Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          ad5FFMprdbK2+2SJLhShYW+u1pWEdB+VAEH68qFW3IA=
Subject key identifier:   09:7A:F5:52:FA:E9:AA:E3:02:54:D6:AC:A8:A4:DD:DD:44:AA:A0:BF
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       019D37F736A6A271A0A1F6560910DEEC1B72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          064C
Signing time:             Sun 29 Mar 2026 05:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:41 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: a77OUJborIy4X2kdl6lZM4OKQeY58M/CdJnMNILYADQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:36:a6:a2:71:a0:a1:f6:56:09:10:de:ec:1b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Mar 29 05:00:41 2026 GMT
            Not After : Mar 30 05:00:41 2026 GMT
        Subject: CN=097af552fae9aae30254d6aca8a4dddd44aaa0bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d5:84:b4:f6:c3:ac:df:27:8e:cd:e4:cd:4a:
                    07:03:3e:f7:a3:ec:4e:ab:33:ac:d2:a2:26:6b:00:
                    69:70:6e:b9:a4:d0:2a:b0:ae:77:25:a1:5c:10:7f:
                    3e:dc:ef:2b:04:7e:de:6f:b3:f6:99:dc:4a:bd:08:
                    d8:ed:81:fd:82:cd:d6:b2:8b:ed:3b:6a:c0:9e:ce:
                    9c:4c:5b:56:e4:24:64:4d:9d:4e:ad:94:70:6a:cb:
                    25:c7:26:65:3e:11:2e:66:a8:fa:23:b3:d5:2c:f3:
                    23:29:71:e0:87:3a:64:91:9f:6e:6a:c6:2c:62:f0:
                    02:87:1e:c6:b5:77:1c:f9:58:1c:9b:a2:e2:e8:0e:
                    6c:98:96:c1:39:5f:3b:07:04:de:ca:9f:24:ad:a4:
                    c6:e2:c3:f7:2b:b4:de:cc:73:94:de:b4:2e:08:6c:
                    d7:81:02:6c:a4:d2:af:48:d7:42:d6:66:83:d2:30:
                    a3:a3:4f:91:94:76:44:c7:bf:8a:f2:5b:5e:d9:1e:
                    a4:89:a5:53:e6:c3:32:2a:20:51:28:61:10:3e:6b:
                    85:b3:6d:63:b7:eb:fa:00:7c:0d:dd:20:e7:b9:3b:
                    7e:ba:5e:55:84:d5:4e:50:7a:ed:26:33:5c:5d:48:
                    4b:7d:92:ab:5c:bb:f6:f6:87:9c:b7:13:52:fe:af:
                    c2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:7A:F5:52:FA:E9:AA:E3:02:54:D6:AC:A8:A4:DD:DD:44:AA:A0:BF
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:9f:a9:a2:b8:17:b3:c7:60:2e:1d:39:3a:ed:02:51:41:e0:
         f0:4a:64:c8:dd:70:c1:c3:2c:5c:99:fa:88:63:e7:2a:94:f2:
         95:0b:34:09:b5:e1:1a:7c:75:eb:ba:38:8d:0e:4f:06:4c:5b:
         f1:06:ff:3d:71:0b:72:5c:db:6f:67:07:12:05:94:81:14:c3:
         dc:41:bb:67:f0:6e:98:d4:36:d2:69:c5:c9:82:87:23:01:a4:
         56:6e:4f:d2:83:47:9f:28:d2:6b:d0:0b:d4:4d:9f:65:12:4f:
         ef:92:a7:b7:5a:0f:91:cf:70:68:ad:15:36:7c:03:dc:2b:8a:
         46:49:6c:52:25:fd:f8:d4:e5:d2:26:7f:32:76:22:62:76:ba:
         76:e4:06:af:ab:4d:0b:c6:16:c0:4d:73:2a:dc:58:d2:44:68:
         5c:79:56:56:b1:22:58:78:43:30:68:02:98:49:83:36:ac:33:
         e7:06:df:8a:2e:48:58:d1:d1:4c:59:91:0f:81:d7:64:1e:cc:
         5e:33:01:64:94:6b:89:e8:52:39:96:5d:e4:51:66:6b:00:90:
         dd:a3:66:17:5a:ba:ca:97:65:21:6e:a0:2f:1f:2d:c0:d8:f2:
         85:1e:51:b4:5a:90:a0:d6:d0:57:1d:4b:08:5c:af:8e:cb:ae:
         88:60:5d:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039zamonGgofZWCRDe7BtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjYwMzI5MDUwMDQxWhcNMjYwMzMwMDUwMDQxWjAzMTEwLwYDVQQD
EygwOTdhZjU1MmZhZTlhYWUzMDI1NGQ2YWNhOGE0ZGRkZDQ0YWFhMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudWEtPbDrN8njs3kzUoHAz73o+xO
qzOs0qImawBpcG65pNAqsK53JaFcEH8+3O8rBH7eb7P2mdxKvQjY7YH9gs3Wsovt
O2rAns6cTFtW5CRkTZ1OrZRwasslxyZlPhEuZqj6I7PVLPMjKXHghzpkkZ9uasYs
YvAChx7GtXcc+Vgcm6Li6A5smJbBOV87BwTeyp8kraTG4sP3K7TezHOU3rQuCGzX
gQJspNKvSNdC1maD0jCjo0+RlHZEx7+K8lte2R6kiaVT5sMyKiBRKGEQPmuFs21j
t+v6AHwN3SDnuTt+ul5VhNVOUHrtJjNcXUhLfZKrXLv29oectxNS/q/CBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAl69VL66arjAlTWrKik3d1EqqC/MB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArZ+porgX
s8dgLh05Ou0CUUHg8EpkyN1wwcMsXJn6iGPnKpTylQs0CbXhGnx167o4jQ5PBkxb
8Qb/PXELclzbb2cHEgWUgRTD3EG7Z/BumNQ20mnFyYKHIwGkVm5P0oNHnyjSa9AL
1E2fZRJP75Knt1oPkc9waK0VNnwD3CuKRklsUiX9+NTl0iZ/MnYiYna6duQGr6tN
C8YWwE1zKtxY0kRoXHlWVrEiWHhDMGgCmEmDNqwz5wbfii5IWNHRTFmRD4HXZB7M
XjMBZJRriehSOZZd5FFmawCQ3aNmF1q6ypdlIW6gLx8twNjyhR5RtFqQoNbQVx1L
CFyvjsuuiGBdvg==
-----END CERTIFICATE-----