Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
File:                     nyHqqnvQ7mfKYwLj16quZNcpQC0.mft (raw, json)
Hash identifier:          nF/Rl67yG17tz4M1CkUcByLsIvQlITi1iLJ9uG/fpLg=
Subject key identifier:   F0:B7:F3:DC:27:DE:82:EB:28:44:73:D6:AB:8C:2C:E1:59:3F:F9:21
Authority key identifier: 9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D
Certificate issuer:       /CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
Certificate serial:       019D375218416B7A5AF2D49CF28572B888ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
Manifest number:          0973
Signing time:             Sun 29 Mar 2026 02:00:20 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:20 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:20 +0000
Files and hashes:         1: nyHqqnvQ7mfKYwLj16quZNcpQC0.crl (hash: rbTo9e/tATyZExIxdQEq8nQgCO/qJiQNVUP+Mb4Mue4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:18:41:6b:7a:5a:f2:d4:9c:f2:85:72:b8:88:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f21eaaa7bd0ee67ca6302e3d7aaae64d729402d
        Validity
            Not Before: Mar 29 02:00:20 2026 GMT
            Not After : Mar 30 02:00:20 2026 GMT
        Subject: CN=f0b7f3dc27de82eb284473d6ab8c2ce1593ff921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:8a:ef:9e:23:f7:16:07:b1:a3:5c:74:19:19:
                    23:39:2a:be:06:a6:c7:6a:a6:97:4c:88:b1:32:44:
                    63:5a:99:35:c8:6f:8f:ef:6c:ac:22:43:57:40:03:
                    ca:a6:0f:21:50:96:5b:a8:9c:66:09:92:18:d4:b9:
                    da:61:a3:e7:ad:4f:0c:29:61:6f:ad:5b:db:b1:4b:
                    c0:27:c0:f0:34:e8:42:ba:fb:7e:b7:8c:0a:3b:7c:
                    05:c5:23:87:5c:58:af:92:87:43:6f:97:c5:07:53:
                    45:2e:6b:53:d0:07:4f:f4:be:cc:69:b8:f7:6d:53:
                    ae:fe:fd:1a:fd:c2:9a:b4:59:66:0f:ac:1f:fd:48:
                    aa:43:21:56:aa:eb:dc:2c:f2:d3:11:96:b2:0e:ab:
                    c8:4e:f0:8b:69:b3:d8:2f:50:dc:b7:db:e3:b9:60:
                    13:d6:16:53:3e:24:84:42:41:18:b2:cb:3e:ee:44:
                    a1:c6:7d:73:0c:60:19:7d:3f:d0:7d:03:ff:65:e9:
                    f9:4e:29:ad:26:e7:bb:6c:44:db:f7:ed:fe:89:39:
                    14:83:19:4a:e6:cc:5c:6e:ce:c5:7b:bf:4c:59:81:
                    d9:de:84:4e:22:5b:17:3e:94:62:95:f6:53:23:3b:
                    d1:27:b6:14:ef:99:bc:a2:5a:c9:c6:8b:f7:b0:46:
                    fd:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B7:F3:DC:27:DE:82:EB:28:44:73:D6:AB:8C:2C:E1:59:3F:F9:21
            X509v3 Authority Key Identifier:
                keyid:9F:21:EA:AA:7B:D0:EE:67:CA:63:02:E3:D7:AA:AE:64:D7:29:40:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyHqqnvQ7mfKYwLj16quZNcpQC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/76f462-ad81-4f02-898b-a96f61c0c1da/1/nyHqqnvQ7mfKYwLj16quZNcpQC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f1:32:34:36:bd:45:19:59:85:49:b8:25:b9:ba:e5:3b:e3:
         98:b5:e5:3a:ca:7c:7e:ff:cb:a4:97:dd:08:00:76:65:89:b3:
         bd:65:28:66:67:a4:68:56:a6:18:0f:9e:16:eb:7e:58:3f:6d:
         d1:a6:e5:50:2e:f5:22:df:46:a1:42:68:a2:96:66:d3:6e:9f:
         34:d2:e0:0c:13:ff:20:7d:e1:05:ea:dd:e3:85:6d:51:62:25:
         f1:b7:0a:89:46:85:8e:62:85:1e:98:6c:26:52:a2:d1:60:4d:
         f4:fb:e1:f9:bb:f8:3d:31:76:1f:7f:8f:f0:1c:30:3c:04:b9:
         19:fb:3f:be:d8:fc:88:a7:99:6b:79:1c:1c:6f:e0:c4:f6:31:
         71:29:f2:65:59:5a:db:32:77:19:b3:68:1d:48:62:74:c2:ba:
         3d:0a:d1:36:8d:2b:de:d2:0b:08:24:ba:60:3a:4a:ad:51:60:
         1c:8a:7c:c3:c7:46:07:33:e9:06:d9:49:7f:9c:31:ab:37:6b:
         95:63:3e:ef:06:f4:c1:cd:03:12:4d:df:f5:65:20:69:e3:3f:
         6a:26:9e:95:62:87:83:41:f0:9f:f9:30:5a:19:8b:d1:08:fa:
         c5:d5:04:fe:fa:6b:b4:a3:fb:83:2d:c8:40:aa:d9:94:c8:a3:
         e6:12:9f:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UhhBa3pa8tSc8oVyuIjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjFlYWFhN2JkMGVlNjdjYTYzMDJlM2Q3YWFhZTY0ZDcy
OTQwMmQwHhcNMjYwMzI5MDIwMDIwWhcNMjYwMzMwMDIwMDIwWjAzMTEwLwYDVQQD
EyhmMGI3ZjNkYzI3ZGU4MmViMjg0NDczZDZhYjhjMmNlMTU5M2ZmOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54rvniP3Fgexo1x0GRkjOSq+BqbH
aqaXTIixMkRjWpk1yG+P72ysIkNXQAPKpg8hUJZbqJxmCZIY1LnaYaPnrU8MKWFv
rVvbsUvAJ8DwNOhCuvt+t4wKO3wFxSOHXFivkodDb5fFB1NFLmtT0AdP9L7Mabj3
bVOu/v0a/cKatFlmD6wf/UiqQyFWquvcLPLTEZayDqvITvCLabPYL1Dct9vjuWAT
1hZTPiSEQkEYsss+7kShxn1zDGAZfT/QfQP/Zen5TimtJue7bETb9+3+iTkUgxlK
5sxcbs7Fe79MWYHZ3oROIlsXPpRilfZTIzvRJ7YU75m8olrJxov3sEb99wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPC389wn3oLrKERz1quMLOFZP/khMB8GA1UdIwQY
MBaAFJ8h6qp70O5nymMC49eqrmTXKUAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGIt
YTk2ZjYxYzBjMWRhLzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC83NmY0NjItYWQ4MS00ZjAyLTg5OGItYTk2ZjYxYzBjMWRh
LzEvbnlIcXFudlE3bWZLWXdMajE2cXVaTmNwUUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfEyNDa9
RRlZhUm4Jbm65TvjmLXlOsp8fv/LpJfdCAB2ZYmzvWUoZmekaFamGA+eFut+WD9t
0ablUC71It9GoUJoopZm026fNNLgDBP/IH3hBerd44VtUWIl8bcKiUaFjmKFHphs
JlKi0WBN9Pvh+bv4PTF2H3+P8BwwPAS5Gfs/vtj8iKeZa3kcHG/gxPYxcSnyZVla
2zJ3GbNoHUhidMK6PQrRNo0r3tILCCS6YDpKrVFgHIp8w8dGBzPpBtlJf5wxqzdr
lWM+7wb0wc0DEk3f9WUgaeM/aiaelWKHg0Hwn/kwWhmL0Qj6xdUE/vprtKP7gy3I
QKrZlMij5hKfpA==
-----END CERTIFICATE-----