Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          3F8FrVpsZhr7Fj22KPqw4c11ngBi+QPEfrkYfHih5Uo=
Subject key identifier:   8D:EF:52:BE:C8:06:30:54:90:7B:CE:D0:05:8F:EC:E0:AB:2E:54:51
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019D38D3BADAED082BC13CFCED19FE22F234
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0CF1
Signing time:             Sun 29 Mar 2026 09:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:32 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: 9gzezPoj/LcInc8jPBWL+zZoIIQdsPwqWhSWPbc4AFY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:ba:da:ed:08:2b:c1:3c:fc:ed:19:fe:22:f2:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Mar 29 09:01:32 2026 GMT
            Not After : Mar 30 09:01:32 2026 GMT
        Subject: CN=8def52bec8063054907bced0058fece0ab2e5451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ca:99:da:15:1b:36:98:92:6b:ed:b5:e9:9c:
                    1e:1c:04:7a:4e:5a:e1:38:d5:42:d0:35:40:d4:59:
                    78:d5:b2:f0:83:66:35:37:0a:07:c8:62:ce:d9:26:
                    51:2d:36:00:e8:2f:52:c0:f9:11:92:91:dc:4d:e6:
                    de:98:5d:c4:89:94:fe:ff:85:1c:f9:cf:8d:a4:e3:
                    9b:43:84:b0:c7:99:8f:3a:5e:c9:21:c7:45:18:89:
                    d6:f3:2f:f2:48:45:ab:72:d9:b1:c1:ad:f4:06:17:
                    7a:5c:ba:6e:b6:c6:af:77:b0:14:72:51:04:e0:dd:
                    9c:c6:4b:54:d6:0f:77:31:fc:6d:73:30:8b:7e:79:
                    0c:b0:48:9c:e5:ce:5e:ee:a5:25:66:4d:f3:24:74:
                    a2:35:31:90:e5:0a:a8:65:22:be:cf:9c:5c:5f:ca:
                    f8:bc:ea:d0:48:d2:5e:9b:94:49:a1:d4:2f:c2:ed:
                    a2:9c:b1:b4:39:5f:22:d7:1a:96:c4:23:e7:e1:50:
                    bb:f3:5f:1f:b8:91:aa:29:95:7d:73:e2:77:ff:99:
                    1b:dd:70:41:00:55:40:b5:1f:73:ff:ea:62:6f:83:
                    1b:9a:f1:d0:81:75:8c:70:d3:a2:1b:65:dd:db:4f:
                    e5:05:45:98:fe:2d:63:37:57:66:d4:d4:be:72:d8:
                    6b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:EF:52:BE:C8:06:30:54:90:7B:CE:D0:05:8F:EC:E0:AB:2E:54:51
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:3e:1f:6d:25:02:61:f7:0c:b1:d4:4d:d3:14:35:e8:6d:ab:
         b8:79:6b:b8:93:8c:99:3f:c0:cb:d7:63:cd:48:86:5a:b4:d2:
         27:11:e3:42:6a:82:3c:7f:ff:82:cc:99:82:09:80:38:70:83:
         e0:b8:2b:95:c7:0d:3e:7f:10:d6:f7:dd:d0:8c:d5:1a:9b:ca:
         fe:df:03:13:5a:81:10:0c:a6:c3:bf:b6:67:61:7d:03:19:a5:
         db:55:7b:93:a3:37:b3:0c:26:31:b4:c8:a8:b3:52:bf:aa:f0:
         eb:42:cb:dc:1a:38:34:72:5f:00:81:1a:93:47:f1:e1:81:17:
         dc:f3:81:3a:3b:f8:19:f8:ee:e3:06:64:a0:bd:a3:63:73:cb:
         6e:2d:7a:68:54:b4:37:c6:ab:6b:2e:c4:f9:9e:79:b7:3d:b0:
         a1:c6:32:7e:d4:17:61:14:25:60:2d:87:84:43:c8:ac:e3:7c:
         e1:30:12:6f:12:fc:ae:33:37:4a:66:da:ee:18:90:f5:e4:b7:
         78:14:29:b0:f3:7a:ec:eb:86:34:e2:ab:c0:25:34:b8:81:a1:
         b8:9d:a2:bf:a2:5b:72:40:57:f6:5d:c1:b2:1a:57:92:98:4e:
         04:c3:9b:b1:c8:f8:0a:49:27:ef:da:00:ff:27:08:59:3d:1a:
         72:77:ec:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407ra7QgrwTz87Rn+IvI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjYwMzI5MDkwMTMyWhcNMjYwMzMwMDkwMTMyWjAzMTEwLwYDVQQD
Eyg4ZGVmNTJiZWM4MDYzMDU0OTA3YmNlZDAwNThmZWNlMGFiMmU1NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MqZ2hUbNpiSa+216ZweHAR6Tlrh
ONVC0DVA1Fl41bLwg2Y1NwoHyGLO2SZRLTYA6C9SwPkRkpHcTebemF3EiZT+/4Uc
+c+NpOObQ4Swx5mPOl7JIcdFGInW8y/ySEWrctmxwa30Bhd6XLputsavd7AUclEE
4N2cxktU1g93MfxtczCLfnkMsEic5c5e7qUlZk3zJHSiNTGQ5QqoZSK+z5xcX8r4
vOrQSNJem5RJodQvwu2inLG0OV8i1xqWxCPn4VC7818fuJGqKZV9c+J3/5kb3XBB
AFVAtR9z/+pib4MbmvHQgXWMcNOiG2Xd20/lBUWY/i1jN1dm1NS+cthrqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3vUr7IBjBUkHvO0AWP7OCrLlRRMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuD4fbSUC
YfcMsdRN0xQ16G2ruHlruJOMmT/Ay9djzUiGWrTSJxHjQmqCPH//gsyZggmAOHCD
4LgrlccNPn8Q1vfd0IzVGpvK/t8DE1qBEAymw7+2Z2F9Axml21V7k6M3swwmMbTI
qLNSv6rw60LL3Bo4NHJfAIEak0fx4YEX3POBOjv4Gfju4wZkoL2jY3PLbi16aFS0
N8aray7E+Z55tz2wocYyftQXYRQlYC2HhEPIrON84TASbxL8rjM3Smba7hiQ9eS3
eBQpsPN67OuGNOKrwCU0uIGhuJ2iv6JbckBX9l3BshpXkphOBMObscj4Ckkn79oA
/ycIWT0acnfs5Q==
-----END CERTIFICATE-----