Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
File:                     nuC9T-woxBx9-CFI8JHsPzkb23A.mft (raw, json)
Hash identifier:          v3LT+domBPQEK7c7bAXVMJoMEMiOuqPkidQcB/Y53HU=
Subject key identifier:   77:2E:E0:0C:59:9B:93:7F:1B:8C:A4:79:6E:1A:E1:40:DE:38:08:1C
Authority key identifier: 9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70
Certificate issuer:       /CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
Certificate serial:       019D3A5443D81CE58F411875540B13768090
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
Manifest number:          0A3E
Signing time:             Sun 29 Mar 2026 16:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:34 +0000
Files and hashes:         1: nuC9T-woxBx9-CFI8JHsPzkb23A.crl (hash: EC17LjmhqE1eBhqlms9+a6sDAwnp958L54XBEg+Njp0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:43:d8:1c:e5:8f:41:18:75:54:0b:13:76:80:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
        Validity
            Not Before: Mar 29 16:01:34 2026 GMT
            Not After : Mar 30 16:01:34 2026 GMT
        Subject: CN=772ee00c599b937f1b8ca4796e1ae140de38081c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d8:7e:4f:1d:ac:9f:cc:57:a6:a2:88:a5:ab:
                    67:61:26:4d:47:55:c4:e6:44:ee:6d:33:22:87:f9:
                    81:1e:0e:31:29:2c:1e:27:c9:2c:d6:a5:6e:be:d4:
                    c2:6c:25:d2:74:a4:d3:e6:c8:21:eb:1a:f7:81:6f:
                    58:d9:a8:ff:16:96:bd:02:5c:6a:5c:d4:a1:f0:21:
                    d8:77:a3:08:21:2e:99:08:69:4b:43:87:87:c8:d9:
                    44:f0:31:71:f7:8e:4a:a2:59:f9:5d:d6:d2:03:8d:
                    9d:84:0d:67:51:ce:bb:d7:85:37:77:1c:97:64:27:
                    7d:ce:1f:b8:17:34:84:34:b0:78:fc:22:0c:88:fc:
                    9c:c2:fa:57:b2:f8:cc:0e:e2:8f:97:8b:77:02:64:
                    7d:76:a2:08:0a:3f:0c:e2:21:c9:fa:a1:fe:48:f0:
                    6c:34:d1:8d:95:cf:45:e1:d2:1d:b7:4c:0e:ea:7e:
                    f4:08:71:35:cc:59:30:e1:02:be:08:4d:ab:ee:3c:
                    5b:b7:55:59:75:12:e1:63:57:a5:cf:1f:da:f4:ef:
                    3e:f1:62:6c:1c:ce:c8:15:98:99:c8:84:75:44:40:
                    ca:d1:fa:2c:ee:75:86:f4:dd:31:77:68:2d:40:43:
                    00:74:36:8a:73:ef:78:2a:dd:20:5c:5e:48:93:c2:
                    6c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:2E:E0:0C:59:9B:93:7F:1B:8C:A4:79:6E:1A:E1:40:DE:38:08:1C
            X509v3 Authority Key Identifier:
                keyid:9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:d2:b9:a7:8b:34:54:3e:27:51:33:bf:94:89:8c:6a:4c:b2:
         d7:cc:23:5a:65:b0:2f:9b:07:65:95:6d:2d:ce:5b:b4:b2:60:
         db:bd:e6:8b:c6:16:b3:ca:56:c1:cc:dc:0f:f5:c1:75:b1:61:
         d6:b0:ea:b3:96:8a:79:9b:ac:11:e7:99:4a:34:ab:f0:83:af:
         78:f6:4a:ae:46:87:9c:43:56:e9:56:dc:2f:46:47:4b:3b:02:
         f8:da:f4:f9:41:05:43:15:b0:ad:87:75:55:1f:a5:f1:13:2d:
         a2:2a:72:e9:4a:33:83:2f:33:99:93:5a:9f:49:6d:ae:40:48:
         e2:e8:31:da:70:b3:e0:c5:1f:22:6e:f0:63:34:07:d4:14:34:
         04:08:52:12:e8:fd:be:43:da:47:d9:09:a6:ee:a5:2f:77:17:
         aa:62:51:87:00:d6:bd:5e:da:a6:7e:bf:ec:e7:4b:99:d9:10:
         ab:b9:13:2c:d8:9c:57:1e:de:5e:51:cf:db:85:be:c6:22:c5:
         67:9d:a3:08:ec:bb:9f:9f:c5:3e:20:76:26:4f:4d:59:39:bd:
         0c:54:5c:f0:3f:44:a5:57:a4:f2:be:52:5f:ea:78:25:08:ca:
         30:11:a1:3d:36:51:e0:57:86:df:d7:73:48:c9:a2:58:d2:20:
         de:21:9a:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VEPYHOWPQRh1VAsTdoCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTBiZDRmZWMyOGM0MWM3ZGY4MjE0OGYwOTFlYzNmMzkx
YmRiNzAwHhcNMjYwMzI5MTYwMTM0WhcNMjYwMzMwMTYwMTM0WjAzMTEwLwYDVQQD
Eyg3NzJlZTAwYzU5OWI5MzdmMWI4Y2E0Nzk2ZTFhZTE0MGRlMzgwODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldh+Tx2sn8xXpqKIpatnYSZNR1XE
5kTubTMih/mBHg4xKSweJ8ks1qVuvtTCbCXSdKTT5sgh6xr3gW9Y2aj/Fpa9Alxq
XNSh8CHYd6MIIS6ZCGlLQ4eHyNlE8DFx945Koln5XdbSA42dhA1nUc6714U3dxyX
ZCd9zh+4FzSENLB4/CIMiPycwvpXsvjMDuKPl4t3AmR9dqIICj8M4iHJ+qH+SPBs
NNGNlc9F4dIdt0wO6n70CHE1zFkw4QK+CE2r7jxbt1VZdRLhY1elzx/a9O8+8WJs
HM7IFZiZyIR1REDK0fos7nWG9N0xd2gtQEMAdDaKc+94Kt0gXF5Ik8JsLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcu4AxZm5N/G4ykeW4a4UDeOAgcMB8GA1UdIwQY
MBaAFJ7gvU/sKMQcffghSPCR7D85G9twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYt
ZWRmYmFiMzM2MWJiLzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYtZWRmYmFiMzM2MWJi
LzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALdK5p4s0
VD4nUTO/lImMakyy18wjWmWwL5sHZZVtLc5btLJg273mi8YWs8pWwczcD/XBdbFh
1rDqs5aKeZusEeeZSjSr8IOvePZKrkaHnENW6VbcL0ZHSzsC+Nr0+UEFQxWwrYd1
VR+l8RMtoipy6Uozgy8zmZNan0ltrkBI4ugx2nCz4MUfIm7wYzQH1BQ0BAhSEuj9
vkPaR9kJpu6lL3cXqmJRhwDWvV7apn6/7OdLmdkQq7kTLNicVx7eXlHP24W+xiLF
Z52jCOy7n5/FPiB2Jk9NWTm9DFRc8D9EpVek8r5SX+p4JQjKMBGhPTZR4FeG39dz
SMmiWNIg3iGa5Q==
-----END CERTIFICATE-----