Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
File:                     M-9NaJSNJyyfOEhtdTIRy16oTis.mft (raw, json)
Hash identifier:          XFbWi1Rc7UlyMlRSore+AFw0iKzv8CnPu3btclp6p0o=
Subject key identifier:   0E:A2:2B:5A:95:3D:4E:C1:F0:22:7B:E1:8E:42:58:45:8E:05:08:69
Authority key identifier: 33:EF:4D:68:94:8D:27:2C:9F:38:48:6D:75:32:11:CB:5E:A8:4E:2B
Certificate issuer:       /CN=33ef4d68948d272c9f38486d753211cb5ea84e2b
Certificate serial:       019D390A6801F0FF74960A041C96A3C9414A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M-9NaJSNJyyfOEhtdTIRy16oTis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
Manifest number:          01AC
Signing time:             Sun 29 Mar 2026 10:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 10:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 10:01:16 +0000
Files and hashes:         1: M-9NaJSNJyyfOEhtdTIRy16oTis.crl (hash: 4mOYrARiclQg8/KlUZWJ1O9KK7VcfdZBERFKzrHJWe4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M-9NaJSNJyyfOEhtdTIRy16oTis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:68:01:f0:ff:74:96:0a:04:1c:96:a3:c9:41:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33ef4d68948d272c9f38486d753211cb5ea84e2b
        Validity
            Not Before: Mar 29 10:01:16 2026 GMT
            Not After : Mar 30 10:01:16 2026 GMT
        Subject: CN=0ea22b5a953d4ec1f0227be18e4258458e050869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:58:37:02:8f:91:8a:28:c6:8c:7b:f0:ec:c8:
                    87:35:fb:7a:ae:74:ee:db:a0:a3:b0:59:62:6b:93:
                    b7:8b:9e:c7:1e:55:17:b8:82:af:4c:96:c0:f3:d3:
                    b3:8d:25:0a:a5:51:da:5a:71:93:de:9d:6b:46:9b:
                    24:a9:9a:d6:ac:58:58:54:f5:46:09:ed:1d:96:d1:
                    9e:fd:b1:83:f1:0b:ad:70:62:6c:c8:2f:7c:f4:74:
                    2e:68:9f:eb:71:c3:f5:ba:8e:7e:91:b3:fb:5e:5f:
                    97:c3:89:ba:dc:d5:51:50:b3:a8:4d:22:2a:52:7c:
                    09:28:76:1f:20:20:c4:22:21:5a:52:b3:16:df:b7:
                    ba:db:c3:cc:f5:c0:6f:bc:b8:47:27:37:06:9f:6d:
                    65:33:fb:98:67:b9:42:a5:c3:b5:a2:b6:88:d9:74:
                    39:31:f3:a9:de:2e:c2:fc:73:f1:e9:98:95:0a:ee:
                    bf:10:05:76:03:7e:a0:8f:bb:81:a7:25:a1:58:a8:
                    11:73:35:c2:8a:eb:21:94:f1:61:77:4b:9e:26:a3:
                    cc:ba:cf:86:cd:01:f0:cb:3d:68:85:6c:e9:29:81:
                    eb:bf:a4:49:4b:68:15:1a:6c:68:eb:52:03:ef:53:
                    f4:98:6d:e1:0a:42:0e:86:77:90:6e:f7:35:43:9e:
                    82:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:A2:2B:5A:95:3D:4E:C1:F0:22:7B:E1:8E:42:58:45:8E:05:08:69
            X509v3 Authority Key Identifier:
                keyid:33:EF:4D:68:94:8D:27:2C:9F:38:48:6D:75:32:11:CB:5E:A8:4E:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-9NaJSNJyyfOEhtdTIRy16oTis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/1b55df-3012-4c03-8a1d-b631c6d1c5e8/1/M-9NaJSNJyyfOEhtdTIRy16oTis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:12:f0:c8:6c:db:e0:8b:55:a2:f8:4a:b7:68:68:01:d2:7c:
         66:8d:9c:e8:ea:a4:1c:07:5a:2c:5d:88:18:f2:c4:7c:c9:23:
         bb:e9:b5:07:26:1b:a2:37:3a:bf:31:c3:13:27:57:0a:3c:f4:
         b6:9c:d5:76:cb:37:10:29:17:d7:da:2b:04:2a:de:1e:06:7c:
         38:28:1a:52:ce:28:a8:34:86:fe:3d:5a:02:f9:3d:5a:cb:33:
         17:32:b4:df:35:9f:31:f0:40:7b:83:f8:7f:77:a7:c6:ac:30:
         0f:af:0f:e0:e5:72:d7:bb:b6:85:6c:6e:00:6a:0d:63:75:b9:
         42:f3:9a:b3:62:21:dc:bb:48:56:d7:50:0b:65:04:d5:4c:0c:
         7f:e5:3b:c6:39:ae:35:e4:79:6a:be:34:70:f7:20:e2:dc:2f:
         af:50:32:2a:26:68:b5:9b:8f:b5:49:93:19:59:fa:3c:8e:e9:
         d4:8e:85:7e:32:e4:62:a3:6a:77:4f:e1:dd:3c:3a:d3:a9:5d:
         d5:7e:85:8f:4e:22:2c:9b:3f:59:23:69:1d:f3:7d:7c:32:7e:
         b5:43:24:76:d6:fc:eb:9e:93:4a:c2:d1:29:38:b8:d1:9d:b0:
         71:84:2f:de:97:8b:1c:12:99:d9:12:47:98:05:a8:94:fa:dc:
         ca:a1:c5:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CmgB8P90lgoEHJajyUFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWY0ZDY4OTQ4ZDI3MmM5ZjM4NDg2ZDc1MzIxMWNiNWVh
ODRlMmIwHhcNMjYwMzI5MTAwMTE2WhcNMjYwMzMwMTAwMTE2WjAzMTEwLwYDVQQD
EygwZWEyMmI1YTk1M2Q0ZWMxZjAyMjdiZTE4ZTQyNTg0NThlMDUwODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFg3Ao+RiijGjHvw7MiHNft6rnTu
26CjsFlia5O3i57HHlUXuIKvTJbA89OzjSUKpVHaWnGT3p1rRpskqZrWrFhYVPVG
Ce0dltGe/bGD8QutcGJsyC989HQuaJ/rccP1uo5+kbP7Xl+Xw4m63NVRULOoTSIq
UnwJKHYfICDEIiFaUrMW37e628PM9cBvvLhHJzcGn21lM/uYZ7lCpcO1oraI2XQ5
MfOp3i7C/HPx6ZiVCu6/EAV2A36gj7uBpyWhWKgRczXCiushlPFhd0ueJqPMus+G
zQHwyz1ohWzpKYHrv6RJS2gVGmxo61ID71P0mG3hCkIOhneQbvc1Q56CxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6iK1qVPU7B8CJ74Y5CWEWOBQhpMB8GA1UdIwQY
MBaAFDPvTWiUjScsnzhIbXUyEcteqE4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS05TmFKU05KeXlmT0VodGRUSVJ5MTZvVGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8xYjU1ZGYtMzAxMi00YzAzLThhMWQt
YjYzMWM2ZDFjNWU4LzEvTS05TmFKU05KeXlmT0VodGRUSVJ5MTZvVGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8xYjU1ZGYtMzAxMi00YzAzLThhMWQtYjYzMWM2ZDFjNWU4
LzEvTS05TmFKU05KeXlmT0VodGRUSVJ5MTZvVGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxLwyGzb
4ItVovhKt2hoAdJ8Zo2c6OqkHAdaLF2IGPLEfMkju+m1ByYbojc6vzHDEydXCjz0
tpzVdss3ECkX19orBCreHgZ8OCgaUs4oqDSG/j1aAvk9WsszFzK03zWfMfBAe4P4
f3enxqwwD68P4OVy17u2hWxuAGoNY3W5QvOas2Ih3LtIVtdQC2UE1UwMf+U7xjmu
NeR5ar40cPcg4twvr1AyKiZotZuPtUmTGVn6PI7p1I6FfjLkYqNqd0/h3Tw606ld
1X6Fj04iLJs/WSNpHfN9fDJ+tUMkdtb8656TSsLRKTi40Z2wcYQv3peLHBKZ2RJH
mAWolPrcyqHFjw==
-----END CERTIFICATE-----