Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
File:                     NhIf0uc0bus8H451uTyE-VhB9EY.mft (raw, json)
Hash identifier:          VAPMoqMmtI/JJ1p0VUe8+c9WE3Lw/aqdF3WtG+taPfA=
Subject key identifier:   DB:ED:3D:33:C9:94:BC:E7:6D:DA:DB:27:DE:C0:A0:4C:34:7D:D0:59
Authority key identifier: 36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46
Certificate issuer:       /CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
Certificate serial:       019CAC7E0CE64652B99A96ACC4B899BD5A0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
Manifest number:          055D
Signing time:             Mon 02 Mar 2026 03:01:07 +0000
Manifest this update:     Mon 02 Mar 2026 03:01:07 +0000
Manifest next update:     Tue 03 Mar 2026 03:01:07 +0000
Files and hashes:         1: NhIf0uc0bus8H451uTyE-VhB9EY.crl (hash: ZHskY7CG6+9iWsxAV1WTLcXdUmf6jBWT8l9L80yUT08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7e:0c:e6:46:52:b9:9a:96:ac:c4:b8:99:bd:5a:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
        Validity
            Not Before: Mar  2 03:01:07 2026 GMT
            Not After : Mar  3 03:01:07 2026 GMT
        Subject: CN=dbed3d33c994bce76ddadb27dec0a04c347dd059
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:67:71:16:37:5f:0e:15:88:ed:83:90:45:3f:
                    15:c3:a5:38:d1:11:2c:53:db:6b:5b:ef:a4:3b:53:
                    88:a7:55:99:f7:a3:b0:ed:2a:b7:98:bc:fd:e8:59:
                    77:cb:b7:3b:30:b0:6c:56:47:c8:fc:fd:bc:78:a2:
                    82:66:e7:83:60:a9:a5:98:9b:3b:e2:c5:ef:da:46:
                    bc:15:9b:76:6a:06:9d:b5:39:26:4d:4e:a5:c4:f9:
                    4a:e2:ff:9a:71:28:b6:7c:a9:55:5f:2c:64:51:c2:
                    cd:3f:dd:7d:92:8d:f0:62:52:84:f1:71:11:46:89:
                    b6:c8:90:36:85:b5:f0:1e:37:2c:5c:19:a1:6b:68:
                    4a:ba:96:04:b9:7c:a7:19:6e:1d:99:27:70:a6:6c:
                    d6:a0:df:94:73:d1:62:3c:74:40:b0:08:88:c2:a8:
                    1d:32:39:57:37:b3:87:76:25:23:b2:5a:14:bc:02:
                    fa:aa:ba:01:94:b6:8e:6b:a8:01:79:98:62:cb:ca:
                    b8:c9:e9:6f:b4:72:c0:7f:11:92:6f:c0:ae:4d:00:
                    39:9a:16:3b:de:2d:81:46:fa:7e:4f:f7:ab:c5:8d:
                    03:36:9d:41:cb:8b:75:03:59:14:3f:58:1a:a1:b6:
                    76:0e:46:2b:16:01:c0:fa:94:db:80:f9:16:04:10:
                    f1:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:ED:3D:33:C9:94:BC:E7:6D:DA:DB:27:DE:C0:A0:4C:34:7D:D0:59
            X509v3 Authority Key Identifier:
                keyid:36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:fd:ad:0b:4d:55:54:65:c4:c1:df:50:b8:c3:81:83:3e:ba:
         28:93:e0:c2:d3:c3:37:c9:1b:ce:e8:af:1a:02:9c:52:57:2b:
         ad:53:01:b9:50:77:db:47:0b:41:99:5b:4d:4f:7a:3b:e0:d6:
         11:4e:90:01:01:99:44:0b:14:1e:cc:ab:cc:b7:5e:5f:7a:fa:
         fe:b7:77:14:12:f0:54:ce:98:28:d6:65:e2:f8:1a:2e:91:b9:
         15:f3:33:fe:d4:6f:4b:ae:20:10:da:40:0f:ff:08:7e:10:be:
         b3:7f:17:29:83:3a:fe:1a:5a:9b:84:4a:87:d1:03:64:42:09:
         98:ac:50:f4:db:75:94:5e:f6:4f:d6:33:a7:5b:a5:36:3d:99:
         14:9b:f0:c3:52:49:03:42:99:99:c4:69:76:cc:b8:e0:bc:8c:
         15:62:f9:02:5a:8f:0d:d6:f4:0c:1a:51:ce:d2:f4:c3:d2:09:
         14:8c:c5:69:df:32:c9:21:73:ab:22:27:a8:21:f2:55:d1:00:
         a8:03:e8:11:dc:ef:10:5b:f8:91:2f:f7:66:e6:01:c4:3a:c2:
         ee:8e:02:27:cf:ea:1e:e9:18:95:7d:69:fb:85:06:e9:bd:78:
         7d:71:d2:70:d4:fc:e3:af:23:39:8c:2d:44:a7:ff:81:a5:2c:
         9e:91:7c:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfgzmRlK5mpasxLiZvVoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTIxZmQyZTczNDZlZWIzYzFmOGU3NWI5M2M4NGY5NTg0
MWY0NDYwHhcNMjYwMzAyMDMwMTA3WhcNMjYwMzAzMDMwMTA3WjAzMTEwLwYDVQQD
EyhkYmVkM2QzM2M5OTRiY2U3NmRkYWRiMjdkZWMwYTA0YzM0N2RkMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGdxFjdfDhWI7YOQRT8Vw6U40REs
U9trW++kO1OIp1WZ96Ow7Sq3mLz96Fl3y7c7MLBsVkfI/P28eKKCZueDYKmlmJs7
4sXv2ka8FZt2agadtTkmTU6lxPlK4v+acSi2fKlVXyxkUcLNP919ko3wYlKE8XER
Rom2yJA2hbXwHjcsXBmha2hKupYEuXynGW4dmSdwpmzWoN+Uc9FiPHRAsAiIwqgd
MjlXN7OHdiUjsloUvAL6qroBlLaOa6gBeZhiy8q4yelvtHLAfxGSb8CuTQA5mhY7
3i2BRvp+T/erxY0DNp1By4t1A1kUP1gaobZ2DkYrFgHA+pTbgPkWBBDxwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvtPTPJlLznbdrbJ97AoEw0fdBZMB8GA1UdIwQY
MBaAFDYSH9LnNG7rPB+Odbk8hPlYQfRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQt
YTg5ZTkzN2UyOWQxLzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQtYTg5ZTkzN2UyOWQx
LzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALv2tC01V
VGXEwd9QuMOBgz66KJPgwtPDN8kbzuivGgKcUlcrrVMBuVB320cLQZlbTU96O+DW
EU6QAQGZRAsUHsyrzLdeX3r6/rd3FBLwVM6YKNZl4vgaLpG5FfMz/tRvS64gENpA
D/8IfhC+s38XKYM6/hpam4RKh9EDZEIJmKxQ9Nt1lF72T9Yzp1ulNj2ZFJvww1JJ
A0KZmcRpdsy44LyMFWL5AlqPDdb0DBpRztL0w9IJFIzFad8yySFzqyInqCHyVdEA
qAPoEdzvEFv4kS/3ZuYBxDrC7o4CJ8/qHukYlX1p+4UG6b14fXHScNT8468jOYwt
RKf/gaUsnpF8Zw==
-----END CERTIFICATE-----