Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
File:                     NO2iVBz8z2guKd2uYx7cjR57b2A.mft (raw, json)
Hash identifier:          veTXv1QfxUfHK+xxbpmWvnJh1OJcu43vWun5dsb+LTQ=
Subject key identifier:   1F:B2:64:D7:A0:64:8E:4F:4F:81:82:DD:D1:2B:3B:76:0A:A1:BE:42
Authority key identifier: 34:ED:A2:54:1C:FC:CF:68:2E:29:DD:AE:63:1E:DC:8D:1E:7B:6F:60
Certificate issuer:       /CN=34eda2541cfccf682e29ddae631edc8d1e7b6f60
Certificate serial:       019CAB6B14679CF36D6261FD145AD6D92BFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
Manifest number:          08F4
Signing time:             Sun 01 Mar 2026 22:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:47 +0000
Files and hashes:         1: NO2iVBz8z2guKd2uYx7cjR57b2A.crl (hash: BYdSLSv0QGhzet0Ux7SnMVYanx/Lnobi8NmIwDWHHwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:14:67:9c:f3:6d:62:61:fd:14:5a:d6:d9:2b:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34eda2541cfccf682e29ddae631edc8d1e7b6f60
        Validity
            Not Before: Mar  1 22:00:47 2026 GMT
            Not After : Mar  2 22:00:47 2026 GMT
        Subject: CN=1fb264d7a0648e4f4f8182ddd12b3b760aa1be42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:39:e5:39:f7:af:ae:15:a7:91:8f:47:52:c0:
                    f3:1c:95:09:1c:bb:4e:ae:ee:9f:0e:e5:76:98:08:
                    4e:f2:c7:82:65:cd:04:00:2c:a9:18:c4:f3:9f:b8:
                    7f:c6:8e:93:ed:fb:4c:9e:db:a1:87:38:c7:d4:c2:
                    d8:2d:93:a1:0a:1f:d7:49:8a:ae:d6:5a:82:6b:7d:
                    34:76:2d:ab:ba:39:bc:35:96:13:3c:ff:49:7e:ae:
                    a9:95:d3:21:ca:d5:f8:89:ca:03:e4:3f:03:a0:65:
                    bd:01:ff:75:86:7e:d1:23:95:1a:4e:e8:7b:3c:fa:
                    bb:b9:1c:17:a7:3c:09:9f:aa:a3:e7:2e:72:f4:2d:
                    7f:b3:4d:39:22:09:51:79:07:c7:04:41:42:10:a7:
                    be:55:6e:2b:05:81:5e:15:56:de:ba:f2:cb:3e:e5:
                    58:f6:11:f5:04:19:1c:d9:10:92:ac:83:33:98:a1:
                    ef:e8:bb:e6:39:a0:18:e4:e3:73:65:68:6f:77:a3:
                    ad:9a:97:34:3a:ef:ca:ce:34:b6:e0:e3:08:e4:41:
                    7b:31:05:b6:ef:e3:de:26:02:f1:3a:55:d9:f7:4c:
                    0b:1f:3a:f2:23:c5:d2:4f:5f:48:4a:25:1d:2c:50:
                    e3:f3:c4:97:3b:36:ba:6a:16:48:e8:10:f1:cf:1a:
                    23:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B2:64:D7:A0:64:8E:4F:4F:81:82:DD:D1:2B:3B:76:0A:A1:BE:42
            X509v3 Authority Key Identifier:
                keyid:34:ED:A2:54:1C:FC:CF:68:2E:29:DD:AE:63:1E:DC:8D:1E:7B:6F:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:fb:3d:37:61:70:39:e3:3b:9f:a0:36:32:e9:7a:ce:22:4e:
         8a:62:7a:9d:b6:a5:40:42:8e:ff:4d:19:be:2c:cd:3f:da:66:
         68:b2:92:2b:52:fa:96:fc:13:b4:b6:26:bc:1a:9b:f9:9e:96:
         a7:99:58:f8:20:d6:be:f3:d2:37:ce:a9:b1:3b:9b:6a:10:dd:
         c4:93:f2:60:e6:18:32:ea:16:32:0b:44:61:c6:1d:fa:35:2c:
         0f:bc:30:cc:29:57:c6:55:f7:5c:2f:2a:06:cb:4d:60:74:58:
         2d:e6:fc:79:9c:be:42:62:58:9f:67:1f:55:87:94:3a:de:7b:
         fb:b7:f8:16:a6:e2:8e:d9:53:08:f8:0c:ef:c2:9e:de:0c:f4:
         0a:dc:ff:23:89:8e:33:52:e1:20:30:d2:6a:49:da:3a:89:7f:
         f5:ba:22:aa:75:bf:5d:b3:30:56:a9:3e:8c:e0:b2:6e:96:1b:
         c0:c5:3b:8c:84:a0:d2:91:94:57:b5:bf:d9:81:af:77:65:cc:
         18:54:51:fe:24:1e:bd:28:84:40:05:ae:67:2d:89:2d:8d:9b:
         0a:66:43:f4:dc:a4:dc:80:29:ca:4e:17:4d:ae:96:57:a6:23:
         4a:9e:4a:ee:57:47:85:33:c6:e5:a0:79:f6:d2:92:b9:ac:c5:
         09:58:a9:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraxRnnPNtYmH9FFrW2Sv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZWRhMjU0MWNmY2NmNjgyZTI5ZGRhZTYzMWVkYzhkMWU3
YjZmNjAwHhcNMjYwMzAxMjIwMDQ3WhcNMjYwMzAyMjIwMDQ3WjAzMTEwLwYDVQQD
EygxZmIyNjRkN2EwNjQ4ZTRmNGY4MTgyZGRkMTJiM2I3NjBhYTFiZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTnlOfevrhWnkY9HUsDzHJUJHLtO
ru6fDuV2mAhO8seCZc0EACypGMTzn7h/xo6T7ftMntuhhzjH1MLYLZOhCh/XSYqu
1lqCa300di2rujm8NZYTPP9Jfq6pldMhytX4icoD5D8DoGW9Af91hn7RI5UaTuh7
PPq7uRwXpzwJn6qj5y5y9C1/s005IglReQfHBEFCEKe+VW4rBYFeFVbeuvLLPuVY
9hH1BBkc2RCSrIMzmKHv6LvmOaAY5ONzZWhvd6Otmpc0Ou/KzjS24OMI5EF7MQW2
7+PeJgLxOlXZ90wLHzryI8XST19ISiUdLFDj88SXOza6ahZI6BDxzxojPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+yZNegZI5PT4GC3dErO3YKob5CMB8GA1UdIwQY
MBaAFDTtolQc/M9oLindrmMe3I0ee29gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jNzI0NGUtYjEwMy00M2IxLTkxMmYt
YWE2MzJkZGI3NjE1LzEvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jNzI0NGUtYjEwMy00M2IxLTkxMmYtYWE2MzJkZGI3NjE1
LzEvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy/s9N2Fw
OeM7n6A2Mul6ziJOimJ6nbalQEKO/00ZvizNP9pmaLKSK1L6lvwTtLYmvBqb+Z6W
p5lY+CDWvvPSN86psTubahDdxJPyYOYYMuoWMgtEYcYd+jUsD7wwzClXxlX3XC8q
BstNYHRYLeb8eZy+QmJYn2cfVYeUOt57+7f4FqbijtlTCPgM78Ke3gz0Ctz/I4mO
M1LhIDDSaknaOol/9boiqnW/XbMwVqk+jOCybpYbwMU7jISg0pGUV7W/2YGvd2XM
GFRR/iQevSiEQAWuZy2JLY2bCmZD9Nyk3IApyk4XTa6WV6YjSp5K7ldHhTPG5aB5
9tKSuazFCVip5g==
-----END CERTIFICATE-----