Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          Fj2ZXCRdTq9+JodNhAC6MHo0aBjwgjitr3DKo4zygRI=
Subject key identifier:   6B:DA:7C:34:91:91:EF:54:E6:8E:E9:89:39:DC:9A:80:F2:D7:36:E5
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       019D3940A094DED5A1E13900D14587BE1BBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          039E
Signing time:             Sun 29 Mar 2026 11:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:29 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: MDVVXsMSOYpedTiE5IP7kkxWSAli2aTYn4PsBiu0ZTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:a0:94:de:d5:a1:e1:39:00:d1:45:87:be:1b:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Mar 29 11:00:29 2026 GMT
            Not After : Mar 30 11:00:29 2026 GMT
        Subject: CN=6bda7c349191ef54e68ee98939dc9a80f2d736e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:87:bd:9e:8d:d6:50:9e:8a:52:97:be:b5:b5:
                    69:66:a1:b6:39:1a:84:27:50:20:e7:61:c0:fe:4d:
                    50:f9:81:d9:cd:e7:cc:3f:3a:54:29:60:db:a9:6f:
                    e3:67:11:d7:f3:d5:bd:f5:01:45:22:fb:6f:6a:4f:
                    8e:67:d7:d2:26:17:87:6c:98:0c:e8:6d:d1:78:a6:
                    21:27:c1:01:47:6e:41:2f:2e:1c:a3:93:11:bc:14:
                    83:62:ae:82:1d:b3:05:34:bd:96:cb:e7:1e:e3:94:
                    4b:0a:3a:cd:fd:2a:8d:28:27:bd:8b:f6:23:82:aa:
                    2f:70:4f:53:cd:b2:2e:de:d7:a6:97:2b:8f:e0:3c:
                    4e:71:dd:99:f5:d6:ba:4f:66:eb:22:fc:f5:29:69:
                    ee:a2:fd:bd:03:2f:8f:44:ad:c1:48:d7:f1:50:3d:
                    c1:7e:0c:8c:ea:80:1e:92:02:aa:81:47:0c:06:af:
                    65:73:15:74:7e:5b:66:ea:8d:19:36:59:c3:ba:aa:
                    20:a9:21:d9:68:c4:44:e8:36:02:b5:48:21:58:5b:
                    cf:f0:59:41:3b:b5:57:01:15:fe:a7:83:a4:fb:72:
                    c8:ef:c4:07:a2:36:b7:31:80:64:b5:2d:5b:32:c2:
                    db:03:2e:52:3e:c1:2f:e4:21:3d:9a:90:a9:38:35:
                    60:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:DA:7C:34:91:91:EF:54:E6:8E:E9:89:39:DC:9A:80:F2:D7:36:E5
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:dd:bb:20:03:e0:76:b2:d7:cc:20:fc:5b:31:9c:20:97:b0:
         c5:e3:cf:c8:45:6b:51:f6:8a:d4:a7:8c:bb:a6:01:36:85:cd:
         3b:26:a0:0f:55:2e:f6:7c:25:2d:f0:5a:ee:94:56:4d:98:95:
         eb:88:d2:e1:f8:58:41:1a:b9:d4:9a:18:3c:92:0e:ee:3c:9f:
         6b:5e:5c:7e:4b:c8:98:7b:01:2a:a3:53:16:8b:7a:a5:cb:2c:
         cc:9b:93:ad:c0:c0:e9:1e:7d:f7:4f:9d:6c:41:e4:cc:a7:18:
         37:0d:0b:21:45:f5:3f:25:5e:e8:bb:61:36:f2:05:cd:71:76:
         64:05:78:df:0c:39:7b:97:2b:07:0b:ae:ba:fc:6b:c1:8a:85:
         b0:97:2d:94:c2:88:21:e7:32:b1:28:4e:b0:bb:e4:4b:aa:fd:
         45:ab:45:25:ee:91:35:9a:ac:24:43:e8:52:a6:6d:e9:88:46:
         3d:33:22:ae:e6:31:69:86:30:14:84:51:32:4a:27:30:43:7b:
         98:6a:f3:aa:82:77:57:bd:03:68:62:7d:12:69:22:82:d5:0c:
         0d:58:29:b8:90:7f:70:aa:ec:89:91:de:98:cb:4b:f6:cd:98:
         12:20:59:25:db:19:da:9e:8d:b3:0a:d0:67:e9:4b:4a:59:b2:
         43:a7:c6:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKCU3tWh4TkA0UWHvhu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjYwMzI5MTEwMDI5WhcNMjYwMzMwMTEwMDI5WjAzMTEwLwYDVQQD
Eyg2YmRhN2MzNDkxOTFlZjU0ZTY4ZWU5ODkzOWRjOWE4MGYyZDczNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIe9no3WUJ6KUpe+tbVpZqG2ORqE
J1Ag52HA/k1Q+YHZzefMPzpUKWDbqW/jZxHX89W99QFFIvtvak+OZ9fSJheHbJgM
6G3ReKYhJ8EBR25BLy4co5MRvBSDYq6CHbMFNL2Wy+ce45RLCjrN/SqNKCe9i/Yj
gqovcE9TzbIu3temlyuP4DxOcd2Z9da6T2brIvz1KWnuov29Ay+PRK3BSNfxUD3B
fgyM6oAekgKqgUcMBq9lcxV0fltm6o0ZNlnDuqogqSHZaMRE6DYCtUghWFvP8FlB
O7VXARX+p4Ok+3LI78QHoja3MYBktS1bMsLbAy5SPsEv5CE9mpCpODVgPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvafDSRke9U5o7piTncmoDy1zblMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASt27IAPg
drLXzCD8WzGcIJewxePPyEVrUfaK1KeMu6YBNoXNOyagD1Uu9nwlLfBa7pRWTZiV
64jS4fhYQRq51JoYPJIO7jyfa15cfkvImHsBKqNTFot6pcsszJuTrcDA6R5990+d
bEHkzKcYNw0LIUX1PyVe6LthNvIFzXF2ZAV43ww5e5crBwuuuvxrwYqFsJctlMKI
IecysShOsLvkS6r9RatFJe6RNZqsJEPoUqZt6YhGPTMiruYxaYYwFIRRMkonMEN7
mGrzqoJ3V70DaGJ9EmkigtUMDVgpuJB/cKrsiZHemMtL9s2YEiBZJdsZ2p6NswrQ
Z+lLSlmyQ6fGIg==
-----END CERTIFICATE-----