
sIS9z46E/r16m5X7B5JsOZHexIiguQ6c4DcD1m7EgbpPQY/MvN3f+645H+50dNau
XySrXFgeaoSOQGOQrD1bkXmdAdFVax14HNjFL3BOkXgi2/HqMVJNiLi96oZu24GK
i0Pvg7hStPzq+mY2y93eaCf0hb7FxH2XVUY6LhlazHt+NktNPzxHOp1MISqQvYi/
JpQ2BBebOhZ2sJN7IfhsBNn5dRmrcrKYNyBjkJcwvUb1nW4hkqAs3RsMowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJC+brUBunhtNxr/dRvnYXrTMarxMB8GA1UdIwQY
MBaAFDTtolQc/M9oLindrmMe3I0ee29gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jNzI0NGUtYjEwMy00M2IxLTkxMmYt
YWE2MzJkZGI3NjE1LzEvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jNzI0NGUtYjEwMy00M2IxLTkxMmYtYWE2MzJkZGI3NjE1
LzEvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsX6eyrZu
gYcy9nQ9xF2lZMvxCr63LCxZbNdVcWJUXf9YvmCtTGHMkyifmOIEHqrxvBVQyaF2
ovoLJCHtw3QUiWE7reGubuVnrFhx6hdo6VABxz0Yb2Gd/iPRus8jHLSyY8vHwuHz
idNV8SNgg1u7RCJd/1qyodQ+ZrczP+05+xkeqIbR3oBywuldzDDHTqstelaLYAex
a44bCpFMJ//hS1rL5Gv0bKt4g57Nh+htcx7DLm2yJu26aamax4gUx/4iufI5ycCq
bKGBfpm2OZv3JMSRLoG6W0d/w14v5MUNMJ4tepszlRy61CW6n5WNb1mF0byPI611
FaICYlWH4oY5aQ==
-----END CERTIFICATE-----