Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
File:                     ny4CE8HB23M97spK4mFsqv-lFXA.mft (raw, json)
Hash identifier:          epzn27ptAAX2prY1t0ayaHLjXrIxn2b7CoBboaSI1LY=
Subject key identifier:   79:0E:FC:79:A1:A5:F4:5C:A6:B1:AA:F4:54:5E:34:0D:73:C1:90:D4
Authority key identifier: 9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70
Certificate issuer:       /CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
Certificate serial:       019D375334E6850B2B1CE0194C6E846BE74E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
Manifest number:          153C
Signing time:             Sun 29 Mar 2026 02:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:32 +0000
Files and hashes:         1: ny4CE8HB23M97spK4mFsqv-lFXA.crl (hash: C20sn84gYzfAoQN7zb2OBB1+/rOG5CFrMizUg5n3mHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:53:34:e6:85:0b:2b:1c:e0:19:4c:6e:84:6b:e7:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2e0213c1c1db733deeca4ae2616caaffa51570
        Validity
            Not Before: Mar 29 02:01:32 2026 GMT
            Not After : Mar 30 02:01:32 2026 GMT
        Subject: CN=790efc79a1a5f45ca6b1aaf4545e340d73c190d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:98:f4:d4:c0:41:97:19:4b:1b:cd:ad:da:33:
                    c7:ad:c3:09:96:d5:0b:9a:b0:a2:94:1f:36:bc:e9:
                    96:75:94:2a:41:cc:ae:1f:b1:15:bf:96:8d:ba:83:
                    9c:11:16:53:3d:51:ed:6d:74:de:e0:53:da:f4:b0:
                    01:0e:b2:7c:f9:fa:82:7c:51:fd:fb:59:fe:24:46:
                    a6:d3:fd:39:38:a7:60:42:71:11:90:05:41:06:09:
                    f5:45:a2:6e:1e:02:c4:e7:bf:2d:34:7b:10:3d:db:
                    4f:eb:92:73:6d:f9:15:20:37:42:4d:66:07:36:ca:
                    29:2b:5d:a2:b1:f5:73:b4:3e:57:05:3b:7c:59:d0:
                    25:a0:c0:72:93:b6:ac:83:73:f0:d8:4c:65:8e:3d:
                    e9:26:84:d9:b4:30:f3:50:63:56:93:45:2c:ee:ed:
                    c4:4d:46:f6:2e:01:c9:8d:a3:4c:c2:18:72:68:65:
                    9b:3e:81:32:a2:d0:55:7b:fb:4e:6c:a8:82:d6:08:
                    bf:48:ae:73:2f:33:ed:74:c6:22:90:50:42:3a:36:
                    c9:47:bf:d0:f1:dd:81:b2:5f:be:49:fe:b6:02:70:
                    3f:94:13:2a:89:0d:24:93:bb:17:b9:41:06:ec:fb:
                    ba:f3:ae:58:43:1f:48:d1:54:a1:a6:12:47:6e:f9:
                    ed:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0E:FC:79:A1:A5:F4:5C:A6:B1:AA:F4:54:5E:34:0D:73:C1:90:D4
            X509v3 Authority Key Identifier:
                keyid:9F:2E:02:13:C1:C1:DB:73:3D:EE:CA:4A:E2:61:6C:AA:FF:A5:15:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny4CE8HB23M97spK4mFsqv-lFXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/b1388f-3aeb-40d6-b4b7-9e852f3301c0/1/ny4CE8HB23M97spK4mFsqv-lFXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:83:d8:02:d7:ff:f6:d8:5f:59:1e:d5:1a:07:69:d9:7d:1e:
         ed:b8:08:c6:1e:1f:52:6c:50:e8:20:c1:88:4e:d7:d2:47:22:
         a4:77:97:11:d1:5b:20:01:46:4e:7d:66:2f:e3:48:53:d5:a2:
         2c:85:ed:78:ce:84:49:25:28:d7:b9:0a:e9:b1:c2:e0:2c:7e:
         b8:52:ec:76:23:65:d6:0f:01:c8:8d:4f:82:7e:11:2c:b5:d8:
         c0:6c:a1:e7:fc:bb:33:6c:dd:35:a0:75:1f:ee:d4:b5:33:d5:
         a6:ec:9c:a3:6a:03:12:38:a5:ea:77:ec:4f:43:15:29:f7:e6:
         56:78:f4:98:69:2d:69:cc:10:db:7a:3a:2d:d0:9d:bf:de:39:
         4e:6e:af:30:d9:b1:e4:8a:5f:1e:aa:3a:35:b0:76:19:3c:dc:
         38:f6:7b:fd:72:34:8a:28:8b:b9:d2:87:7e:77:7c:61:42:65:
         65:93:84:c3:b3:5b:32:5b:63:97:c5:86:47:28:68:c3:b1:a1:
         c0:70:8f:bf:91:e1:f2:44:71:dc:a1:c1:61:40:4b:1b:3a:28:
         11:24:fe:79:76:6e:2d:7f:72:cc:04:31:4e:40:73:c4:de:fe:
         35:26:f8:4e:e8:0b:c3:b8:b0:fd:d6:b3:ba:a8:9e:bc:f9:d0:
         97:b2:e3:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UzTmhQsrHOAZTG6Ea+dOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmUwMjEzYzFjMWRiNzMzZGVlY2E0YWUyNjE2Y2FhZmZh
NTE1NzAwHhcNMjYwMzI5MDIwMTMyWhcNMjYwMzMwMDIwMTMyWjAzMTEwLwYDVQQD
Eyg3OTBlZmM3OWExYTVmNDVjYTZiMWFhZjQ1NDVlMzQwZDczYzE5MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5j01MBBlxlLG82t2jPHrcMJltUL
mrCilB82vOmWdZQqQcyuH7EVv5aNuoOcERZTPVHtbXTe4FPa9LABDrJ8+fqCfFH9
+1n+JEam0/05OKdgQnERkAVBBgn1RaJuHgLE578tNHsQPdtP65JzbfkVIDdCTWYH
NsopK12isfVztD5XBTt8WdAloMByk7asg3Pw2Exljj3pJoTZtDDzUGNWk0Us7u3E
TUb2LgHJjaNMwhhyaGWbPoEyotBVe/tObKiC1gi/SK5zLzPtdMYikFBCOjbJR7/Q
8d2Bsl++Sf62AnA/lBMqiQ0kk7sXuUEG7Pu6865YQx9I0VShphJHbvntQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkO/HmhpfRcprGq9FReNA1zwZDUMB8GA1UdIwQY
MBaAFJ8uAhPBwdtzPe7KSuJhbKr/pRVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0Yjct
OWU4NTJmMzMwMWMwLzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iMTM4OGYtM2FlYi00MGQ2LWI0YjctOWU4NTJmMzMwMWMw
LzEvbnk0Q0U4SEIyM005N3NwSzRtRnNxdi1sRlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiYPYAtf/
9thfWR7VGgdp2X0e7bgIxh4fUmxQ6CDBiE7X0kcipHeXEdFbIAFGTn1mL+NIU9Wi
LIXteM6ESSUo17kK6bHC4Cx+uFLsdiNl1g8ByI1Pgn4RLLXYwGyh5/y7M2zdNaB1
H+7UtTPVpuyco2oDEjil6nfsT0MVKffmVnj0mGktacwQ23o6LdCdv945Tm6vMNmx
5IpfHqo6NbB2GTzcOPZ7/XI0iiiLudKHfnd8YUJlZZOEw7NbMltjl8WGRyhow7Gh
wHCPv5Hh8kRx3KHBYUBLGzooEST+eXZuLX9yzAQxTkBzxN7+NSb4TugLw7iw/daz
uqievPnQl7LjNQ==
-----END CERTIFICATE-----