Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          34+wArW+Y+StNMkQGicQ5ovOgnWocDFo4bNlk5WsQX0=
Subject key identifier:   FF:FA:79:C8:06:8C:34:36:E6:EE:30:B9:C7:C5:C3:25:18:7F:05:0F
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       019CAAC69CB6EA5DD56AA224B977C5D64E33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          14D6
Signing time:             Sun 01 Mar 2026 19:01:08 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:08 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:08 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: xUaNx9u8qUd0GK2eJ1mQEXXASbv0JfUA/qoBmYJHruc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:9c:b6:ea:5d:d5:6a:a2:24:b9:77:c5:d6:4e:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Mar  1 19:01:08 2026 GMT
            Not After : Mar  2 19:01:08 2026 GMT
        Subject: CN=fffa79c8068c3436e6ee30b9c7c5c325187f050f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f9:e6:1e:ea:f8:3e:8f:a7:43:04:f1:85:1d:
                    9c:0b:36:ba:1b:7e:c5:4e:05:bc:f0:1a:78:d8:34:
                    5e:90:ff:24:be:3e:fa:b7:3c:05:70:d5:1b:06:3e:
                    d6:86:b2:37:96:10:ce:16:20:6b:7e:a4:aa:cf:f4:
                    1c:90:a1:3a:d0:6f:cc:c3:66:86:8e:4d:89:0e:a7:
                    86:3c:f2:43:98:e8:af:55:61:c1:53:d3:66:d4:c8:
                    06:d6:6b:27:3c:19:5d:fa:27:38:a4:9e:ae:74:53:
                    03:5b:a4:61:d8:3e:8a:9f:6b:36:2c:e1:f1:56:f5:
                    13:5f:28:ab:fa:26:de:f5:80:be:be:6e:e2:eb:db:
                    02:fb:ca:ec:32:c0:13:d8:5b:3b:41:5b:35:64:15:
                    36:19:bc:a3:7d:af:f5:50:8a:af:f9:a3:60:2b:2c:
                    d4:f1:b1:4a:28:84:6e:39:2c:bb:9a:a5:86:3d:95:
                    8b:ef:97:f0:29:54:ed:3c:75:5a:8a:c0:b7:88:ee:
                    6f:87:5e:93:5d:d5:23:57:97:5e:35:7e:5b:86:d2:
                    65:1a:ff:29:4f:92:0c:0c:48:d5:a8:fe:00:47:ad:
                    8f:8a:ae:06:1b:99:7b:52:2c:b8:99:bf:5c:ce:b1:
                    b7:d2:06:4f:07:ef:5d:a6:92:3d:d1:71:5a:61:45:
                    8f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:FA:79:C8:06:8C:34:36:E6:EE:30:B9:C7:C5:C3:25:18:7F:05:0F
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:30:80:f4:6f:2f:d7:cd:fa:15:90:72:d6:36:35:06:62:be:
         d5:d8:65:4e:ef:2f:6e:95:04:ae:67:c1:e4:58:c9:8c:09:17:
         8f:98:20:b3:fa:a3:38:2b:60:90:20:9d:03:cd:6d:41:f8:24:
         e9:d7:87:e1:db:66:97:ff:62:37:6d:95:02:7b:b8:30:3b:41:
         f0:b9:03:e9:a6:17:a4:26:8a:f3:1e:0d:b7:ad:81:90:34:c0:
         11:36:b3:8d:e0:8c:7b:e6:90:ff:e3:30:59:a9:20:f8:68:36:
         06:29:61:1e:ef:6d:19:1e:b1:76:b1:03:14:af:e7:6e:68:17:
         f5:41:ed:aa:ea:99:e1:de:de:5d:85:49:cb:15:35:9b:f0:3b:
         9f:6f:f6:e3:8e:67:74:12:51:29:97:77:87:22:ab:0e:e1:ee:
         30:07:48:20:1d:9c:df:95:aa:3d:17:7d:24:94:19:67:59:21:
         fe:de:ff:ce:7b:9f:6c:ee:25:4d:ac:09:3d:99:f8:f5:32:52:
         ce:53:95:11:51:31:78:8a:95:42:c9:7b:7a:d0:b7:af:2e:0a:
         cd:fa:ad:6e:53:c3:0c:f0:96:0b:94:81:66:a6:94:17:bc:94:
         9d:65:49:a9:26:9f:f3:48:e1:68:88:ee:8e:6e:05:0e:49:95:
         8d:61:eb:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxpy26l3VaqIkuXfF1k4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjYwMzAxMTkwMTA4WhcNMjYwMzAyMTkwMTA4WjAzMTEwLwYDVQQD
EyhmZmZhNzljODA2OGMzNDM2ZTZlZTMwYjljN2M1YzMyNTE4N2YwNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvnmHur4Po+nQwTxhR2cCza6G37F
TgW88Bp42DRekP8kvj76tzwFcNUbBj7WhrI3lhDOFiBrfqSqz/QckKE60G/Mw2aG
jk2JDqeGPPJDmOivVWHBU9Nm1MgG1msnPBld+ic4pJ6udFMDW6Rh2D6Kn2s2LOHx
VvUTXyir+ibe9YC+vm7i69sC+8rsMsAT2Fs7QVs1ZBU2Gbyjfa/1UIqv+aNgKyzU
8bFKKIRuOSy7mqWGPZWL75fwKVTtPHVaisC3iO5vh16TXdUjV5deNX5bhtJlGv8p
T5IMDEjVqP4AR62Piq4GG5l7Uiy4mb9czrG30gZPB+9dppI90XFaYUWPWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/6ecgGjDQ25u4wucfFwyUYfwUPMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDCA9G8v
1836FZBy1jY1BmK+1dhlTu8vbpUErmfB5FjJjAkXj5ggs/qjOCtgkCCdA81tQfgk
6deH4dtml/9iN22VAnu4MDtB8LkD6aYXpCaK8x4Nt62BkDTAETazjeCMe+aQ/+Mw
Wakg+Gg2BilhHu9tGR6xdrEDFK/nbmgX9UHtquqZ4d7eXYVJyxU1m/A7n2/2445n
dBJRKZd3hyKrDuHuMAdIIB2c35WqPRd9JJQZZ1kh/t7/znufbO4lTawJPZn49TJS
zlOVEVExeIqVQsl7etC3ry4KzfqtblPDDPCWC5SBZqaUF7yUnWVJqSaf80jhaIju
jm4FDkmVjWHrxg==
-----END CERTIFICATE-----