Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          x6NJo/9HmXjq1DkEYQkswgbQj/v83+/7W/WmDGxzowg=
Subject key identifier:   BE:B7:7E:37:D4:40:39:2F:9F:FE:68:53:AE:5A:14:D2:2C:9A:20:91
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       019D3865C082824F8BF99F52A09E641F6242
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          047B
Signing time:             Sun 29 Mar 2026 07:01:25 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:25 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:25 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: 1t25ATPYz9MQk4sZq2GKtm6wm2RMBDVHbiuTp8/hlfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:c0:82:82:4f:8b:f9:9f:52:a0:9e:64:1f:62:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Mar 29 07:01:25 2026 GMT
            Not After : Mar 30 07:01:25 2026 GMT
        Subject: CN=beb77e37d440392f9ffe6853ae5a14d22c9a2091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:eb:f3:b8:dd:87:61:73:a8:7f:85:de:21:19:
                    c8:ae:67:e1:c1:11:63:80:8d:7f:8f:3d:4d:75:ec:
                    16:8d:ae:2e:64:1f:48:26:0a:eb:e9:9b:81:3b:de:
                    c3:43:b5:b7:89:05:5c:d7:d4:b3:92:c5:b7:29:14:
                    51:33:d1:56:95:eb:01:06:43:f8:e2:cb:b8:92:9a:
                    7d:6a:ff:89:0c:45:89:9b:dc:1d:c0:5d:02:5a:da:
                    55:7b:9e:11:5e:cb:19:73:0b:8f:76:3b:a2:38:a4:
                    8b:f5:39:a7:40:fb:9e:4b:62:ba:c1:c1:86:20:d7:
                    05:77:e3:aa:9d:b4:dc:3f:4b:12:d9:f3:83:12:21:
                    22:95:c8:12:10:f7:45:e5:3f:d4:dd:aa:7a:7b:8a:
                    5d:7a:8d:e2:a3:ac:d8:ee:10:0f:d9:49:18:55:6e:
                    1a:f5:f6:3c:ee:f0:04:d4:40:d7:2c:dc:bc:45:ad:
                    2c:ae:55:2f:97:26:24:b9:2e:d1:e3:b3:7b:78:64:
                    d5:08:66:a0:dc:35:53:75:6a:bb:b7:ed:76:a4:6c:
                    21:ac:80:c5:94:64:b7:58:4b:fd:01:08:c4:98:f2:
                    16:62:a1:b0:45:11:c0:1b:ef:11:f3:aa:4a:0e:ac:
                    c0:f5:c5:2a:31:f4:15:a0:cd:ee:6c:3a:74:dc:16:
                    77:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B7:7E:37:D4:40:39:2F:9F:FE:68:53:AE:5A:14:D2:2C:9A:20:91
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:d6:e6:dc:b6:59:77:e9:ff:d8:a3:9d:ea:37:b5:cf:44:11:
         3b:2c:1a:6e:a8:c0:32:66:cc:c4:75:16:14:ff:9f:f9:ab:b5:
         dc:94:b5:e6:0f:60:56:8b:d4:91:58:a2:16:63:30:8e:9b:36:
         71:bb:70:72:39:d8:8e:9d:6f:9b:93:d9:4a:75:6f:94:ba:4c:
         f2:26:df:30:11:66:d3:b2:e8:21:42:ff:d9:2a:1c:a2:b3:00:
         ae:d3:93:92:46:cb:aa:68:6c:50:2b:1a:7f:3e:ce:b4:48:af:
         c6:c3:3d:24:0c:b8:0e:2e:dd:35:b9:f2:a0:8c:93:65:23:da:
         45:b3:61:41:d9:8a:b6:80:08:ce:86:0e:7e:48:2b:d3:cc:67:
         a3:91:ac:34:43:35:9e:37:e8:23:02:33:35:03:e3:cd:53:43:
         ec:3c:19:cb:e2:8d:c9:31:09:20:9f:22:b9:06:3e:ff:d0:de:
         65:d4:24:f1:c9:65:45:59:65:2b:a1:60:5f:77:a1:7c:42:0f:
         16:23:d6:7e:19:57:30:82:57:99:e1:d6:59:ad:75:ab:0a:50:
         4a:4c:12:db:44:6c:90:46:22:9c:9e:39:ad:91:ae:0c:95:03:
         c9:0d:64:fb:c2:01:63:44:e9:87:ef:ca:a1:17:75:d1:70:34:
         02:12:18:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcCCgk+L+Z9SoJ5kH2JCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjYwMzI5MDcwMTI1WhcNMjYwMzMwMDcwMTI1WjAzMTEwLwYDVQQD
EyhiZWI3N2UzN2Q0NDAzOTJmOWZmZTY4NTNhZTVhMTRkMjJjOWEyMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuvzuN2HYXOof4XeIRnIrmfhwRFj
gI1/jz1NdewWja4uZB9IJgrr6ZuBO97DQ7W3iQVc19SzksW3KRRRM9FWlesBBkP4
4su4kpp9av+JDEWJm9wdwF0CWtpVe54RXssZcwuPdjuiOKSL9TmnQPueS2K6wcGG
INcFd+OqnbTcP0sS2fODEiEilcgSEPdF5T/U3ap6e4pdeo3io6zY7hAP2UkYVW4a
9fY87vAE1EDXLNy8Ra0srlUvlyYkuS7R47N7eGTVCGag3DVTdWq7t+12pGwhrIDF
lGS3WEv9AQjEmPIWYqGwRRHAG+8R86pKDqzA9cUqMfQVoM3ubDp03BZ3jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL63fjfUQDkvn/5oU65aFNIsmiCRMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOdbm3LZZ
d+n/2KOd6je1z0QROywabqjAMmbMxHUWFP+f+au13JS15g9gVovUkViiFmMwjps2
cbtwcjnYjp1vm5PZSnVvlLpM8ibfMBFm07LoIUL/2SocorMArtOTkkbLqmhsUCsa
fz7OtEivxsM9JAy4Di7dNbnyoIyTZSPaRbNhQdmKtoAIzoYOfkgr08xno5GsNEM1
njfoIwIzNQPjzVND7DwZy+KNyTEJIJ8iuQY+/9DeZdQk8cllRVllK6FgX3ehfEIP
FiPWfhlXMIJXmeHWWa11qwpQSkwS20RskEYinJ45rZGuDJUDyQ1k+8IBY0Tph+/K
oRd10XA0AhIYoQ==
-----END CERTIFICATE-----