Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          8UrE4ubDG7VP1/FQLcETUBoaxr7K5/JkNW7Ja1O6VuM=
Subject key identifier:   14:50:4E:B6:30:59:41:E7:15:20:32:BD:80:EA:99:C1:1A:6F:1F:2C
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       019D38661A3DA3607F41308C9B35A326CAE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          1889
Signing time:             Sun 29 Mar 2026 07:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:48 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: T70+fYQTVbb4yt4QcJyjBpfWfu/WNAOnyhEcv8vm0Q8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:1a:3d:a3:60:7f:41:30:8c:9b:35:a3:26:ca:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Mar 29 07:01:48 2026 GMT
            Not After : Mar 30 07:01:48 2026 GMT
        Subject: CN=14504eb6305941e7152032bd80ea99c11a6f1f2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8f:d7:83:5f:dc:5f:2c:f3:d1:28:59:f0:2d:
                    b1:9e:b4:e0:fb:b4:6c:b1:67:80:8c:60:a1:17:9e:
                    d4:8a:63:2f:06:0a:fa:86:47:a0:f6:32:e8:fb:a5:
                    0d:ea:da:a2:cc:a3:52:35:54:b8:e9:d6:80:c1:c2:
                    b8:e8:81:6f:01:db:95:0e:69:85:ea:c1:75:f4:3b:
                    85:46:8b:d3:92:c7:6e:b6:72:77:74:75:82:e2:b8:
                    b3:51:31:07:34:e0:ee:62:3c:c2:bb:47:54:5f:21:
                    4a:2b:2d:7a:d6:ce:b4:eb:9c:7f:9e:02:46:db:b1:
                    5d:e1:8d:84:f3:f8:1a:82:c1:f0:9a:ba:c3:cd:5c:
                    b8:90:2e:1e:88:6e:a1:a4:87:b7:4e:27:67:f3:50:
                    54:99:53:1d:49:58:5c:0e:84:5b:ca:ae:9d:6d:35:
                    8d:ad:45:4f:d3:df:63:0d:99:38:5b:b5:20:12:53:
                    c7:f0:f6:81:49:d0:15:bd:ac:7c:f3:40:1e:3d:15:
                    f9:1c:5e:d0:33:94:da:d8:a6:81:50:5f:02:04:fd:
                    2b:60:fd:af:2c:92:ab:2f:a9:c4:83:b5:10:37:1f:
                    a2:21:13:62:23:64:73:a4:74:1c:c4:6c:c3:c7:28:
                    1a:ab:69:24:af:47:91:e8:fe:84:b4:25:60:92:71:
                    86:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:50:4E:B6:30:59:41:E7:15:20:32:BD:80:EA:99:C1:1A:6F:1F:2C
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:4e:47:13:12:69:ab:17:2b:83:e4:38:c1:07:48:f1:01:39:
         0e:c5:9e:f0:76:1e:9b:ee:34:56:d8:14:b5:e5:5f:e7:5c:56:
         23:d3:b4:ca:84:0a:1f:7a:fb:42:37:db:21:76:29:23:82:ec:
         3f:32:0a:58:c0:c0:76:14:0b:3d:3f:54:70:c9:b5:7e:7f:ed:
         bb:ea:68:7a:1b:3c:a7:8c:6d:48:7d:86:d1:39:40:22:be:77:
         68:7f:7a:36:72:69:68:e1:da:b5:c9:e9:38:04:1a:97:d2:6e:
         0a:a5:e8:34:bb:55:df:f9:06:d0:93:53:dc:25:8f:24:a7:27:
         a1:78:03:d5:1d:13:f7:6e:05:1f:7e:13:2a:8a:d1:20:01:55:
         4a:bd:f6:b0:0e:c6:1e:33:1e:d4:35:7d:fb:70:98:37:4d:a6:
         df:22:25:cf:61:67:87:af:2e:7b:77:b1:9d:d6:ec:80:a9:83:
         cf:df:15:03:f6:07:bc:6d:dc:61:4e:f0:87:38:4b:19:c9:7e:
         4e:9f:b8:06:86:e9:46:db:5d:7c:31:4e:f3:17:13:42:45:99:
         c8:df:f0:13:5c:1e:75:e0:a2:b7:74:a7:dc:09:6d:3b:54:fd:
         a0:fd:98:e0:8f:52:92:cf:3c:29:14:a8:56:9e:66:4f:77:74:
         5b:75:68:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zho9o2B/QTCMmzWjJsrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjYwMzI5MDcwMTQ4WhcNMjYwMzMwMDcwMTQ4WjAzMTEwLwYDVQQD
EygxNDUwNGViNjMwNTk0MWU3MTUyMDMyYmQ4MGVhOTljMTFhNmYxZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI/Xg1/cXyzz0ShZ8C2xnrTg+7Rs
sWeAjGChF57UimMvBgr6hkeg9jLo+6UN6tqizKNSNVS46daAwcK46IFvAduVDmmF
6sF19DuFRovTksdutnJ3dHWC4rizUTEHNODuYjzCu0dUXyFKKy161s6065x/ngJG
27Fd4Y2E8/gagsHwmrrDzVy4kC4eiG6hpIe3Tidn81BUmVMdSVhcDoRbyq6dbTWN
rUVP099jDZk4W7UgElPH8PaBSdAVvax880AePRX5HF7QM5Ta2KaBUF8CBP0rYP2v
LJKrL6nEg7UQNx+iIRNiI2RzpHQcxGzDxygaq2kkr0eR6P6EtCVgknGG0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRQTrYwWUHnFSAyvYDqmcEabx8sMB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADk5HExJp
qxcrg+Q4wQdI8QE5DsWe8HYem+40VtgUteVf51xWI9O0yoQKH3r7QjfbIXYpI4Ls
PzIKWMDAdhQLPT9UcMm1fn/tu+poehs8p4xtSH2G0TlAIr53aH96NnJpaOHatcnp
OAQal9JuCqXoNLtV3/kG0JNT3CWPJKcnoXgD1R0T924FH34TKorRIAFVSr32sA7G
HjMe1DV9+3CYN02m3yIlz2Fnh68ue3exndbsgKmDz98VA/YHvG3cYU7whzhLGcl+
Tp+4BobpRttdfDFO8xcTQkWZyN/wE1wedeCit3Sn3AltO1T9oP2Y4I9Sks88KRSo
Vp5mT3d0W3Vo7Q==
-----END CERTIFICATE-----