Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
File:                     N28vTtsjIwxkt5O0GVfvSjI-PFM.mft (raw, json)
Hash identifier:          4tff4vkrR4D/h9NEjb759V8AD4b+TiXyoWUhdBgi0IE=
Subject key identifier:   84:DA:82:EB:E5:04:AE:BE:3E:1B:11:CC:20:4C:D5:BC:17:B6:34:01
Authority key identifier: 37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53
Certificate issuer:       /CN=376f2f4edb23230c64b793b41957ef4a323e3c53
Certificate serial:       019D39AF6B0C9D0AF437F46F63A73EFEC86E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
Manifest number:          133B
Signing time:             Sun 29 Mar 2026 13:01:30 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:30 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:30 +0000
Files and hashes:         1: N28vTtsjIwxkt5O0GVfvSjI-PFM.crl (hash: 3kTn24fXo5rBX9ukqeqth+O4nyZRiYsYTawKLOXfGqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:6b:0c:9d:0a:f4:37:f4:6f:63:a7:3e:fe:c8:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=376f2f4edb23230c64b793b41957ef4a323e3c53
        Validity
            Not Before: Mar 29 13:01:30 2026 GMT
            Not After : Mar 30 13:01:30 2026 GMT
        Subject: CN=84da82ebe504aebe3e1b11cc204cd5bc17b63401
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a9:bb:81:39:06:b1:a5:f5:d8:5d:68:f0:21:
                    7c:df:3e:45:80:26:9b:0b:e3:d8:1d:9e:bd:33:55:
                    33:ac:37:be:0b:3d:93:bb:af:78:a3:dd:b3:66:fd:
                    33:33:a8:9c:74:52:13:8a:50:cd:40:a0:95:a6:a3:
                    4a:69:28:b9:44:a8:1b:e1:2d:6b:66:c7:5d:8b:3b:
                    0d:a6:13:8d:b3:47:9c:5e:5a:85:22:b4:b8:37:3f:
                    56:ff:8a:8f:2f:06:d8:7c:9d:d7:83:d1:7e:61:6b:
                    d3:ae:cd:3d:08:af:cb:b5:f1:68:0e:f4:07:b6:32:
                    74:4b:f6:e6:50:83:20:12:37:c5:e4:34:3d:e3:e9:
                    ae:8f:d1:55:d9:21:3f:8e:a3:09:7b:1e:94:49:78:
                    35:3e:fb:c4:72:da:97:50:1a:9b:a2:7c:69:ae:c2:
                    f2:03:b8:99:d8:8d:dd:bd:76:af:64:13:6e:25:07:
                    67:e3:01:e3:8e:80:c9:9c:0c:ee:e9:a5:83:bc:6d:
                    ae:80:79:f9:8f:07:4d:31:05:aa:6b:5d:1b:bf:16:
                    de:7f:98:81:39:71:4b:54:c7:59:c6:5f:ca:41:f7:
                    dc:df:cc:96:6d:65:8f:ee:7d:66:fc:73:b3:78:24:
                    2d:a6:67:08:8e:36:f8:ce:f4:2b:03:ef:d8:b6:63:
                    7a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:DA:82:EB:E5:04:AE:BE:3E:1B:11:CC:20:4C:D5:BC:17:B6:34:01
            X509v3 Authority Key Identifier:
                keyid:37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:00:1f:a9:d0:ff:d1:9f:1f:33:8e:bf:4d:c4:b9:45:3a:16:
         b9:b1:1d:9b:6e:49:f1:5f:ee:8f:a0:05:19:f7:ac:be:bd:7e:
         f6:6a:ac:42:6e:ce:dc:a6:90:02:82:c0:ba:bd:02:30:0b:9e:
         81:a6:1b:16:9d:8e:a8:7b:9b:6f:a5:c7:9e:57:e4:5b:74:70:
         8f:3f:d4:33:85:cb:47:86:bd:7b:a7:03:da:a3:77:72:73:e1:
         11:39:61:18:10:b0:1f:07:ab:f7:e7:26:d6:30:ed:a1:e6:19:
         f2:60:6e:90:a4:d5:e6:5a:e4:24:f7:6a:de:95:56:d3:9b:57:
         5f:56:f9:59:df:87:ae:3a:4f:b8:52:f3:71:eb:e1:6e:ea:92:
         fa:1b:e4:17:52:9b:e4:90:b1:cd:18:bf:5d:72:cc:ae:c7:68:
         e6:dc:12:19:19:b3:24:96:6f:3e:3a:f2:31:c8:fc:5a:25:0b:
         75:08:21:e1:9d:63:60:10:7a:26:aa:52:68:9a:e8:3c:10:78:
         28:ab:91:c8:ad:33:8d:cf:13:04:ae:0d:27:ec:eb:45:9f:25:
         08:58:8b:fe:26:74:47:78:81:93:f7:98:27:bc:07:0d:15:69:
         ed:0a:84:5c:f1:a0:1a:a8:22:51:0b:36:9c:ef:ae:13:a9:4d:
         3f:af:b2:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r2sMnQr0N/RvY6c+/shuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NmYyZjRlZGIyMzIzMGM2NGI3OTNiNDE5NTdlZjRhMzIz
ZTNjNTMwHhcNMjYwMzI5MTMwMTMwWhcNMjYwMzMwMTMwMTMwWjAzMTEwLwYDVQQD
Eyg4NGRhODJlYmU1MDRhZWJlM2UxYjExY2MyMDRjZDViYzE3YjYzNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2am7gTkGsaX12F1o8CF83z5FgCab
C+PYHZ69M1UzrDe+Cz2Tu694o92zZv0zM6icdFITilDNQKCVpqNKaSi5RKgb4S1r
ZsddizsNphONs0ecXlqFIrS4Nz9W/4qPLwbYfJ3Xg9F+YWvTrs09CK/LtfFoDvQH
tjJ0S/bmUIMgEjfF5DQ94+muj9FV2SE/jqMJex6USXg1PvvEctqXUBqbonxprsLy
A7iZ2I3dvXavZBNuJQdn4wHjjoDJnAzu6aWDvG2ugHn5jwdNMQWqa10bvxbef5iB
OXFLVMdZxl/KQffc38yWbWWP7n1m/HOzeCQtpmcIjjb4zvQrA+/YtmN61wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFITaguvlBK6+PhsRzCBM1bwXtjQBMB8GA1UdIwQY
MBaAFDdvL07bIyMMZLeTtBlX70oyPjxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2Qt
Yjc4OTJmNzZlOGM1LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2QtYjc4OTJmNzZlOGM1
LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAAAfqdD/
0Z8fM46/TcS5RToWubEdm25J8V/uj6AFGfesvr1+9mqsQm7O3KaQAoLAur0CMAue
gaYbFp2OqHubb6XHnlfkW3Rwjz/UM4XLR4a9e6cD2qN3cnPhETlhGBCwHwer9+cm
1jDtoeYZ8mBukKTV5lrkJPdq3pVW05tXX1b5Wd+HrjpPuFLzcevhbuqS+hvkF1Kb
5JCxzRi/XXLMrsdo5twSGRmzJJZvPjryMcj8WiULdQgh4Z1jYBB6JqpSaJroPBB4
KKuRyK0zjc8TBK4NJ+zrRZ8lCFiL/iZ0R3iBk/eYJ7wHDRVp7QqEXPGgGqgiUQs2
nO+uE6lNP6+yTQ==
-----END CERTIFICATE-----