Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
File:                     NHi9VqAesq4wdvaW0B1P_NFAGp8.mft (raw, json)
Hash identifier:          LD106ALMlxJPAbj3T0S2eQyPAl0Dk9BTyKug7NonV74=
Subject key identifier:   F5:20:61:63:9F:8E:43:CD:3C:BD:C1:3D:0C:BF:EB:73:EA:2F:EB:EE
Authority key identifier: 34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F
Certificate issuer:       /CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
Certificate serial:       019CAB6B012ACCDD8DE99AE486398DC795B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
Manifest number:          1845
Signing time:             Sun 01 Mar 2026 22:00:42 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:42 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:42 +0000
Files and hashes:         1: NHi9VqAesq4wdvaW0B1P_NFAGp8.crl (hash: 8vlwr4eGeBXIWPqGxMZXC+9Ex6N+4pVjxvaGBY8lEaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:01:2a:cc:dd:8d:e9:9a:e4:86:39:8d:c7:95:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
        Validity
            Not Before: Mar  1 22:00:42 2026 GMT
            Not After : Mar  2 22:00:42 2026 GMT
        Subject: CN=f52061639f8e43cd3cbdc13d0cbfeb73ea2febee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:de:ef:e2:b7:e6:22:fb:1f:0e:0c:78:6f:da:
                    55:34:d8:b0:5c:91:9f:bb:b7:a4:cc:01:89:6d:fc:
                    9a:6b:7d:0f:d5:b9:96:bf:60:56:c0:4c:55:eb:b0:
                    90:e4:80:c4:79:29:be:76:fe:7c:71:2c:e2:89:d1:
                    97:d4:ef:f3:0c:93:51:95:b8:67:51:07:3c:75:16:
                    47:91:a1:a0:77:81:be:4b:58:7a:d7:d6:18:98:e5:
                    0c:b6:43:39:a5:22:41:fe:5e:c7:01:fa:59:08:9d:
                    7a:9a:25:bb:68:4d:45:f3:82:c9:14:33:f1:9d:e1:
                    d7:43:c5:e0:b6:d4:14:db:b4:3e:90:4b:12:e7:1a:
                    b3:a2:b4:bd:8c:78:e6:50:fe:1e:ee:04:9c:d4:4f:
                    9b:d0:36:fe:0f:a4:ee:6f:27:76:96:87:da:06:6b:
                    b5:5f:03:1f:af:dd:40:0d:21:c1:60:e9:76:ce:bb:
                    dd:35:2f:fe:88:85:c8:69:2c:dc:79:17:7d:d0:4b:
                    cf:98:91:6d:19:fc:ee:cc:42:68:12:42:4c:6a:7a:
                    27:73:d0:25:6d:f8:5d:09:fc:8a:e1:d5:4e:0c:34:
                    71:96:5c:03:09:90:22:0d:83:be:26:bd:f7:40:2a:
                    ac:d5:a8:4a:c3:ef:b8:c5:6b:a4:9f:42:25:ff:a5:
                    6c:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:20:61:63:9F:8E:43:CD:3C:BD:C1:3D:0C:BF:EB:73:EA:2F:EB:EE
            X509v3 Authority Key Identifier:
                keyid:34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:2a:a4:6b:2d:74:16:90:73:51:b3:77:12:56:24:d7:8b:b3:
         07:36:e4:56:79:bb:a4:23:3e:3e:32:15:a1:38:e5:53:cd:5d:
         e4:73:66:8e:b1:ba:75:9a:a4:8f:6d:98:6d:56:8f:fd:98:21:
         08:c8:db:0f:4b:50:55:98:f4:20:a2:5c:2c:08:15:a4:cd:2d:
         1d:7a:d7:6d:56:28:6e:8d:cb:67:ec:80:4d:fb:27:fe:22:55:
         f7:7a:f3:df:34:30:27:41:9f:29:ee:2f:e8:b9:c0:43:03:a7:
         89:2d:ad:aa:b3:1c:15:e2:bf:f4:ce:c0:a5:32:f9:f5:9a:2f:
         3a:0c:95:c1:d4:5d:ee:93:1b:3b:a5:04:fc:c8:7d:2b:9c:97:
         a8:d2:9c:14:16:d3:40:be:1d:0d:7f:a8:56:57:20:71:97:ba:
         3a:98:50:fe:e1:df:bf:88:fc:66:f9:3a:cd:f9:d0:ef:c0:a6:
         08:28:6c:ef:db:09:38:ef:83:7c:9f:5f:10:6b:6e:02:fd:76:
         2f:24:0a:b8:a0:a4:4c:0c:39:ef:fe:db:f6:3c:55:35:76:b0:
         35:72:2d:58:7e:d4:12:be:cc:93:ac:52:6d:0f:b6:98:8f:65:
         33:68:fb:f3:cc:a6:df:ad:ae:eb:26:20:a7:33:97:6c:4d:6e:
         ec:45:03:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawEqzN2N6ZrkhjmNx5WxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhiZDU2YTAxZWIyYWUzMDc2ZjY5NmQwMWQ0ZmZjZDE0
MDFhOWYwHhcNMjYwMzAxMjIwMDQyWhcNMjYwMzAyMjIwMDQyWjAzMTEwLwYDVQQD
EyhmNTIwNjE2MzlmOGU0M2NkM2NiZGMxM2QwY2JmZWI3M2VhMmZlYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt7v4rfmIvsfDgx4b9pVNNiwXJGf
u7ekzAGJbfyaa30P1bmWv2BWwExV67CQ5IDEeSm+dv58cSziidGX1O/zDJNRlbhn
UQc8dRZHkaGgd4G+S1h619YYmOUMtkM5pSJB/l7HAfpZCJ16miW7aE1F84LJFDPx
neHXQ8XgttQU27Q+kEsS5xqzorS9jHjmUP4e7gSc1E+b0Db+D6Tubyd2lofaBmu1
XwMfr91ADSHBYOl2zrvdNS/+iIXIaSzceRd90EvPmJFtGfzuzEJoEkJManonc9Al
bfhdCfyK4dVODDRxllwDCZAiDYO+Jr33QCqs1ahKw++4xWukn0Il/6VsdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUgYWOfjkPNPL3BPQy/63PqL+vuMB8GA1UdIwQY
MBaAFDR4vVagHrKuMHb2ltAdT/zRQBqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAt
ODM5NmY4YzYyNTVhLzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAtODM5NmY4YzYyNTVh
LzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApyqkay10
FpBzUbN3ElYk14uzBzbkVnm7pCM+PjIVoTjlU81d5HNmjrG6dZqkj22YbVaP/Zgh
CMjbD0tQVZj0IKJcLAgVpM0tHXrXbVYobo3LZ+yATfsn/iJV93rz3zQwJ0GfKe4v
6LnAQwOniS2tqrMcFeK/9M7ApTL59ZovOgyVwdRd7pMbO6UE/Mh9K5yXqNKcFBbT
QL4dDX+oVlcgcZe6OphQ/uHfv4j8Zvk6zfnQ78CmCChs79sJOO+DfJ9fEGtuAv12
LyQKuKCkTAw57/7b9jxVNXawNXItWH7UEr7Mk6xSbQ+2mI9lM2j788ym362u6yYg
pzOXbE1u7EUDpQ==
-----END CERTIFICATE-----