Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
File:                     NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json)
Hash identifier:          vHebeRPKP8dDO9t+TjEKQv4BWtIGbLWBEm0fkvDAjDY=
Subject key identifier:   38:2E:4B:6C:43:DF:71:B2:65:F7:EA:7F:CF:16:C3:3C:59:7D:B4:EF
Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85
Certificate issuer:       /CN=3466e497e8ba92830847b4d8b6710325d23bda85
Certificate serial:       019CAC103069C430334AB96E951E6667F23D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
Manifest number:          08A5
Signing time:             Mon 02 Mar 2026 01:01:07 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:07 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:07 +0000
Files and hashes:         1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: DgD/UJh4xQg3ye3uzObyi/EjOBh61otHpPNNln8XN4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:30:69:c4:30:33:4a:b9:6e:95:1e:66:67:f2:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85
        Validity
            Not Before: Mar  2 01:01:07 2026 GMT
            Not After : Mar  3 01:01:07 2026 GMT
        Subject: CN=382e4b6c43df71b265f7ea7fcf16c33c597db4ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:79:8e:3e:c0:a3:c8:3f:c0:fa:3a:76:08:56:
                    93:1c:bd:3d:1b:31:83:2e:29:c3:96:f1:15:eb:d4:
                    fa:a4:f8:75:58:53:2f:6a:eb:4d:e2:9d:19:56:2a:
                    a4:10:f1:d3:c9:e9:55:bb:3c:ce:6c:ec:23:7c:e9:
                    5a:38:26:52:f2:ac:c3:b3:bd:c5:7d:fb:c2:ff:64:
                    05:0e:96:40:64:14:a6:d4:30:21:fc:9f:35:e2:82:
                    8e:56:31:5c:eb:14:1f:bd:60:a9:51:7b:99:a5:1e:
                    6c:6e:77:b5:a0:aa:8c:85:30:4a:34:cf:f3:10:3c:
                    c7:26:80:e8:a5:29:bf:f3:9e:6d:7b:73:dd:a9:53:
                    1e:93:7f:6b:b1:87:d1:d1:f6:be:6e:ed:5f:e2:d5:
                    46:ba:d0:42:d9:66:73:9d:b1:98:c6:a5:10:1a:0b:
                    f6:a9:62:c9:2c:18:34:24:75:4f:03:a6:c1:7c:13:
                    4d:6e:56:f1:94:3b:43:0d:80:67:13:47:92:4f:2c:
                    50:88:3d:67:91:68:f2:14:30:33:2e:cd:0e:76:9f:
                    01:45:20:39:ca:b0:7d:76:c7:2a:4f:01:c8:31:41:
                    ad:22:51:b5:7a:98:45:10:64:5b:1c:72:0c:e4:bc:
                    6f:b2:a8:6c:8a:33:74:d0:75:24:b5:8d:4d:e4:00:
                    a7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:2E:4B:6C:43:DF:71:B2:65:F7:EA:7F:CF:16:C3:3C:59:7D:B4:EF
            X509v3 Authority Key Identifier:
                keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:85:47:27:a0:6d:5d:be:0c:90:74:97:87:92:11:40:17:02:
         b4:12:c1:77:a8:60:20:85:f8:e4:9a:4d:c1:46:44:0e:f9:38:
         2f:0a:3f:63:09:ac:db:f5:33:6e:c0:0d:f1:04:83:4c:04:31:
         4d:4e:d3:f6:f5:93:48:39:a9:a6:6b:06:82:81:1f:4e:46:b7:
         ea:40:04:94:56:48:1d:1c:db:a2:2f:c8:82:63:10:fc:6d:aa:
         9c:15:d0:79:3c:42:d7:66:b5:34:20:f7:5b:69:6b:49:85:dc:
         98:2b:3d:46:a5:3b:e2:74:8d:4a:1a:a4:a7:13:2c:9a:f5:c6:
         6c:26:eb:ac:cf:71:1b:f5:a7:12:ad:5c:10:71:5c:bb:2a:39:
         e1:cd:10:18:de:d3:fd:9c:9c:55:f8:28:80:8d:6d:d9:67:15:
         87:8d:2f:11:07:34:d4:6c:4d:99:58:a9:1c:5b:67:0d:6f:9b:
         04:0a:14:3a:5e:a2:6e:cf:14:ec:ec:53:a8:8d:c9:e2:33:09:
         36:10:15:18:45:2a:97:a1:0a:e2:35:45:4c:04:d4:d9:59:7e:
         13:50:eb:f1:f8:f7:8a:e0:3e:3f:d5:63:f1:95:2d:8a:89:03:
         5e:3d:af:5f:23:b1:04:4f:8c:0a:95:67:fa:88:b3:bb:5c:9e:
         70:30:2f:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEDBpxDAzSrlulR5mZ/I9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz
YmRhODUwHhcNMjYwMzAyMDEwMTA3WhcNMjYwMzAzMDEwMTA3WjAzMTEwLwYDVQQD
EygzODJlNGI2YzQzZGY3MWIyNjVmN2VhN2ZjZjE2YzMzYzU5N2RiNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XmOPsCjyD/A+jp2CFaTHL09GzGD
LinDlvEV69T6pPh1WFMvautN4p0ZViqkEPHTyelVuzzObOwjfOlaOCZS8qzDs73F
ffvC/2QFDpZAZBSm1DAh/J814oKOVjFc6xQfvWCpUXuZpR5sbne1oKqMhTBKNM/z
EDzHJoDopSm/855te3PdqVMek39rsYfR0fa+bu1f4tVGutBC2WZznbGYxqUQGgv2
qWLJLBg0JHVPA6bBfBNNblbxlDtDDYBnE0eSTyxQiD1nkWjyFDAzLs0Odp8BRSA5
yrB9dscqTwHIMUGtIlG1ephFEGRbHHIM5LxvsqhsijN00HUktY1N5ACnnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDguS2xD33GyZffqf88WwzxZfbTvMB8GA1UdIwQY
MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt
ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm
LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIVHJ6Bt
Xb4MkHSXh5IRQBcCtBLBd6hgIIX45JpNwUZEDvk4Lwo/Ywms2/UzbsAN8QSDTAQx
TU7T9vWTSDmppmsGgoEfTka36kAElFZIHRzboi/IgmMQ/G2qnBXQeTxC12a1NCD3
W2lrSYXcmCs9RqU74nSNShqkpxMsmvXGbCbrrM9xG/WnEq1cEHFcuyo54c0QGN7T
/ZycVfgogI1t2WcVh40vEQc01GxNmVipHFtnDW+bBAoUOl6ibs8U7OxTqI3J4jMJ
NhAVGEUql6EK4jVFTATU2Vl+E1Dr8fj3iuA+P9Vj8ZUtiokDXj2vXyOxBE+MCpVn
+oizu1yecDAv8A==
-----END CERTIFICATE-----