Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
File:                     nwAKfifXFIcphPrjeIda9lvkBWw.mft (raw, json)
Hash identifier:          21F+Eqf0qsNzPmo9fL9T2qqIgWc14j/gEe7nbzVjeDs=
Subject key identifier:   E9:55:56:63:4F:27:CA:BD:F6:4C:00:06:02:A3:44:0F:8D:E9:1E:DD
Authority key identifier: 9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C
Certificate issuer:       /CN=9f000a7e27d714872984fae378875af65be4056c
Certificate serial:       019D389BE09D4C22D6AC48323B23C47957CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
Manifest number:          02E3
Signing time:             Sun 29 Mar 2026 08:00:32 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:32 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:32 +0000
Files and hashes:         1: nwAKfifXFIcphPrjeIda9lvkBWw.crl (hash: 8jLxUZwMEW7g9WtskzKpJDpaw7et+Ce7PLEC8Pq+TYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:e0:9d:4c:22:d6:ac:48:32:3b:23:c4:79:57:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f000a7e27d714872984fae378875af65be4056c
        Validity
            Not Before: Mar 29 08:00:32 2026 GMT
            Not After : Mar 30 08:00:32 2026 GMT
        Subject: CN=e95556634f27cabdf64c000602a3440f8de91edd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:16:fd:5e:26:67:33:93:64:26:6e:6d:1d:01:
                    a2:9c:4c:06:bd:88:cf:90:cd:fb:b9:91:85:3f:37:
                    ba:46:56:da:33:ab:95:bf:c6:c3:93:89:2d:00:8c:
                    47:a9:55:7d:7c:95:7b:62:99:4e:04:fb:74:79:a4:
                    71:ed:bc:6e:3a:4e:ed:37:61:7f:47:74:4e:5f:3f:
                    4d:fb:ae:44:2f:d7:39:79:cc:20:90:e2:21:1b:80:
                    14:6f:1c:03:20:b1:bc:b3:45:a5:70:00:80:bd:6a:
                    59:8d:f7:91:02:d3:8a:3d:0f:46:4c:62:be:2f:65:
                    92:65:a4:39:fa:a4:bf:af:e4:22:1a:c0:54:fd:33:
                    ce:32:e6:14:af:9d:2f:c2:26:92:af:a4:47:1e:fe:
                    eb:6a:6a:36:34:23:16:8f:89:ad:6b:24:a2:dd:79:
                    84:ac:49:be:ec:b2:09:a8:d8:0a:da:5f:78:62:25:
                    9a:a7:a8:91:17:80:58:90:c8:fc:ae:69:cb:00:a1:
                    94:2f:c9:ad:71:ac:10:17:81:ee:1f:4b:08:1a:42:
                    8f:df:04:ec:82:a8:23:d3:8c:8f:0b:51:34:e5:5f:
                    0e:5d:9c:93:42:55:67:13:ef:b7:60:34:61:b9:38:
                    65:e4:e7:05:de:22:e8:46:33:98:00:3a:7e:bd:5d:
                    8c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:55:56:63:4F:27:CA:BD:F6:4C:00:06:02:A3:44:0F:8D:E9:1E:DD
            X509v3 Authority Key Identifier:
                keyid:9F:00:0A:7E:27:D7:14:87:29:84:FA:E3:78:87:5A:F6:5B:E4:05:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwAKfifXFIcphPrjeIda9lvkBWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6b2a58-becc-49bc-8d84-a03892fc340b/1/nwAKfifXFIcphPrjeIda9lvkBWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:b9:e7:c3:55:dd:e0:17:a6:a5:98:d9:ff:64:31:8d:0b:ee:
         7f:22:76:78:94:50:ac:ec:3f:49:4d:c8:b3:cb:24:99:e9:99:
         c0:b7:b6:6d:74:f6:25:a6:5a:85:0f:73:68:7c:79:99:84:26:
         84:32:5e:4e:58:b1:e4:a4:88:45:33:99:d2:02:86:60:4b:09:
         20:3b:07:93:a3:ce:ea:4c:f5:22:02:d8:d7:8c:63:5c:dd:fb:
         e2:b6:6e:31:37:9d:9a:74:a7:9a:54:db:3d:23:d5:04:a0:81:
         04:0f:21:a2:9a:d0:68:5f:49:78:5e:4b:42:50:09:72:67:fc:
         27:6c:27:3e:8b:54:65:c5:e6:66:d8:a6:61:17:43:42:68:4f:
         86:7a:11:66:fa:80:53:37:b0:69:12:2e:e7:d1:50:26:80:ca:
         5c:89:0f:f3:09:0f:64:80:12:9d:f1:58:5c:32:b1:a4:cb:0e:
         e2:94:f2:7f:6f:2d:07:3e:0a:a4:01:c1:bf:41:dc:32:03:20:
         78:2e:de:0d:1a:73:d2:ca:c4:c4:e3:43:97:f2:55:ab:9a:35:
         bd:28:d4:1a:99:c3:c6:73:54:dc:72:5c:6f:79:50:02:53:44:
         db:8e:8d:06:5e:90:26:70:2d:7d:16:ce:58:06:32:e8:83:94:
         c8:ed:54:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+CdTCLWrEgyOyPEeVfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDAwYTdlMjdkNzE0ODcyOTg0ZmFlMzc4ODc1YWY2NWJl
NDA1NmMwHhcNMjYwMzI5MDgwMDMyWhcNMjYwMzMwMDgwMDMyWjAzMTEwLwYDVQQD
EyhlOTU1NTY2MzRmMjdjYWJkZjY0YzAwMDYwMmEzNDQwZjhkZTkxZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxb9XiZnM5NkJm5tHQGinEwGvYjP
kM37uZGFPze6RlbaM6uVv8bDk4ktAIxHqVV9fJV7YplOBPt0eaRx7bxuOk7tN2F/
R3ROXz9N+65EL9c5ecwgkOIhG4AUbxwDILG8s0WlcACAvWpZjfeRAtOKPQ9GTGK+
L2WSZaQ5+qS/r+QiGsBU/TPOMuYUr50vwiaSr6RHHv7ramo2NCMWj4mtaySi3XmE
rEm+7LIJqNgK2l94YiWap6iRF4BYkMj8rmnLAKGUL8mtcawQF4HuH0sIGkKP3wTs
gqgj04yPC1E05V8OXZyTQlVnE++3YDRhuThl5OcF3iLoRjOYADp+vV2MTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOlVVmNPJ8q99kwABgKjRA+N6R7dMB8GA1UdIwQY
MBaAFJ8ACn4n1xSHKYT643iHWvZb5AVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQt
YTAzODkyZmMzNDBiLzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82YjJhNTgtYmVjYy00OWJjLThkODQtYTAzODkyZmMzNDBi
LzEvbndBS2ZpZlhGSWNwaFByamVJZGE5bHZrQld3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALLnnw1Xd
4BempZjZ/2QxjQvufyJ2eJRQrOw/SU3Is8skmemZwLe2bXT2JaZahQ9zaHx5mYQm
hDJeTlix5KSIRTOZ0gKGYEsJIDsHk6PO6kz1IgLY14xjXN374rZuMTedmnSnmlTb
PSPVBKCBBA8hoprQaF9JeF5LQlAJcmf8J2wnPotUZcXmZtimYRdDQmhPhnoRZvqA
UzewaRIu59FQJoDKXIkP8wkPZIASnfFYXDKxpMsO4pTyf28tBz4KpAHBv0HcMgMg
eC7eDRpz0srExONDl/JVq5o1vSjUGpnDxnNU3HJcb3lQAlNE246NBl6QJnAtfRbO
WAYy6IOUyO1U+w==
-----END CERTIFICATE-----