Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
File:                     nzeBglGggdHMfzAVMg62NSZwm5E.mft (raw, json)
Hash identifier:          yrZSP70vbd0x6GbYcT4y/Od8yoYdLSnoovi7NUmQZl0=
Subject key identifier:   89:F3:86:CB:AF:0A:0D:50:71:21:02:18:44:2C:42:DC:05:95:C3:E7
Authority key identifier: 9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91
Certificate issuer:       /CN=9f37818251a081d1cc7f3015320eb63526709b91
Certificate serial:       019D38664EC2F1812A8797DC828040F7ED4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
Manifest number:          08F8
Signing time:             Sun 29 Mar 2026 07:02:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:02 +0000
Files and hashes:         1: nzeBglGggdHMfzAVMg62NSZwm5E.crl (hash: LXSfmsHWjs1/BWNEDYwHaEfMGdcjJfb40dzY7N4wb5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4e:c2:f1:81:2a:87:97:dc:82:80:40:f7:ed:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f37818251a081d1cc7f3015320eb63526709b91
        Validity
            Not Before: Mar 29 07:02:02 2026 GMT
            Not After : Mar 30 07:02:02 2026 GMT
        Subject: CN=89f386cbaf0a0d5071210218442c42dc0595c3e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:1b:12:cd:ba:48:4e:ca:f0:05:b1:00:e0:3d:
                    fd:4d:ab:92:e6:8c:c2:ae:e3:f9:94:73:a9:56:fb:
                    ff:4a:e1:34:33:b2:c2:c2:d6:0f:78:c6:88:10:e7:
                    28:48:47:f9:20:44:f0:08:74:ce:52:63:27:cd:33:
                    19:48:7f:f3:96:a5:3b:eb:28:24:42:d8:31:0f:2d:
                    60:88:6c:bb:2a:ef:cd:76:8e:19:12:34:b7:b9:8b:
                    e1:b7:3d:6c:1f:6e:cb:3b:4e:c4:96:e0:2f:e6:cf:
                    da:8e:f3:e4:b0:c4:31:bd:86:0d:c6:c3:df:a9:92:
                    f8:de:83:9e:e1:51:52:85:6f:e9:d5:eb:fd:10:20:
                    36:8e:d7:f4:b8:b5:4d:32:ca:a6:33:cb:a5:7f:a3:
                    7c:5e:94:b8:dd:dc:8d:c3:4a:0c:06:c7:39:76:14:
                    a0:97:cd:26:4c:7f:69:8a:41:31:c7:49:e1:f5:6d:
                    56:65:6b:ce:a9:78:0c:52:df:f4:10:de:21:2d:f0:
                    d2:1e:8d:c1:f1:18:da:ea:fd:92:13:b2:f0:a5:56:
                    3a:44:5c:09:4e:6b:00:f5:fd:4d:33:cb:f9:a0:67:
                    ea:68:71:25:e3:8f:d7:76:5b:7f:9d:b0:bf:a0:1d:
                    c9:1c:1e:fb:dd:c7:55:47:56:71:cd:b3:63:63:87:
                    ca:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F3:86:CB:AF:0A:0D:50:71:21:02:18:44:2C:42:DC:05:95:C3:E7
            X509v3 Authority Key Identifier:
                keyid:9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:2c:2e:26:9c:be:dd:4e:6a:48:07:0b:f7:f2:20:dd:11:d8:
         e0:78:bc:75:f0:6d:ff:ef:c6:c9:44:e6:ca:93:73:a7:aa:af:
         f5:39:44:05:13:1d:a7:56:a0:8c:be:84:5b:af:ba:77:cf:c0:
         ec:1b:3e:dc:ca:d6:61:71:d9:3c:72:75:93:64:27:d9:d7:4f:
         c7:2a:9c:16:1f:2f:99:d5:e1:be:fb:32:a2:a8:de:a2:e1:d7:
         ec:a6:cb:7b:d2:87:2b:3d:a5:ec:80:7d:01:40:25:7b:2b:f9:
         fd:08:24:5b:08:9a:2b:fb:c3:d8:f7:b9:9b:1b:ae:b5:f0:f5:
         08:28:fd:20:92:72:1a:65:a8:e5:95:7a:bb:66:ad:38:d6:8f:
         07:5a:76:64:08:42:dc:70:dd:8f:93:a2:29:52:51:38:6a:7c:
         b8:06:1c:8f:0c:fb:fd:54:2f:8c:99:15:26:8e:98:a7:6c:d4:
         63:c3:51:9b:15:bb:ed:54:80:f0:16:72:9b:42:a0:ef:af:33:
         a5:c0:25:bd:03:b9:4d:34:4b:de:20:8e:4a:e7:b6:b3:df:fb:
         fc:e9:49:9c:44:33:26:26:66:f3:13:a6:1c:cd:eb:ae:f0:c4:
         28:61:91:06:09:27:a2:67:3f:9c:dc:95:d0:81:fa:a5:37:42:
         55:95:35:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zk7C8YEqh5fcgoBA9+1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzc4MTgyNTFhMDgxZDFjYzdmMzAxNTMyMGViNjM1MjY3
MDliOTEwHhcNMjYwMzI5MDcwMjAyWhcNMjYwMzMwMDcwMjAyWjAzMTEwLwYDVQQD
Eyg4OWYzODZjYmFmMGEwZDUwNzEyMTAyMTg0NDJjNDJkYzA1OTVjM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hsSzbpITsrwBbEA4D39TauS5ozC
ruP5lHOpVvv/SuE0M7LCwtYPeMaIEOcoSEf5IETwCHTOUmMnzTMZSH/zlqU76ygk
QtgxDy1giGy7Ku/Ndo4ZEjS3uYvhtz1sH27LO07EluAv5s/ajvPksMQxvYYNxsPf
qZL43oOe4VFShW/p1ev9ECA2jtf0uLVNMsqmM8ulf6N8XpS43dyNw0oMBsc5dhSg
l80mTH9pikExx0nh9W1WZWvOqXgMUt/0EN4hLfDSHo3B8Rja6v2SE7LwpVY6RFwJ
TmsA9f1NM8v5oGfqaHEl44/Xdlt/nbC/oB3JHB773cdVR1ZxzbNjY4fKxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInzhsuvCg1QcSECGEQsQtwFlcPnMB8GA1UdIwQY
MBaAFJ83gYJRoIHRzH8wFTIOtjUmcJuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQt
NmIyZjUyNjA0N2E5LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQtNmIyZjUyNjA0N2E5
LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSwuJpy+
3U5qSAcL9/Ig3RHY4Hi8dfBt/+/GyUTmypNzp6qv9TlEBRMdp1agjL6EW6+6d8/A
7Bs+3MrWYXHZPHJ1k2Qn2ddPxyqcFh8vmdXhvvsyoqjeouHX7KbLe9KHKz2l7IB9
AUAleyv5/QgkWwiaK/vD2Pe5mxuutfD1CCj9IJJyGmWo5ZV6u2atONaPB1p2ZAhC
3HDdj5OiKVJROGp8uAYcjwz7/VQvjJkVJo6Yp2zUY8NRmxW77VSA8BZym0Kg768z
pcAlvQO5TTRL3iCOSue2s9/7/OlJnEQzJiZm8xOmHM3rrvDEKGGRBgknomc/nNyV
0IH6pTdCVZU15Q==
-----END CERTIFICATE-----