Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft
File:                     NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft (raw, json)
Hash identifier:          RFNdVC9VAleI5KqCKam0pj64TB+Ijy/o0vg6+Zhtfd4=
Subject key identifier:   3A:72:D6:A6:D2:C7:D0:17:B2:25:25:C4:02:57:7A:09:68:77:E0:89
Authority key identifier: 34:E8:1F:FC:43:EA:8B:BA:DC:98:30:78:A1:9A:AD:54:7A:89:1D:A5
Certificate issuer:       /CN=34e81ffc43ea8bbadc983078a19aad547a891da5
Certificate serial:       019D3752172A8A5FB4F898EAB80B8C6C5B3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NOgf_EPqi7rcmDB4oZqtVHqJHaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft
Manifest number:          0194
Signing time:             Sun 29 Mar 2026 02:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:19 +0000
Files and hashes:         1: NOgf_EPqi7rcmDB4oZqtVHqJHaU.crl (hash: bJLHJ6940RIfBx0/HirkkzFUoqz3EpU1TDgje7/Rj6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NOgf_EPqi7rcmDB4oZqtVHqJHaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:17:2a:8a:5f:b4:f8:98:ea:b8:0b:8c:6c:5b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34e81ffc43ea8bbadc983078a19aad547a891da5
        Validity
            Not Before: Mar 29 02:00:19 2026 GMT
            Not After : Mar 30 02:00:19 2026 GMT
        Subject: CN=3a72d6a6d2c7d017b22525c402577a096877e089
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e3:4f:87:7e:59:ab:40:da:1d:8d:99:86:d5:
                    94:bc:bb:d3:7a:8d:7a:52:5f:1f:98:b6:95:cb:a2:
                    f4:81:c6:ed:10:70:6c:ba:bb:7d:6b:e9:1a:ff:66:
                    be:bb:00:22:3f:d8:3c:ff:67:b7:46:29:8d:11:ad:
                    86:0f:d8:9c:eb:ae:88:8a:65:ae:d0:0f:d2:51:c0:
                    59:13:fb:ac:be:5f:66:a8:ff:99:67:16:64:33:6b:
                    20:fd:74:85:8d:21:29:86:e7:16:f1:90:a9:79:8b:
                    e0:f8:bf:1e:c1:75:f0:36:b1:62:75:80:04:03:f5:
                    48:08:58:44:f2:b0:99:bd:32:dd:2d:aa:be:35:7c:
                    bb:b7:24:51:7e:a8:83:02:13:fb:db:33:b4:43:ed:
                    93:b1:c1:8a:26:55:ac:9f:d0:de:b4:b1:69:68:1b:
                    25:34:e2:e6:62:7c:5a:0e:3b:5b:dd:03:bf:a8:de:
                    38:5f:8a:d6:23:8d:da:f0:08:bc:3d:94:e9:66:a1:
                    fe:4d:4c:b6:c3:89:7a:cd:68:22:8b:f1:90:ec:51:
                    d3:f1:0d:ea:d3:a8:60:37:b1:71:37:de:2e:14:cf:
                    ea:87:f6:21:86:df:f1:8e:2e:b4:50:10:97:6d:df:
                    0d:52:be:68:07:14:85:67:61:b4:b6:b2:6e:ff:35:
                    a0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:72:D6:A6:D2:C7:D0:17:B2:25:25:C4:02:57:7A:09:68:77:E0:89
            X509v3 Authority Key Identifier:
                keyid:34:E8:1F:FC:43:EA:8B:BA:DC:98:30:78:A1:9A:AD:54:7A:89:1D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOgf_EPqi7rcmDB4oZqtVHqJHaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:a5:34:c3:e1:c6:f6:5a:8f:af:5b:5d:fa:10:d5:9b:06:e7:
         f5:af:17:77:f3:47:7a:12:fe:5a:d8:b6:bf:d5:67:9b:14:93:
         10:28:83:20:8e:d0:dd:cf:5b:1e:b3:c3:f8:01:ba:82:ba:89:
         a1:8d:2a:f5:c9:1a:3b:47:41:56:4f:ee:8e:cb:87:ab:e3:c6:
         1f:6e:17:94:53:cc:65:02:7c:cb:c6:fb:50:56:18:7e:ca:fb:
         d6:04:04:e1:92:0c:0a:d6:38:58:62:62:6b:93:85:e4:c7:cb:
         50:ca:8e:9b:a7:24:0d:9d:00:12:6a:da:f1:1b:5d:13:de:e7:
         9f:91:29:c9:47:b9:c5:75:75:c7:ce:56:65:47:56:3a:7c:b6:
         62:22:22:b7:f4:26:62:b9:14:90:52:3b:3f:79:f1:a2:69:25:
         bd:db:fd:a7:83:47:56:cc:f8:50:d4:a7:42:cc:58:24:ec:b8:
         2c:13:93:a8:fd:8f:28:1f:86:f3:c2:24:9e:99:8f:a8:fd:60:
         88:06:9c:d0:19:47:df:04:9e:6c:ec:61:65:da:2d:d3:00:85:
         c5:3f:e0:af:39:99:ca:3d:d4:2d:04:02:8d:40:7c:e4:66:71:
         b3:fd:06:8a:de:68:bf:5f:7f:9f:a3:3b:f8:28:ca:eb:93:44:
         c4:27:7d:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uhcqil+0+JjquAuMbFs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTgxZmZjNDNlYThiYmFkYzk4MzA3OGExOWFhZDU0N2E4
OTFkYTUwHhcNMjYwMzI5MDIwMDE5WhcNMjYwMzMwMDIwMDE5WjAzMTEwLwYDVQQD
EygzYTcyZDZhNmQyYzdkMDE3YjIyNTI1YzQwMjU3N2EwOTY4NzdlMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+NPh35Zq0DaHY2ZhtWUvLvTeo16
Ul8fmLaVy6L0gcbtEHBsurt9a+ka/2a+uwAiP9g8/2e3RimNEa2GD9ic666IimWu
0A/SUcBZE/usvl9mqP+ZZxZkM2sg/XSFjSEphucW8ZCpeYvg+L8ewXXwNrFidYAE
A/VICFhE8rCZvTLdLaq+NXy7tyRRfqiDAhP72zO0Q+2TscGKJlWsn9DetLFpaBsl
NOLmYnxaDjtb3QO/qN44X4rWI43a8Ai8PZTpZqH+TUy2w4l6zWgii/GQ7FHT8Q3q
06hgN7FxN94uFM/qh/Yhht/xji60UBCXbd8NUr5oBxSFZ2G0trJu/zWgIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpy1qbSx9AXsiUlxAJXeglod+CJMB8GA1UdIwQY
MBaAFDToH/xD6ou63JgweKGarVR6iR2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9nZl9FUHFpN3JjbURCNG9acXRWSHFKSGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lNDNkYjQtMjkxMi00OGExLWEwMzct
OTZjNzQ0ZTIzNWIzLzEvTk9nZl9FUHFpN3JjbURCNG9acXRWSHFKSGFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lNDNkYjQtMjkxMi00OGExLWEwMzctOTZjNzQ0ZTIzNWIz
LzEvTk9nZl9FUHFpN3JjbURCNG9acXRWSHFKSGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaU0w+HG
9lqPr1td+hDVmwbn9a8Xd/NHehL+Wti2v9VnmxSTECiDII7Q3c9bHrPD+AG6grqJ
oY0q9ckaO0dBVk/ujsuHq+PGH24XlFPMZQJ8y8b7UFYYfsr71gQE4ZIMCtY4WGJi
a5OF5MfLUMqOm6ckDZ0AEmra8RtdE97nn5EpyUe5xXV1x85WZUdWOny2YiIit/Qm
YrkUkFI7P3nxomklvdv9p4NHVsz4UNSnQsxYJOy4LBOTqP2PKB+G88IknpmPqP1g
iAac0BlH3wSebOxhZdot0wCFxT/grzmZyj3ULQQCjUB85GZxs/0Git5ov19/n6M7
+CjK65NExCd9cw==
-----END CERTIFICATE-----