Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          QKniOEUi4Omk9Db/xYZI2XhGmNsQ9uWNZT3htXxaunc=
Subject key identifier:   F1:8A:A1:DA:08:59:B4:DC:61:CB:EE:DC:2C:DA:E0:49:18:0E:07:F2
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       019D389BDD3B866A45CD9CEEB4E1758129C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          0B1C
Signing time:             Sun 29 Mar 2026 08:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:31 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: qmeNFK9SngvnTgSOlQaX5KdXSCycx1Zb2znrgj0G/Ho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:dd:3b:86:6a:45:cd:9c:ee:b4:e1:75:81:29:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Mar 29 08:00:31 2026 GMT
            Not After : Mar 30 08:00:31 2026 GMT
        Subject: CN=f18aa1da0859b4dc61cbeedc2cdae049180e07f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e5:f8:37:50:19:e5:3a:aa:3f:90:fe:43:49:
                    7b:f3:65:2c:ac:79:8e:a5:09:9b:a9:d4:b6:2f:46:
                    d2:08:23:29:30:34:7c:8d:d2:c2:48:55:62:a8:28:
                    1a:2e:26:b4:58:5d:38:e8:e6:9c:26:c4:b4:12:6d:
                    96:94:a3:c0:5a:83:60:77:7e:b5:f1:23:98:16:a5:
                    2e:c8:17:d6:f5:22:36:65:05:5b:2f:6f:fa:ad:38:
                    54:4b:38:d8:be:1d:4d:11:29:d0:86:c7:d1:b2:85:
                    4d:40:43:57:a9:8b:3b:80:59:00:09:63:d8:76:8e:
                    4a:01:5a:3a:f7:20:0f:48:f8:45:37:ab:67:58:69:
                    75:be:d0:43:77:99:88:f1:f0:84:85:23:47:ee:0f:
                    43:3e:0d:f4:d4:2f:0c:f8:99:d5:7d:4a:3c:80:1d:
                    76:c0:1d:86:13:3d:1e:ab:18:28:28:a5:da:5e:da:
                    4e:f9:76:b4:be:c8:67:e0:8c:5b:bd:d5:f6:c6:5f:
                    64:87:9c:25:16:a2:28:fa:23:97:48:4e:99:11:0d:
                    9a:19:c1:3e:94:f5:15:00:14:d7:2b:cb:3e:fd:c1:
                    26:4f:ea:b4:16:a9:91:e7:98:a7:a8:f7:27:e4:9b:
                    1f:3e:5a:e8:5a:0c:06:ea:fb:9c:11:b6:b0:67:ac:
                    55:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:8A:A1:DA:08:59:B4:DC:61:CB:EE:DC:2C:DA:E0:49:18:0E:07:F2
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:62:05:05:cd:e1:21:00:87:1b:0e:7b:c5:62:4f:dc:30:34:
         6c:1a:dc:91:5d:07:a8:f3:03:5f:c8:ab:b9:f4:9e:0f:ce:71:
         49:67:be:5f:ea:15:eb:e2:bb:19:be:4f:16:fd:82:86:91:9f:
         51:ea:d2:fc:09:b1:cf:9b:bf:ac:de:e6:15:eb:9e:6a:57:7a:
         98:56:0f:03:cd:ca:27:45:34:98:29:82:94:d0:bb:2e:a7:21:
         e8:bb:1c:33:97:c3:a9:72:26:90:73:c2:c2:19:cd:62:80:3a:
         fc:35:07:2e:b0:ea:a5:c9:2e:f9:41:03:6f:7d:56:2f:cb:26:
         5c:5f:b3:cf:fb:69:bc:27:63:51:05:db:d6:cf:d5:b3:fc:eb:
         06:c5:56:ca:f8:f8:00:11:e0:22:9c:da:88:c1:7f:7d:4d:f4:
         4e:28:13:0e:23:2b:33:6a:7d:8c:ff:ed:99:55:59:42:31:d1:
         7e:d9:d2:c5:51:95:b4:7e:68:07:8d:f2:ed:a8:d3:48:98:89:
         75:3a:b4:b9:c4:f7:a4:af:4c:4a:4c:bc:1d:63:73:a7:10:5e:
         da:25:49:dc:80:a2:79:5b:cf:3a:41:26:81:8d:20:33:c0:2a:
         e8:17:91:de:a6:0d:25:9b:a3:5b:2f:ab:c7:2e:fb:de:35:67:
         4f:76:94:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m907hmpFzZzutOF1gSnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjYwMzI5MDgwMDMxWhcNMjYwMzMwMDgwMDMxWjAzMTEwLwYDVQQD
EyhmMThhYTFkYTA4NTliNGRjNjFjYmVlZGMyY2RhZTA0OTE4MGUwN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveX4N1AZ5TqqP5D+Q0l782UsrHmO
pQmbqdS2L0bSCCMpMDR8jdLCSFViqCgaLia0WF046OacJsS0Em2WlKPAWoNgd361
8SOYFqUuyBfW9SI2ZQVbL2/6rThUSzjYvh1NESnQhsfRsoVNQENXqYs7gFkACWPY
do5KAVo69yAPSPhFN6tnWGl1vtBDd5mI8fCEhSNH7g9DPg301C8M+JnVfUo8gB12
wB2GEz0eqxgoKKXaXtpO+Xa0vshn4IxbvdX2xl9kh5wlFqIo+iOXSE6ZEQ2aGcE+
lPUVABTXK8s+/cEmT+q0FqmR55inqPcn5JsfPlroWgwG6vucEbawZ6xVAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGKodoIWbTcYcvu3Cza4EkYDgfyMB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl2IFBc3h
IQCHGw57xWJP3DA0bBrckV0HqPMDX8irufSeD85xSWe+X+oV6+K7Gb5PFv2ChpGf
UerS/Amxz5u/rN7mFeueald6mFYPA83KJ0U0mCmClNC7Lqch6LscM5fDqXImkHPC
whnNYoA6/DUHLrDqpcku+UEDb31WL8smXF+zz/tpvCdjUQXb1s/Vs/zrBsVWyvj4
ABHgIpzaiMF/fU30TigTDiMrM2p9jP/tmVVZQjHRftnSxVGVtH5oB43y7ajTSJiJ
dTq0ucT3pK9MSky8HWNzpxBe2iVJ3ICieVvPOkEmgY0gM8Aq6BeR3qYNJZujWy+r
xy773jVnT3aUuA==
-----END CERTIFICATE-----