Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          n8jFaVgARNwZSnO0rQLz65/1yD7Y4VU5h7ljNObv6Lo=
Subject key identifier:   20:07:C3:01:64:B4:35:0F:6A:27:EC:81:16:84:B2:4D:40:F3:A0:D1
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019D38665DF77992C93EE1B052470A3DACE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          185F
Signing time:             Sun 29 Mar 2026 07:02:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:05 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: 82es+GvsOEbTe5Gcpmv16wCwSAfpApZxKE1hNC+8EJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:5d:f7:79:92:c9:3e:e1:b0:52:47:0a:3d:ac:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Mar 29 07:02:05 2026 GMT
            Not After : Mar 30 07:02:05 2026 GMT
        Subject: CN=2007c30164b4350f6a27ec811684b24d40f3a0d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:2e:7c:49:aa:a8:df:a1:35:01:d7:52:74:
                    b5:2e:62:f8:e8:d8:a7:61:04:4c:47:9a:a0:96:71:
                    3d:6b:90:f2:a5:e3:29:1c:1c:d3:80:bd:2e:75:ba:
                    27:cd:3e:87:46:50:45:f2:f3:71:80:d6:96:08:ab:
                    58:5a:26:5d:21:a7:01:56:41:cd:e7:f0:5e:1d:57:
                    0f:db:f4:53:21:c4:9f:ec:b7:40:33:18:d5:f7:1b:
                    31:54:6b:5f:1d:87:ac:fe:00:ff:94:54:f4:54:45:
                    4b:12:62:fb:41:cc:4e:63:96:33:4f:0c:9c:22:19:
                    56:bf:1e:e1:c7:1c:a1:be:f0:bb:15:6c:4f:4d:27:
                    23:12:18:21:e8:d0:d1:54:e2:dc:a4:a4:73:80:8f:
                    66:f7:1c:54:49:30:a0:b6:28:9f:b0:de:cd:7c:28:
                    9a:01:71:8a:e0:ac:33:87:cd:40:6b:2f:87:d3:3d:
                    dd:6c:dc:e0:91:89:b4:56:f7:e2:1d:7d:ff:b7:80:
                    d1:03:c2:ad:1b:8b:59:c0:92:3e:1b:52:7f:18:36:
                    c3:3e:cb:95:1b:3b:ed:2d:e8:1e:21:7a:f0:3f:a5:
                    b9:c6:8b:65:93:1d:12:6a:bd:22:0b:2c:58:35:f3:
                    3b:b4:d3:bc:8a:60:a5:4a:16:0c:1f:a3:de:4f:10:
                    2c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:07:C3:01:64:B4:35:0F:6A:27:EC:81:16:84:B2:4D:40:F3:A0:D1
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:bc:bf:a1:8a:ea:ea:42:6d:d4:42:70:45:e5:09:a5:77:dd:
         7f:4f:9c:51:e6:42:37:54:2c:5a:22:c9:b1:c1:61:10:96:4c:
         54:88:5d:79:1d:d0:9c:ae:2b:06:9c:91:85:1f:9f:d5:9c:40:
         a2:ba:56:25:44:89:3c:1a:0b:3f:69:d5:1b:7e:0d:34:ac:4c:
         8f:9c:bf:ab:b5:3f:3c:00:56:53:6e:fb:42:cc:a1:ce:7b:67:
         42:57:87:22:71:cb:18:04:e8:e6:58:65:6c:07:94:ac:e0:2d:
         73:1f:e8:1e:c0:5d:c4:73:05:84:61:ca:d2:02:81:aa:b4:b9:
         9d:3a:b1:98:b6:75:f4:f6:41:80:e4:52:4c:9b:2b:d4:d8:e5:
         ed:b9:94:68:b7:74:40:06:49:f7:2e:c0:dd:8c:4e:fa:4c:1a:
         23:00:d7:7d:47:f8:a3:26:6a:2b:d6:45:f3:dc:d9:b5:bf:74:
         ac:ce:86:3c:94:69:18:0c:bf:8b:8b:76:61:24:eb:87:01:f3:
         a2:2d:e5:4d:7b:0b:bc:c5:88:2c:27:e0:a7:4b:43:04:70:44:
         8b:3d:e0:5a:b3:64:14:1a:2f:c0:99:3f:0c:ce:a1:7c:ee:19:
         b4:50:03:46:fb:ad:d2:00:bc:e5:14:62:15:7f:16:c9:a9:c2:
         df:98:d0:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zl33eZLJPuGwUkcKPazjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjYwMzI5MDcwMjA1WhcNMjYwMzMwMDcwMjA1WjAzMTEwLwYDVQQD
EygyMDA3YzMwMTY0YjQzNTBmNmEyN2VjODExNjg0YjI0ZDQwZjNhMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp0ufEmqqN+hNQHXUnS1LmL46Nin
YQRMR5qglnE9a5DypeMpHBzTgL0udbonzT6HRlBF8vNxgNaWCKtYWiZdIacBVkHN
5/BeHVcP2/RTIcSf7LdAMxjV9xsxVGtfHYes/gD/lFT0VEVLEmL7QcxOY5YzTwyc
IhlWvx7hxxyhvvC7FWxPTScjEhgh6NDRVOLcpKRzgI9m9xxUSTCgtiifsN7NfCia
AXGK4Kwzh81Aay+H0z3dbNzgkYm0VvfiHX3/t4DRA8KtG4tZwJI+G1J/GDbDPsuV
GzvtLegeIXrwP6W5xotlkx0Sar0iCyxYNfM7tNO8imClShYMH6PeTxAs8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAHwwFktDUPaifsgRaEsk1A86DRMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACry/oYrq
6kJt1EJwReUJpXfdf0+cUeZCN1QsWiLJscFhEJZMVIhdeR3QnK4rBpyRhR+f1ZxA
orpWJUSJPBoLP2nVG34NNKxMj5y/q7U/PABWU277QsyhzntnQleHInHLGATo5lhl
bAeUrOAtcx/oHsBdxHMFhGHK0gKBqrS5nTqxmLZ19PZBgORSTJsr1Njl7bmUaLd0
QAZJ9y7A3YxO+kwaIwDXfUf4oyZqK9ZF89zZtb90rM6GPJRpGAy/i4t2YSTrhwHz
oi3lTXsLvMWILCfgp0tDBHBEiz3gWrNkFBovwJk/DM6hfO4ZtFADRvut0gC85RRi
FX8WyanC35jQPw==
-----END CERTIFICATE-----