Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          vNJznPc1CvTYQXfFkxhrQFPaxYgKh8oRDrafLIes1N4=
Subject key identifier:   18:84:AC:E4:09:8B:3F:39:F5:D1:44:89:65:27:57:D0:9F:5E:D1:1C
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       019D9962FB5119D55E15C29BAF19CF8E1B8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          176D
Signing time:             Fri 17 Apr 2026 03:01:34 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:34 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:34 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: Fh1VUSKHLs2SVzRwWtQSl+28ShXF2o79zDvpivLRylE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:fb:51:19:d5:5e:15:c2:9b:af:19:cf:8e:1b:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Apr 17 03:01:34 2026 GMT
            Not After : Apr 18 03:01:34 2026 GMT
        Subject: CN=1884ace4098b3f39f5d14489652757d09f5ed11c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:b1:fd:f2:e4:96:f8:6e:41:95:ed:91:e2:11:
                    5f:7d:41:53:8b:a0:50:23:07:59:9d:f0:2b:09:fb:
                    f9:54:60:ad:ba:a5:1a:c8:c8:a4:70:bf:56:c6:d1:
                    1f:00:3f:97:15:e2:01:60:28:94:62:5f:8f:4a:0b:
                    81:11:31:60:11:04:72:96:b8:57:83:a2:26:89:61:
                    d3:17:51:5c:a0:d0:f9:ec:7e:e7:e7:b4:c3:a1:6b:
                    c6:7c:ef:7b:5a:e1:88:ce:04:66:ae:d6:a2:85:e7:
                    da:46:88:42:33:5b:d0:68:cc:22:fb:fc:f7:c1:1b:
                    6f:fa:76:0a:65:86:72:ca:d8:b9:ee:39:bc:0f:52:
                    60:b7:24:d5:c4:03:9a:15:b8:22:d6:3a:77:69:9b:
                    1f:49:6e:74:b8:06:1c:17:12:24:57:51:d3:42:cf:
                    97:5d:6e:1f:97:7a:46:a0:cf:cf:33:f1:0f:e4:68:
                    d6:9e:9c:de:e3:02:f1:28:5b:fb:e4:3e:60:4e:82:
                    1a:3a:b3:ed:11:8e:48:fa:13:fd:4a:7e:ea:8c:f9:
                    24:b1:30:d8:fd:4a:01:b1:f9:24:6c:e7:73:6a:b6:
                    17:ad:93:de:6c:92:73:7a:13:c3:a2:5f:c9:a0:56:
                    af:ae:3a:0e:a8:06:81:6e:dc:71:17:87:1b:96:f2:
                    f5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:84:AC:E4:09:8B:3F:39:F5:D1:44:89:65:27:57:D0:9F:5E:D1:1C
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:4a:6a:2a:c1:e0:91:a5:65:d6:96:82:a6:7f:b7:21:a0:d8:
         93:35:22:04:d0:fe:85:ca:7a:fc:26:73:86:9b:1a:7d:6b:f5:
         55:77:23:38:ce:99:30:57:94:98:5d:9e:32:7b:e7:9f:b5:e7:
         3f:d1:ff:2e:6a:5d:8f:c5:21:66:93:c7:71:c7:7b:1d:f6:98:
         2c:ab:04:be:ff:9d:ba:30:b9:b9:c0:ed:d3:2e:5d:6e:ca:d9:
         c8:11:fc:5c:4b:1c:6d:17:2b:ac:73:2e:d2:0c:3f:a3:84:cb:
         f4:06:7c:52:e7:9a:58:48:8a:70:81:b4:3c:81:00:8e:86:6a:
         a4:98:f7:ad:2a:b5:e2:6e:78:85:a5:b4:20:2d:b2:fe:17:c7:
         ed:d6:9e:9d:7e:da:19:52:8f:4e:82:07:a9:e4:0c:4c:9f:a0:
         2d:4c:87:d2:3a:19:17:49:c6:56:93:d1:4a:02:fa:94:f1:de:
         c9:d1:5e:4f:fd:cc:bf:a9:b9:da:c9:9a:20:09:2f:c9:3f:6b:
         3e:7b:62:aa:e4:01:e2:30:42:70:97:1f:ae:7f:e3:59:45:9c:
         66:af:3d:01:cb:a6:94:37:d7:6f:9b:5c:99:db:68:b0:b6:0d:
         8d:75:ec:b6:e6:10:f1:33:de:a0:a1:cc:86:05:7e:31:45:d3:
         0d:f1:b9:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYvtRGdVeFcKbrxnPjhuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjYwNDE3MDMwMTM0WhcNMjYwNDE4MDMwMTM0WjAzMTEwLwYDVQQD
EygxODg0YWNlNDA5OGIzZjM5ZjVkMTQ0ODk2NTI3NTdkMDlmNWVkMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rH98uSW+G5Ble2R4hFffUFTi6BQ
IwdZnfArCfv5VGCtuqUayMikcL9WxtEfAD+XFeIBYCiUYl+PSguBETFgEQRylrhX
g6ImiWHTF1FcoND57H7n57TDoWvGfO97WuGIzgRmrtaihefaRohCM1vQaMwi+/z3
wRtv+nYKZYZyyti57jm8D1JgtyTVxAOaFbgi1jp3aZsfSW50uAYcFxIkV1HTQs+X
XW4fl3pGoM/PM/EP5GjWnpze4wLxKFv75D5gToIaOrPtEY5I+hP9Sn7qjPkksTDY
/UoBsfkkbOdzarYXrZPebJJzehPDol/JoFavrjoOqAaBbtxxF4cblvL1JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiErOQJiz859dFEiWUnV9CfXtEcMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgEpqKsHg
kaVl1paCpn+3IaDYkzUiBND+hcp6/CZzhpsafWv1VXcjOM6ZMFeUmF2eMnvnn7Xn
P9H/Lmpdj8UhZpPHccd7HfaYLKsEvv+dujC5ucDt0y5dbsrZyBH8XEscbRcrrHMu
0gw/o4TL9AZ8UueaWEiKcIG0PIEAjoZqpJj3rSq14m54haW0IC2y/hfH7daenX7a
GVKPToIHqeQMTJ+gLUyH0joZF0nGVpPRSgL6lPHeydFeT/3Mv6m52smaIAkvyT9r
PntiquQB4jBCcJcfrn/jWUWcZq89AcumlDfXb5tcmdtosLYNjXXstuYQ8TPeoKHM
hgV+MUXTDfG58g==
-----END CERTIFICATE-----