Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
File:                     Nq6kWA8QexEmjJbqMYko1O11_5M.mft (raw, json)
Hash identifier:          kTU32rjAIAbEQrd4Plue9E55MqLvZrzJrEXwZL4aNss=
Subject key identifier:   BF:41:90:92:5E:5E:59:90:29:19:EE:1A:7A:54:7D:80:D4:C4:E4:20
Authority key identifier: 36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93
Certificate issuer:       /CN=36aea4580f107b11268c96ea318928d4ed75ff93
Certificate serial:       019D37C0F8027428C82CE13D9E161BF45CE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
Manifest number:          0746
Signing time:             Sun 29 Mar 2026 04:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:26 +0000
Files and hashes:         1: Nq6kWA8QexEmjJbqMYko1O11_5M.crl (hash: eFJIIbs+StaKpJxgS7YLvAwbliJL9O2ln+T43vUddpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:f8:02:74:28:c8:2c:e1:3d:9e:16:1b:f4:5c:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36aea4580f107b11268c96ea318928d4ed75ff93
        Validity
            Not Before: Mar 29 04:01:26 2026 GMT
            Not After : Mar 30 04:01:26 2026 GMT
        Subject: CN=bf4190925e5e59902919ee1a7a547d80d4c4e420
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:27:1b:a5:28:50:87:de:b6:51:f0:40:4b:c2:
                    b8:1c:d6:05:65:1d:74:cb:5f:c3:63:c0:66:2a:e2:
                    0a:19:88:b6:42:00:fd:de:eb:6d:ac:2d:83:2c:6a:
                    9e:af:d2:d8:0e:d8:b2:40:a0:78:3e:20:37:b0:d2:
                    91:d6:f8:fb:48:8a:9e:72:78:fe:98:42:ba:8e:b2:
                    80:6b:40:2a:1e:c5:07:51:92:e5:45:54:39:e4:80:
                    05:78:71:18:1a:b7:0e:b4:a8:70:16:cd:6d:db:c1:
                    ab:79:8d:92:2d:9a:76:35:c5:3e:18:75:2a:21:75:
                    a9:1c:0a:97:08:47:e8:97:65:92:9a:52:fa:36:2a:
                    ff:b1:32:8c:67:ef:c5:0c:ec:e8:15:d2:db:f6:0d:
                    c2:0e:f7:13:ca:09:ca:29:a8:85:1e:88:ae:18:fd:
                    27:90:f0:3b:2f:bd:94:2b:3d:72:2e:e9:2d:fd:73:
                    89:40:97:89:07:47:06:68:29:09:c2:54:6c:a7:fa:
                    31:36:54:14:9a:eb:0d:44:9a:27:cf:69:a2:8c:70:
                    46:eb:fd:50:52:52:35:76:d9:37:d2:bf:c2:86:2f:
                    27:dc:d4:e9:36:da:36:1c:0e:ab:59:eb:26:8d:e0:
                    fe:e3:dc:34:b7:a7:07:b4:f5:78:0d:d3:50:49:04:
                    1c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:41:90:92:5E:5E:59:90:29:19:EE:1A:7A:54:7D:80:D4:C4:E4:20
            X509v3 Authority Key Identifier:
                keyid:36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:b5:4a:b9:58:04:30:1f:20:5f:10:39:eb:c9:5e:15:80:be:
         60:f9:64:f5:ce:2b:84:01:b9:26:9b:64:21:ce:7a:d5:d0:6f:
         51:51:b5:fb:be:33:a6:df:37:dc:9a:29:f4:de:06:9a:13:6b:
         5d:d9:d4:46:6d:8f:0c:f4:91:d8:a2:72:9d:11:21:0d:2b:bb:
         e0:2a:e9:1d:76:50:57:5c:2b:c2:7a:25:0b:fb:29:e9:10:dc:
         e0:19:77:a4:d5:fe:52:86:6b:b0:7b:65:58:da:8f:dc:b6:7b:
         54:8d:d1:ba:a3:81:4e:85:df:08:17:d2:44:02:dc:27:e1:c8:
         71:76:80:16:15:25:18:b8:97:96:2c:6e:13:90:a9:c7:e4:d1:
         b4:e5:43:06:c3:54:cd:8a:83:25:89:bb:1b:f1:05:c2:d8:eb:
         cc:cb:94:7b:63:01:d6:14:a5:13:e4:45:08:cb:27:2d:14:b5:
         ca:cc:43:a6:b1:fb:c0:c7:f8:39:d6:53:80:a7:5e:24:ee:0d:
         84:5e:91:63:8e:df:6f:2d:ed:1d:dd:9b:1d:e3:07:c2:e1:f6:
         4d:8b:ce:99:00:82:bb:67:14:07:cd:d0:d6:d9:98:c6:a0:c4:
         67:7c:ad:5f:32:3b:9c:5a:b2:09:92:ce:e4:d3:87:04:2e:a8:
         0e:1a:a4:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wPgCdCjILOE9nhYb9FzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YWVhNDU4MGYxMDdiMTEyNjhjOTZlYTMxODkyOGQ0ZWQ3
NWZmOTMwHhcNMjYwMzI5MDQwMTI2WhcNMjYwMzMwMDQwMTI2WjAzMTEwLwYDVQQD
EyhiZjQxOTA5MjVlNWU1OTkwMjkxOWVlMWE3YTU0N2Q4MGQ0YzRlNDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApycbpShQh962UfBAS8K4HNYFZR10
y1/DY8BmKuIKGYi2QgD93uttrC2DLGqer9LYDtiyQKB4PiA3sNKR1vj7SIqecnj+
mEK6jrKAa0AqHsUHUZLlRVQ55IAFeHEYGrcOtKhwFs1t28GreY2SLZp2NcU+GHUq
IXWpHAqXCEfol2WSmlL6Nir/sTKMZ+/FDOzoFdLb9g3CDvcTygnKKaiFHoiuGP0n
kPA7L72UKz1yLukt/XOJQJeJB0cGaCkJwlRsp/oxNlQUmusNRJonz2mijHBG6/1Q
UlI1dtk30r/Chi8n3NTpNto2HA6rWesmjeD+49w0t6cHtPV4DdNQSQQcawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9BkJJeXlmQKRnuGnpUfYDUxOQgMB8GA1UdIwQY
MBaAFDaupFgPEHsRJoyW6jGJKNTtdf+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYt
ZjI4ZDk3MmM4ODA4LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYtZjI4ZDk3MmM4ODA4
LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN7VKuVgE
MB8gXxA568leFYC+YPlk9c4rhAG5JptkIc561dBvUVG1+74zpt833Jop9N4GmhNr
XdnURm2PDPSR2KJynREhDSu74CrpHXZQV1wrwnolC/sp6RDc4Bl3pNX+UoZrsHtl
WNqP3LZ7VI3RuqOBToXfCBfSRALcJ+HIcXaAFhUlGLiXlixuE5Cpx+TRtOVDBsNU
zYqDJYm7G/EFwtjrzMuUe2MB1hSlE+RFCMsnLRS1ysxDprH7wMf4OdZTgKdeJO4N
hF6RY47fby3tHd2bHeMHwuH2TYvOmQCCu2cUB83Q1tmYxqDEZ3ytXzI7nFqyCZLO
5NOHBC6oDhqkGA==
-----END CERTIFICATE-----