Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          oS8FlAKHT10ya/rz7yqNI302gCsUvNPnDEFmlt0lZbE=
Subject key identifier:   20:8A:F4:97:39:A9:EF:BB:F2:C8:0A:92:DA:FE:DD:8D:2C:54:47:5A
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       019CABD93B3C256D7851969F079D949A51C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          16F2
Signing time:             Mon 02 Mar 2026 00:01:06 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:06 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:06 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: 6Gkbssv1ulrc3S+aDTqd6D/V2yAEvrmU0Y2fcqRv8lQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:3b:3c:25:6d:78:51:96:9f:07:9d:94:9a:51:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Mar  2 00:01:06 2026 GMT
            Not After : Mar  3 00:01:06 2026 GMT
        Subject: CN=208af49739a9efbbf2c80a92dafedd8d2c54475a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fa:df:46:d3:22:9c:e0:a9:6c:b8:cb:a0:4d:
                    a2:97:10:09:25:ae:67:24:3e:21:fe:21:e2:1e:e9:
                    03:be:59:ac:93:e7:79:59:03:95:e4:4b:81:dc:7f:
                    00:1b:11:db:7d:fd:f1:28:60:42:99:96:2b:96:94:
                    14:9c:19:7e:64:ff:05:af:af:5a:45:f2:af:ce:72:
                    62:0d:be:12:da:34:e7:ef:e1:75:05:ae:02:67:e0:
                    ba:59:b6:f8:1a:5e:6c:ec:23:1d:4b:b8:79:20:59:
                    cf:92:97:d4:28:15:ca:9d:85:3f:38:12:68:e0:d8:
                    94:19:1a:0f:31:b6:b6:d3:d7:d6:2a:64:40:92:ca:
                    20:01:41:21:46:28:d2:2d:22:17:17:80:6e:84:6a:
                    96:8d:c1:f3:5d:5b:ac:0d:3c:71:12:6d:72:24:34:
                    42:ec:c7:d0:12:27:09:0a:23:04:79:d7:82:2f:9c:
                    11:ca:5c:8f:87:68:df:c3:bb:2b:6b:c0:6d:e1:c9:
                    7a:d9:76:82:5b:0a:6e:25:9d:96:b9:c1:a9:49:04:
                    e2:c0:55:57:22:2e:71:21:50:4b:38:de:13:fa:7b:
                    68:bf:fe:f4:fa:a1:a9:cc:d6:a9:c2:2a:9a:49:75:
                    0f:5f:a3:7f:93:04:3b:14:da:e3:b5:59:74:24:1f:
                    5e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:8A:F4:97:39:A9:EF:BB:F2:C8:0A:92:DA:FE:DD:8D:2C:54:47:5A
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:2a:d8:a5:2a:eb:4c:f7:0d:25:d0:d0:b5:cf:54:46:5f:5a:
         d5:a9:cf:4f:4b:a2:1e:da:c4:25:09:14:1e:5d:43:3d:6f:1a:
         79:dd:a5:2a:e7:04:24:7a:83:70:0f:1d:69:f8:3f:78:62:1f:
         37:b7:bc:55:92:86:10:d8:b1:ca:1b:1c:66:ff:8d:40:24:ae:
         d8:fe:f1:ef:53:fb:7a:50:22:ec:85:12:e9:0b:1d:a0:4a:3e:
         ba:a2:38:5a:4a:7a:62:6d:bf:a5:a8:7a:8b:78:b3:b2:09:a8:
         fc:ea:24:75:3a:1e:48:4f:4d:26:95:e9:0a:60:3d:3d:79:11:
         55:f6:1b:06:71:c3:39:bb:3b:70:bd:09:98:2c:69:a6:86:8b:
         a9:69:a7:37:09:1e:fd:fc:54:94:90:80:88:a2:4d:25:24:a9:
         ff:c7:08:d1:d2:c5:d8:2f:2d:3f:8e:90:2c:14:63:4a:20:f8:
         db:5a:f5:07:66:33:86:f2:d3:d0:24:36:d7:6a:26:e5:37:be:
         7d:a7:8a:50:2d:2f:97:db:5b:5b:4c:64:44:ab:b7:36:d0:3e:
         22:59:fa:b5:bb:3f:38:2c:4d:3d:f0:15:df:91:5b:2c:04:ef:
         17:c7:b3:35:98:34:49:54:b7:bf:ad:85:1d:f8:48:93:19:e7:
         df:b3:0b:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2Ts8JW14UZafB52UmlHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjYwMzAyMDAwMTA2WhcNMjYwMzAzMDAwMTA2WjAzMTEwLwYDVQQD
EygyMDhhZjQ5NzM5YTllZmJiZjJjODBhOTJkYWZlZGQ4ZDJjNTQ0NzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/rfRtMinOCpbLjLoE2ilxAJJa5n
JD4h/iHiHukDvlmsk+d5WQOV5EuB3H8AGxHbff3xKGBCmZYrlpQUnBl+ZP8Fr69a
RfKvznJiDb4S2jTn7+F1Ba4CZ+C6Wbb4Gl5s7CMdS7h5IFnPkpfUKBXKnYU/OBJo
4NiUGRoPMba209fWKmRAksogAUEhRijSLSIXF4BuhGqWjcHzXVusDTxxEm1yJDRC
7MfQEicJCiMEedeCL5wRylyPh2jfw7sra8Bt4cl62XaCWwpuJZ2WucGpSQTiwFVX
Ii5xIVBLON4T+ntov/70+qGpzNapwiqaSXUPX6N/kwQ7FNrjtVl0JB9ewwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCK9Jc5qe+78sgKktr+3Y0sVEdaMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALCrYpSrr
TPcNJdDQtc9URl9a1anPT0uiHtrEJQkUHl1DPW8aed2lKucEJHqDcA8dafg/eGIf
N7e8VZKGENixyhscZv+NQCSu2P7x71P7elAi7IUS6QsdoEo+uqI4Wkp6Ym2/pah6
i3izsgmo/OokdToeSE9NJpXpCmA9PXkRVfYbBnHDObs7cL0JmCxppoaLqWmnNwke
/fxUlJCAiKJNJSSp/8cI0dLF2C8tP46QLBRjSiD421r1B2YzhvLT0CQ212om5Te+
faeKUC0vl9tbW0xkRKu3NtA+Iln6tbs/OCxNPfAV35FbLATvF8ezNZg0SVS3v62F
HfhIkxnn37ML3A==
-----END CERTIFICATE-----