Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          lC5t/qw45OTY9UYBpjUaBBTDHlVsdUjED0w2NaA6mVA=
Subject key identifier:   65:C7:DC:13:96:04:DA:DD:90:31:28:72:76:F9:CB:A8:6E:E8:32:1B
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       019CABD913FF2744152AA2C60AB834DA7534
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          1841
Signing time:             Mon 02 Mar 2026 00:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:56 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: XhA7bmjFhZD1GilRiveCKvLz0wei3+tZPeAiPP+LYco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:13:ff:27:44:15:2a:a2:c6:0a:b8:34:da:75:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Mar  2 00:00:56 2026 GMT
            Not After : Mar  3 00:00:56 2026 GMT
        Subject: CN=65c7dc139604dadd9031287276f9cba86ee8321b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:53:d9:41:65:28:f0:a3:f2:7f:42:92:f7:81:
                    59:33:57:ee:8d:f0:c3:a1:a3:6a:ad:b1:92:a2:7f:
                    b6:c6:f0:d6:f3:f3:fe:71:8f:18:7e:2f:86:8b:77:
                    c4:ab:53:81:c3:65:a0:31:d3:e2:81:ff:f9:ab:f1:
                    de:59:29:a9:a2:05:5f:26:7f:06:32:ce:6d:90:63:
                    17:59:96:86:0e:d0:67:a1:de:a3:3e:02:35:ad:9d:
                    96:29:8f:6c:91:5f:dc:78:01:d2:80:0d:ff:01:6a:
                    4c:1b:4f:9b:9f:b6:97:58:4e:07:be:67:c9:c4:e6:
                    47:77:82:b3:d5:c0:f4:cb:61:a3:10:6d:8a:d7:ae:
                    e4:8e:e2:2e:56:92:ee:5d:38:61:be:83:fb:70:64:
                    d7:94:d9:07:8c:fb:48:37:f7:d2:47:cb:f0:a1:c1:
                    4b:38:38:97:74:be:63:05:eb:af:2b:49:99:22:e6:
                    f9:aa:9c:d7:4e:d9:87:57:7c:24:a3:09:67:a8:3c:
                    b6:ae:26:1a:72:71:f7:6c:9a:22:1c:78:20:48:e9:
                    e5:e1:04:0f:be:43:10:d4:64:6b:0d:4e:6c:c5:76:
                    10:7a:f7:40:18:7b:51:65:38:3b:f9:0a:d1:14:b1:
                    eb:34:5e:90:16:51:4b:5c:4d:f8:ce:9c:8f:dd:19:
                    13:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:C7:DC:13:96:04:DA:DD:90:31:28:72:76:F9:CB:A8:6E:E8:32:1B
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:de:a4:c0:32:d9:8c:7a:22:c4:08:ee:34:c5:48:c1:1b:83:
         53:37:e7:5b:90:4e:2d:14:8c:9d:ff:3e:73:9f:b9:49:ee:66:
         b2:7c:79:36:82:20:b7:93:43:46:13:82:61:d4:47:4c:93:e6:
         fc:69:82:e2:8f:52:3d:94:72:c7:ef:4a:9f:8e:53:0a:18:b3:
         bb:ae:5c:e7:01:4c:da:c8:e8:ec:9f:6f:86:dd:14:f4:9b:37:
         e7:77:06:fb:9e:70:dd:6a:3f:77:7d:54:07:1f:12:ae:97:b4:
         74:af:5c:11:2d:92:dd:14:60:6a:a6:f4:1b:b0:98:e3:82:94:
         09:fa:29:f8:95:98:63:89:b0:42:c6:44:8e:af:c6:77:53:d5:
         b0:47:6e:ac:13:eb:29:34:e9:25:07:22:8b:fe:4c:db:c9:1c:
         dc:ee:8e:55:3e:6e:5f:ed:2c:45:8c:c1:3c:1f:ec:13:71:80:
         95:aa:93:73:80:35:98:54:9d:95:26:12:d1:6d:b7:22:df:05:
         bc:ee:cb:ca:02:a2:8e:6d:c6:a4:25:7b:c6:6b:f0:59:32:e1:
         a8:38:12:82:c4:2a:74:30:f6:3d:a3:b5:0e:bd:88:b5:94:b1:
         14:f2:a6:56:0d:24:91:22:d8:07:99:da:8c:3f:22:04:ea:dd:
         06:8c:3a:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2RP/J0QVKqLGCrg02nU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjYwMzAyMDAwMDU2WhcNMjYwMzAzMDAwMDU2WjAzMTEwLwYDVQQD
Eyg2NWM3ZGMxMzk2MDRkYWRkOTAzMTI4NzI3NmY5Y2JhODZlZTgzMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFPZQWUo8KPyf0KS94FZM1fujfDD
oaNqrbGSon+2xvDW8/P+cY8Yfi+Gi3fEq1OBw2WgMdPigf/5q/HeWSmpogVfJn8G
Ms5tkGMXWZaGDtBnod6jPgI1rZ2WKY9skV/ceAHSgA3/AWpMG0+bn7aXWE4HvmfJ
xOZHd4Kz1cD0y2GjEG2K167kjuIuVpLuXThhvoP7cGTXlNkHjPtIN/fSR8vwocFL
ODiXdL5jBeuvK0mZIub5qpzXTtmHV3wkowlnqDy2riYacnH3bJoiHHggSOnl4QQP
vkMQ1GRrDU5sxXYQevdAGHtRZTg7+QrRFLHrNF6QFlFLXE34zpyP3RkTVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXH3BOWBNrdkDEocnb5y6hu6DIbMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASN6kwDLZ
jHoixAjuNMVIwRuDUzfnW5BOLRSMnf8+c5+5Se5msnx5NoIgt5NDRhOCYdRHTJPm
/GmC4o9SPZRyx+9Kn45TChizu65c5wFM2sjo7J9vht0U9Js353cG+55w3Wo/d31U
Bx8Srpe0dK9cES2S3RRgaqb0G7CY44KUCfop+JWYY4mwQsZEjq/Gd1PVsEdurBPr
KTTpJQcii/5M28kc3O6OVT5uX+0sRYzBPB/sE3GAlaqTc4A1mFSdlSYS0W23It8F
vO7LygKijm3GpCV7xmvwWTLhqDgSgsQqdDD2PaO1Dr2ItZSxFPKmVg0kkSLYB5na
jD8iBOrdBow66A==
-----END CERTIFICATE-----