Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          Yf6gk6DdCRN/kazqVTHpc9q5WOGbSSyaikm5idl0kco=
Subject key identifier:   A3:13:32:01:B5:FD:DB:B5:F2:84:11:D2:44:10:CB:DF:01:99:37:3A
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       019D9850AFACD80612CB657FCABB4F4F9470
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          1551
Signing time:             Thu 16 Apr 2026 22:01:57 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:57 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:57 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: wcWYiT9VATqyJ7JHuaud+O2kMJbekReXFAHswVxKPQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:af:ac:d8:06:12:cb:65:7f:ca:bb:4f:4f:94:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Apr 16 22:01:57 2026 GMT
            Not After : Apr 17 22:01:57 2026 GMT
        Subject: CN=a3133201b5fddbb5f28411d24410cbdf0199373a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b1:4f:ae:cd:46:79:ae:a3:0a:e4:29:5e:4f:
                    1a:26:08:02:b3:a9:b4:2b:7d:ea:d0:dd:4c:c6:3f:
                    59:23:a3:ba:27:ca:15:c4:f6:e9:ba:78:a8:66:7a:
                    68:ad:bc:90:6c:e0:53:6f:3a:07:b4:32:da:2f:c8:
                    e2:72:ad:60:63:b1:9b:59:93:b7:d6:57:3c:b7:c0:
                    e2:ed:89:85:25:6e:bb:e1:31:7b:45:ce:6b:aa:be:
                    a7:86:af:e8:a8:91:28:f5:e6:29:f9:ea:04:16:69:
                    92:13:3d:ea:b6:94:f5:17:c9:a6:79:8f:f1:5f:eb:
                    7e:c8:42:14:61:3d:87:18:90:a5:80:fd:a8:4a:c7:
                    97:03:5b:5f:2b:10:a5:b9:3a:e3:35:4f:ae:c8:96:
                    28:16:76:5f:e6:f3:e4:b0:37:3b:a4:83:a1:10:42:
                    5d:75:0d:ab:ad:ac:9c:09:12:3b:59:c8:10:84:19:
                    c8:82:4a:9b:b8:f9:bc:37:40:2b:4d:cf:a5:32:70:
                    70:f2:83:be:c7:96:b2:7e:95:c9:b0:cb:ea:7d:fe:
                    0c:53:03:c9:bf:c7:c7:e2:bb:f9:09:81:05:4f:1a:
                    71:4f:55:e4:85:18:45:ce:89:cf:d6:8c:e5:07:cb:
                    7f:07:32:72:f4:68:81:f5:5c:f8:42:a0:87:1f:06:
                    6b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:13:32:01:B5:FD:DB:B5:F2:84:11:D2:44:10:CB:DF:01:99:37:3A
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:c1:ea:dd:54:a1:ef:aa:25:7c:a3:5e:82:1e:bd:7c:47:3a:
         26:ac:ae:97:4a:9d:75:7d:8f:64:cc:06:a2:2c:3d:03:db:dc:
         f8:6b:f4:bc:c9:3b:a8:4f:75:e6:40:30:e2:4c:3e:ac:32:fa:
         b5:24:ac:4b:74:59:78:72:a3:b3:34:87:92:41:de:32:fd:f2:
         51:7a:4a:24:88:9b:7c:21:75:62:09:70:78:5f:b8:6b:2e:e1:
         e6:9b:9c:05:2f:95:3f:d4:bb:db:11:60:fb:44:9d:4d:72:98:
         b0:00:8d:e0:32:56:45:3d:62:d2:32:3f:78:d5:d9:05:75:10:
         45:f6:7f:4b:40:56:a1:bc:24:dd:6e:46:c2:18:a1:ef:41:66:
         a7:0f:dd:da:91:98:39:65:9a:69:55:0a:f1:be:a1:2d:b9:0a:
         bb:44:61:1d:9b:a1:3a:19:ee:81:59:5a:16:a2:ed:8e:aa:da:
         45:3c:a6:6a:bc:24:46:4c:15:9f:88:ce:34:67:80:74:21:fd:
         82:14:3b:86:96:1e:85:b5:11:70:54:ec:b6:6f:45:ea:59:e5:
         93:3c:ea:14:db:01:68:21:8c:5b:d4:63:7d:20:be:c9:8a:81:
         fa:e9:8e:7a:c4:db:7d:42:31:c1:ab:de:51:de:e4:a8:1e:a0:
         dd:cc:5d:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUK+s2AYSy2V/yrtPT5RwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjYwNDE2MjIwMTU3WhcNMjYwNDE3MjIwMTU3WjAzMTEwLwYDVQQD
EyhhMzEzMzIwMWI1ZmRkYmI1ZjI4NDExZDI0NDEwY2JkZjAxOTkzNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLFPrs1Gea6jCuQpXk8aJggCs6m0
K33q0N1Mxj9ZI6O6J8oVxPbpunioZnporbyQbOBTbzoHtDLaL8jicq1gY7GbWZO3
1lc8t8Di7YmFJW674TF7Rc5rqr6nhq/oqJEo9eYp+eoEFmmSEz3qtpT1F8mmeY/x
X+t+yEIUYT2HGJClgP2oSseXA1tfKxCluTrjNU+uyJYoFnZf5vPksDc7pIOhEEJd
dQ2rraycCRI7WcgQhBnIgkqbuPm8N0ArTc+lMnBw8oO+x5ayfpXJsMvqff4MUwPJ
v8fH4rv5CYEFTxpxT1XkhRhFzonP1ozlB8t/BzJy9GiB9Vz4QqCHHwZrVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMTMgG1/du18oQR0kQQy98BmTc6MB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPMHq3VSh
76olfKNegh69fEc6Jqyul0qddX2PZMwGoiw9A9vc+Gv0vMk7qE915kAw4kw+rDL6
tSSsS3RZeHKjszSHkkHeMv3yUXpKJIibfCF1YglweF+4ay7h5pucBS+VP9S72xFg
+0SdTXKYsACN4DJWRT1i0jI/eNXZBXUQRfZ/S0BWobwk3W5Gwhih70Fmpw/d2pGY
OWWaaVUK8b6hLbkKu0RhHZuhOhnugVlaFqLtjqraRTymarwkRkwVn4jONGeAdCH9
ghQ7hpYehbURcFTstm9F6lnlkzzqFNsBaCGMW9RjfSC+yYqB+umOesTbfUIxwave
Ud7kqB6g3cxdww==
-----END CERTIFICATE-----