Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
File:                     nvnDHh7MuhkCs_YiWT3pcspxi1w.mft (raw, json)
Hash identifier:          hExjCSMUSFBK5+ZvVwTc6WliEQ+dEDVQOnPJCyiD28I=
Subject key identifier:   98:DB:78:A7:3D:3F:81:D2:1D:B5:0B:77:EB:A0:04:4C:14:B5:72:FD
Authority key identifier: 9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C
Certificate issuer:       /CN=9ef9c31e1eccba1902b3f622593de972ca718b5c
Certificate serial:       019D3940D5467CB8605087AD10C3865F3740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
Manifest number:          0FE7
Signing time:             Sun 29 Mar 2026 11:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:43 +0000
Files and hashes:         1: nvnDHh7MuhkCs_YiWT3pcspxi1w.crl (hash: RILbWP34aKinH/ihIzMuG27QYvxAH27ylrBOwA5RcMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:d5:46:7c:b8:60:50:87:ad:10:c3:86:5f:37:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ef9c31e1eccba1902b3f622593de972ca718b5c
        Validity
            Not Before: Mar 29 11:00:43 2026 GMT
            Not After : Mar 30 11:00:43 2026 GMT
        Subject: CN=98db78a73d3f81d21db50b77eba0044c14b572fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:dd:d8:dc:27:b0:9e:af:5a:c4:d8:3d:2d:c5:
                    8f:c2:3f:fc:7d:35:a6:16:d0:5b:64:99:f1:4e:69:
                    22:54:f8:d3:4f:18:3a:8e:cb:bc:78:8f:75:7d:69:
                    1d:f0:9d:fb:0c:16:d0:f3:b2:1c:34:c1:ea:42:85:
                    2c:9a:ac:70:27:14:3c:cd:d0:2e:2b:e4:8d:e1:6d:
                    1f:51:db:5b:aa:12:0c:73:f6:1b:fd:fa:99:7f:da:
                    a2:a2:26:01:d1:0e:ed:f9:2c:5a:1c:91:d2:76:3e:
                    04:e0:64:32:a7:69:d6:da:30:63:26:88:aa:a7:e6:
                    44:10:a8:25:36:40:32:0b:68:22:28:95:b7:a3:33:
                    ff:96:23:16:e4:a7:82:30:45:36:06:0f:99:8c:5e:
                    e0:2e:a6:08:0b:6c:52:c8:96:01:c6:f6:3d:c1:e6:
                    0e:eb:de:7d:ed:38:f1:69:8f:3c:2c:c0:30:99:ce:
                    4d:2e:45:35:dd:35:77:ed:34:c9:fe:1e:04:d4:e4:
                    9f:0f:11:08:9f:c0:78:81:a1:3a:fc:88:d9:43:93:
                    92:73:35:fb:96:46:34:ea:ca:ff:e9:be:f3:1d:b0:
                    3b:7d:55:6f:84:8d:5d:17:a3:06:31:85:f7:3f:88:
                    73:7a:57:e8:f1:79:1c:fe:ea:45:03:e4:f5:40:4e:
                    69:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:DB:78:A7:3D:3F:81:D2:1D:B5:0B:77:EB:A0:04:4C:14:B5:72:FD
            X509v3 Authority Key Identifier:
                keyid:9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:e3:cb:e6:9b:b6:f6:57:e5:37:3e:b5:8d:5b:c9:64:00:8e:
         cb:44:b1:58:07:81:99:e4:0f:d3:7e:d6:96:ec:42:3a:d8:83:
         27:ec:e8:5b:8c:62:85:45:bd:11:59:30:e3:43:7a:2e:a3:f3:
         cc:46:71:f5:2a:9d:76:e6:ab:54:ae:3c:7e:64:47:d8:cd:80:
         8e:c6:5d:7a:50:f7:f2:67:1c:3b:b5:77:13:96:f2:1c:d2:6a:
         ed:0a:be:ca:c4:fe:d2:3b:f8:2f:7a:a8:dc:a2:4c:51:f1:5d:
         32:e6:32:86:a3:1d:c8:33:49:fe:94:77:57:63:e0:9f:43:2a:
         5b:d3:b3:fa:fa:20:9b:0d:31:96:e5:9e:20:b3:db:45:4a:dc:
         8f:50:a7:4d:9a:5c:0d:61:45:fc:7a:63:8f:8f:e2:8a:d7:e4:
         0e:25:aa:a0:a4:56:19:58:69:4a:20:65:88:4e:76:d7:b7:ce:
         19:a2:9f:f5:12:b1:bf:50:59:b3:b2:b6:c0:c5:48:70:a8:fa:
         7d:70:8b:51:53:b4:67:59:56:40:fb:42:21:6d:43:97:00:47:
         a3:75:43:d1:35:b9:61:8a:3c:e1:d9:e5:1d:d1:86:4e:78:de:
         26:24:84:5d:a6:ed:e2:9e:03:ab:0e:38:9f:20:cd:35:91:9e:
         2b:bf:73:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QNVGfLhgUIetEMOGXzdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZjljMzFlMWVjY2JhMTkwMmIzZjYyMjU5M2RlOTcyY2E3
MThiNWMwHhcNMjYwMzI5MTEwMDQzWhcNMjYwMzMwMTEwMDQzWjAzMTEwLwYDVQQD
Eyg5OGRiNzhhNzNkM2Y4MWQyMWRiNTBiNzdlYmEwMDQ0YzE0YjU3MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN3Y3Cewnq9axNg9LcWPwj/8fTWm
FtBbZJnxTmkiVPjTTxg6jsu8eI91fWkd8J37DBbQ87IcNMHqQoUsmqxwJxQ8zdAu
K+SN4W0fUdtbqhIMc/Yb/fqZf9qioiYB0Q7t+SxaHJHSdj4E4GQyp2nW2jBjJoiq
p+ZEEKglNkAyC2giKJW3ozP/liMW5KeCMEU2Bg+ZjF7gLqYIC2xSyJYBxvY9weYO
69597TjxaY88LMAwmc5NLkU13TV37TTJ/h4E1OSfDxEIn8B4gaE6/IjZQ5OSczX7
lkY06sr/6b7zHbA7fVVvhI1dF6MGMYX3P4hzelfo8Xkc/upFA+T1QE5pXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjbeKc9P4HSHbULd+ugBEwUtXL9MB8GA1UdIwQY
MBaAFJ75wx4ezLoZArP2Ilk96XLKcYtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzIt
OTcyYzBmYWU2N2I4LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzItOTcyYzBmYWU2N2I4
LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo+PL5pu2
9lflNz61jVvJZACOy0SxWAeBmeQP037WluxCOtiDJ+zoW4xihUW9EVkw40N6LqPz
zEZx9SqdduarVK48fmRH2M2AjsZdelD38mccO7V3E5byHNJq7Qq+ysT+0jv4L3qo
3KJMUfFdMuYyhqMdyDNJ/pR3V2Pgn0MqW9Oz+vogmw0xluWeILPbRUrcj1CnTZpc
DWFF/Hpjj4/iitfkDiWqoKRWGVhpSiBliE5217fOGaKf9RKxv1BZs7K2wMVIcKj6
fXCLUVO0Z1lWQPtCIW1DlwBHo3VD0TW5YYo84dnlHdGGTnjeJiSEXabt4p4Dqw44
nyDNNZGeK79zQA==
-----END CERTIFICATE-----