Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File:                     NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier:          AiOk4hmouEV4cGcK94oSZ8zfWb6et5vTfbjVNtBawBA=
Subject key identifier:   AA:F1:A0:DD:D9:E0:B4:75:9D:CB:BA:01:81:BF:34:49:35:97:8D:B5
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer:       /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial:       019CAD59B7E2C6284257099D260B9671E441
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number:          074B
Signing time:             Mon 02 Mar 2026 07:01:03 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:03 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:03 +0000
Files and hashes:         1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: yXzb/7J+AdZy237GsQCNwSXfcCQtBBvhnXNykFdoRm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:b7:e2:c6:28:42:57:09:9d:26:0b:96:71:e4:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
        Validity
            Not Before: Mar  2 07:01:03 2026 GMT
            Not After : Mar  3 07:01:03 2026 GMT
        Subject: CN=aaf1a0ddd9e0b4759dcbba0181bf344935978db5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:69:04:98:11:7e:11:47:5f:8e:7c:eb:6c:6a:
                    37:2f:ea:cb:87:9f:5e:72:88:50:6d:41:5b:85:42:
                    80:a9:32:25:cf:2d:ee:ef:2c:94:83:6b:fa:f5:d8:
                    f3:92:6d:b5:c8:30:de:b4:1b:23:b2:6b:76:47:73:
                    c5:dd:4e:85:4d:6a:ae:68:b5:4d:93:c4:1d:10:66:
                    c9:ac:22:1d:7f:9a:b7:20:4a:e5:43:23:2f:e5:58:
                    6d:f0:5a:b0:3c:0c:91:ab:36:51:bd:ae:2f:01:79:
                    51:8b:fc:b5:c2:e6:3f:3a:36:1a:67:6e:42:33:c0:
                    81:01:d4:76:67:e3:c7:dd:71:74:ad:13:dd:e2:25:
                    64:5b:97:ea:c3:d5:98:68:e3:26:9c:65:6d:43:a9:
                    0c:6a:70:b6:62:93:eb:52:e6:80:ff:a2:1c:f8:78:
                    c9:49:09:08:f7:37:59:a7:91:ea:2c:b8:dd:ae:85:
                    68:93:00:82:33:16:c1:e8:56:4b:26:18:07:64:06:
                    8c:08:bc:96:4c:98:06:87:58:78:47:49:ca:bd:9d:
                    42:23:b8:ed:06:15:3e:73:0f:c5:2b:e9:f3:2e:b8:
                    2c:59:57:f7:2b:78:98:ef:e1:79:90:9b:23:37:f5:
                    ff:0d:e3:6f:a7:d6:d0:b7:77:da:d2:0e:aa:00:6d:
                    30:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:F1:A0:DD:D9:E0:B4:75:9D:CB:BA:01:81:BF:34:49:35:97:8D:B5
            X509v3 Authority Key Identifier:
                keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:c9:c2:4f:2e:65:db:a6:ff:ee:5e:db:ae:fe:0b:ba:1d:e9:
         30:32:fb:cf:82:58:6b:fa:af:e3:27:4d:c6:d1:9d:ed:07:a7:
         61:76:d8:09:72:62:80:cb:ff:a3:0f:8b:87:a1:f3:19:36:09:
         2c:98:f2:25:fd:3c:37:3c:91:04:25:aa:de:8d:9f:72:a4:78:
         60:35:c2:a7:ff:dd:f5:f4:17:2c:25:a4:e1:6f:04:8e:a9:5c:
         ed:ec:7d:13:56:48:e3:95:b0:3d:0f:59:b3:32:4a:31:a2:f5:
         49:b9:68:4a:da:39:10:bd:14:ee:35:9f:80:8d:3c:76:5a:c3:
         44:97:f8:59:c8:13:8e:0e:17:c2:68:82:29:8e:fd:df:ff:86:
         20:4f:a6:95:64:0b:b7:80:96:03:c3:8e:e4:a4:03:4c:ee:0f:
         69:d8:a1:12:45:3a:df:a5:f6:d5:39:67:e7:90:da:80:1f:cf:
         31:34:07:c4:66:47:73:93:4a:f1:a3:8f:91:86:ae:d9:f7:33:
         21:7c:32:2d:36:c7:9e:d7:0d:45:97:2e:b6:f5:42:ac:89:3c:
         62:c8:23:2c:51:23:82:21:bd:18:43:3b:25:d4:8a:94:71:d1:
         e0:cb:2c:c2:c0:3b:b2:8f:94:73:79:a3:91:dc:5d:0d:2a:a6:
         73:b6:01:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWbfixihCVwmdJguWceRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjYwMzAyMDcwMTAzWhcNMjYwMzAzMDcwMTAzWjAzMTEwLwYDVQQD
EyhhYWYxYTBkZGQ5ZTBiNDc1OWRjYmJhMDE4MWJmMzQ0OTM1OTc4ZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmkEmBF+EUdfjnzrbGo3L+rLh59e
cohQbUFbhUKAqTIlzy3u7yyUg2v69djzkm21yDDetBsjsmt2R3PF3U6FTWquaLVN
k8QdEGbJrCIdf5q3IErlQyMv5Vht8FqwPAyRqzZRva4vAXlRi/y1wuY/OjYaZ25C
M8CBAdR2Z+PH3XF0rRPd4iVkW5fqw9WYaOMmnGVtQ6kManC2YpPrUuaA/6Ic+HjJ
SQkI9zdZp5HqLLjdroVokwCCMxbB6FZLJhgHZAaMCLyWTJgGh1h4R0nKvZ1CI7jt
BhU+cw/FK+nzLrgsWVf3K3iY7+F5kJsjN/X/DeNvp9bQt3fa0g6qAG0wkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrxoN3Z4LR1ncu6AYG/NEk1l421MB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8nCTy5l
26b/7l7brv4Luh3pMDL7z4JYa/qv4ydNxtGd7QenYXbYCXJigMv/ow+Lh6HzGTYJ
LJjyJf08NzyRBCWq3o2fcqR4YDXCp//d9fQXLCWk4W8Ejqlc7ex9E1ZI45WwPQ9Z
szJKMaL1SbloSto5EL0U7jWfgI08dlrDRJf4WcgTjg4XwmiCKY793/+GIE+mlWQL
t4CWA8OO5KQDTO4PadihEkU636X21Tln55DagB/PMTQHxGZHc5NK8aOPkYau2fcz
IXwyLTbHntcNRZcutvVCrIk8YsgjLFEjgiG9GEM7JdSKlHHR4MsswsA7so+Uc3mj
kdxdDSqmc7YBig==
-----END CERTIFICATE-----