Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft
File:                     NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft (raw, json)
Hash identifier:          AzESRmvS/weUW6SJw0fsMIS8JJ8c9d7zH2QGb4wA8EA=
Subject key identifier:   5F:0F:28:AE:B1:A2:2A:81:EA:4D:83:14:F2:4D:4D:DA:59:3D:98:DD
Authority key identifier: 35:E6:76:45:94:E0:0D:9A:B8:01:78:93:C7:10:92:CF:51:6B:10:1F
Certificate issuer:       /CN=35e6764594e00d9ab8017893c71092cf516b101f
Certificate serial:       019CAA21E4358366F8346D2BBB4A55672631
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft
Manifest number:          17D3
Signing time:             Sun 01 Mar 2026 16:01:13 +0000
Manifest this update:     Sun 01 Mar 2026 16:01:13 +0000
Manifest next update:     Mon 02 Mar 2026 16:01:13 +0000
Files and hashes:         1: NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl (hash: jfxCPOrX0uCat9EiqdT2rhAh5npcov2arVqGAVGlxbs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:e4:35:83:66:f8:34:6d:2b:bb:4a:55:67:26:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35e6764594e00d9ab8017893c71092cf516b101f
        Validity
            Not Before: Mar  1 16:01:13 2026 GMT
            Not After : Mar  2 16:01:13 2026 GMT
        Subject: CN=5f0f28aeb1a22a81ea4d8314f24d4dda593d98dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:25:60:20:3a:32:ac:fd:8f:d7:53:4f:9a:56:
                    24:dd:72:3c:b9:56:4c:f1:4d:12:8b:c7:ba:ab:c9:
                    80:93:c7:4c:8f:51:8e:8a:4f:cf:71:d7:04:1a:e8:
                    f1:13:ea:a5:cb:7a:e3:9c:f4:b3:ac:52:06:ff:89:
                    f2:ae:84:51:4f:f6:fa:2e:bf:8d:f7:35:04:50:a8:
                    0e:aa:ea:7f:c2:78:e5:05:2e:a7:fd:7a:9a:e0:38:
                    7e:af:68:80:7d:78:a2:74:74:2f:3c:6c:89:71:b2:
                    29:4f:61:9b:ce:f1:64:7a:f1:7e:60:8b:4d:81:6e:
                    f1:5c:d5:eb:45:14:9c:6b:9c:c4:ff:ab:9c:38:9f:
                    2e:ee:df:d6:0b:3b:9e:84:bb:34:e5:56:d9:11:2c:
                    ad:bc:a1:03:59:1b:5d:53:95:83:60:67:11:ff:14:
                    1f:ee:03:45:5c:45:4a:2a:83:86:5f:96:54:d6:e9:
                    83:9e:48:fe:11:f1:43:2b:6e:74:72:c9:4d:35:d6:
                    46:b3:31:0f:4d:f3:62:66:e8:53:7f:7a:d0:36:d6:
                    ca:d7:67:b6:05:71:da:e0:0b:e9:2b:16:23:27:70:
                    7c:4e:80:d5:ba:69:ea:7d:ac:60:3b:f1:eb:28:0a:
                    ea:8d:2f:3d:fb:a4:56:4e:2f:71:9b:13:e3:75:fb:
                    3c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:0F:28:AE:B1:A2:2A:81:EA:4D:83:14:F2:4D:4D:DA:59:3D:98:DD
            X509v3 Authority Key Identifier:
                keyid:35:E6:76:45:94:E0:0D:9A:B8:01:78:93:C7:10:92:CF:51:6B:10:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4c31f2-8f30-4dbe-938d-b2f0b1bcae5c/1/NeZ2RZTgDZq4AXiTxxCSz1FrEB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:3d:3d:3a:ba:82:6b:4a:4f:8f:e3:7e:1f:cd:74:30:d3:e1:
         15:0d:29:99:65:36:fe:64:19:b0:cf:13:33:2d:8b:ff:11:31:
         ee:8c:81:c6:4f:7f:b6:f9:15:aa:cc:81:f6:99:c7:69:7e:0e:
         e4:9c:6f:6a:e9:92:d8:f9:11:b4:cd:6f:74:78:74:0b:9b:62:
         29:99:fc:52:4a:b7:d0:c1:59:6e:20:4e:ea:ff:24:be:25:67:
         8f:05:a4:de:fd:f7:a3:51:0c:63:13:39:66:c3:ec:65:f1:18:
         1a:71:80:d4:c3:3f:a8:58:bd:cc:de:7c:27:3d:72:36:0a:16:
         58:9c:0d:07:87:6b:50:f4:14:52:41:0e:da:d1:13:0f:eb:ec:
         46:db:1d:4f:cb:c4:77:74:a7:03:b3:d9:47:52:a7:26:aa:f2:
         ae:e8:91:9b:54:08:0f:d9:7f:49:e3:5f:e7:92:8c:31:4e:1a:
         4b:b2:7b:6b:f8:27:9d:a1:ee:a5:16:89:40:52:54:58:f5:54:
         0b:be:96:68:8e:05:3b:b0:f5:3f:3b:10:5b:96:75:15:9a:0d:
         e3:f4:cc:77:85:f7:54:53:c0:d6:2a:05:2b:f3:dd:a5:5f:64:
         4a:31:a8:4a:99:37:c4:1a:93:d0:99:54:10:ca:5f:35:21:51:
         1a:d9:38:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIeQ1g2b4NG0ru0pVZyYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTY3NjQ1OTRlMDBkOWFiODAxNzg5M2M3MTA5MmNmNTE2
YjEwMWYwHhcNMjYwMzAxMTYwMTEzWhcNMjYwMzAyMTYwMTEzWjAzMTEwLwYDVQQD
Eyg1ZjBmMjhhZWIxYTIyYTgxZWE0ZDgzMTRmMjRkNGRkYTU5M2Q5OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyVgIDoyrP2P11NPmlYk3XI8uVZM
8U0Si8e6q8mAk8dMj1GOik/PcdcEGujxE+qly3rjnPSzrFIG/4nyroRRT/b6Lr+N
9zUEUKgOqup/wnjlBS6n/Xqa4Dh+r2iAfXiidHQvPGyJcbIpT2GbzvFkevF+YItN
gW7xXNXrRRSca5zE/6ucOJ8u7t/WCzuehLs05VbZESytvKEDWRtdU5WDYGcR/xQf
7gNFXEVKKoOGX5ZU1umDnkj+EfFDK250cslNNdZGszEPTfNiZuhTf3rQNtbK12e2
BXHa4AvpKxYjJ3B8ToDVumnqfaxgO/HrKArqjS89+6RWTi9xmxPjdfs8GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8PKK6xoiqB6k2DFPJNTdpZPZjdMB8GA1UdIwQY
MBaAFDXmdkWU4A2auAF4k8cQks9RaxAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy80YzMxZjItOGYzMC00ZGJlLTkzOGQt
YjJmMGIxYmNhZTVjLzEvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy80YzMxZjItOGYzMC00ZGJlLTkzOGQtYjJmMGIxYmNhZTVj
LzEvTmVaMlJaVGdEWnE0QVhpVHh4Q1N6MUZyRUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbT09OrqC
a0pPj+N+H810MNPhFQ0pmWU2/mQZsM8TMy2L/xEx7oyBxk9/tvkVqsyB9pnHaX4O
5JxvaumS2PkRtM1vdHh0C5tiKZn8Ukq30MFZbiBO6v8kviVnjwWk3v33o1EMYxM5
ZsPsZfEYGnGA1MM/qFi9zN58Jz1yNgoWWJwNB4drUPQUUkEO2tETD+vsRtsdT8vE
d3SnA7PZR1KnJqryruiRm1QID9l/SeNf55KMMU4aS7J7a/gnnaHupRaJQFJUWPVU
C76WaI4FO7D1PzsQW5Z1FZoN4/TMd4X3VFPA1ioFK/PdpV9kSjGoSpk3xBqT0JlU
EMpfNSFRGtk4Hw==
-----END CERTIFICATE-----