Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
File:                     nSBC44DWR2UTrMCPtU-8xzYm7D0.mft (raw, json)
Hash identifier:          dau911nFJw63VkfOECSrCZqOJ1nCQNRCppU34IKVEKw=
Subject key identifier:   27:A3:4B:BB:02:4F:B2:CC:3D:1A:06:BD:77:9A:5D:DA:68:D4:AE:32
Authority key identifier: 9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D
Certificate issuer:       /CN=9d2042e380d6476513acc08fb54fbcc73626ec3d
Certificate serial:       019D37BFFDE8E9EA6DC14ABF397286356F48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
Manifest number:          03BD
Signing time:             Sun 29 Mar 2026 04:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:22 +0000
Files and hashes:         1: nSBC44DWR2UTrMCPtU-8xzYm7D0.crl (hash: xWd/9hzIccFI9FJr9dZheD0Hgr39Xv7DfIst/I/8Q/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:bf:fd:e8:e9:ea:6d:c1:4a:bf:39:72:86:35:6f:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2042e380d6476513acc08fb54fbcc73626ec3d
        Validity
            Not Before: Mar 29 04:00:22 2026 GMT
            Not After : Mar 30 04:00:22 2026 GMT
        Subject: CN=27a34bbb024fb2cc3d1a06bd779a5dda68d4ae32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1d:3d:3f:fa:38:03:e3:78:4b:a0:16:b0:59:
                    38:7a:e6:f4:20:92:fe:93:1b:e5:b7:b1:9d:ae:5e:
                    8a:85:aa:57:b8:76:9e:a0:ac:80:31:ed:d8:50:fe:
                    99:45:72:58:a5:dc:1d:0c:15:71:c4:29:9d:08:a6:
                    11:e7:a3:5f:8a:bf:83:ac:f8:e0:ee:75:fa:7b:be:
                    79:ca:59:30:08:2c:9e:87:43:91:3c:c0:64:97:90:
                    ab:27:f1:46:ed:7c:48:ef:f9:23:a4:a3:30:40:18:
                    8f:81:31:89:82:27:4b:84:e9:c8:b3:64:c8:f7:d4:
                    5c:8b:cc:0e:a7:2e:30:c9:2e:5f:49:7b:08:80:cb:
                    f6:60:f6:18:8c:05:48:c5:e9:df:31:b3:50:4f:df:
                    22:17:a7:1b:ee:da:39:ba:7c:a2:57:32:46:98:8d:
                    44:72:07:73:5a:2c:6e:57:a7:ac:11:7a:40:cc:a9:
                    cf:3c:be:78:e9:68:6b:f9:e7:67:6f:df:d9:36:48:
                    11:7f:6f:1f:43:dc:8d:5a:d1:c1:74:08:da:69:cd:
                    5d:11:e5:2d:20:6e:17:c2:f1:95:18:9f:88:ab:70:
                    04:44:e8:47:d9:87:c9:83:50:43:ca:46:6a:74:66:
                    ba:7e:1a:18:3b:43:9a:11:89:dc:56:d5:88:69:c6:
                    b3:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A3:4B:BB:02:4F:B2:CC:3D:1A:06:BD:77:9A:5D:DA:68:D4:AE:32
            X509v3 Authority Key Identifier:
                keyid:9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:d4:f6:b9:aa:56:30:99:e8:8b:e8:82:fb:7b:36:ad:69:6c:
         0f:c4:d0:be:5a:4b:bb:2c:36:2b:82:51:58:6f:49:a5:08:7b:
         0c:0c:2a:63:af:bd:37:fa:77:91:f2:ca:ea:40:76:80:20:e7:
         18:75:70:59:9d:93:c3:ff:4d:fa:59:32:15:5b:78:ee:50:78:
         e9:5f:5b:1c:a7:de:0d:6a:21:e9:6d:19:5e:de:7f:d8:40:70:
         04:97:0a:7b:44:b7:8b:e5:9d:d0:00:bf:7b:46:44:f3:87:e4:
         5c:f4:15:d2:7e:9a:a0:a6:f9:f7:1d:dd:93:ed:2b:3c:e6:85:
         e4:51:0a:ff:45:02:de:ac:cc:dc:cf:f5:cb:d5:80:5a:c3:4c:
         56:44:5b:3a:83:a0:d8:a4:a1:a2:78:ab:d8:9f:fa:bf:fe:65:
         bc:86:7a:31:ce:df:74:08:a1:b9:15:ce:da:dd:1d:03:d8:1b:
         ef:b1:c2:e2:cc:24:97:db:c5:d7:f5:14:b5:fb:f2:8d:5b:62:
         45:f1:8d:7d:1b:26:b2:c0:56:73:a3:d2:5c:a0:9b:ae:7b:e2:
         35:42:04:78:32:2e:b9:89:94:34:80:c7:5c:24:4a:72:40:47:
         06:4f:3d:fb:e5:94:68:15:d7:41:bf:71:20:6a:b0:2f:9c:62:
         c9:fd:e8:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03v/3o6eptwUq/OXKGNW9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjA0MmUzODBkNjQ3NjUxM2FjYzA4ZmI1NGZiY2M3MzYy
NmVjM2QwHhcNMjYwMzI5MDQwMDIyWhcNMjYwMzMwMDQwMDIyWjAzMTEwLwYDVQQD
EygyN2EzNGJiYjAyNGZiMmNjM2QxYTA2YmQ3NzlhNWRkYTY4ZDRhZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB09P/o4A+N4S6AWsFk4eub0IJL+
kxvlt7Gdrl6KhapXuHaeoKyAMe3YUP6ZRXJYpdwdDBVxxCmdCKYR56Nfir+DrPjg
7nX6e755ylkwCCyeh0ORPMBkl5CrJ/FG7XxI7/kjpKMwQBiPgTGJgidLhOnIs2TI
99Rci8wOpy4wyS5fSXsIgMv2YPYYjAVIxenfMbNQT98iF6cb7to5unyiVzJGmI1E
cgdzWixuV6esEXpAzKnPPL546Whr+ednb9/ZNkgRf28fQ9yNWtHBdAjaac1dEeUt
IG4XwvGVGJ+Iq3AEROhH2YfJg1BDykZqdGa6fhoYO0OaEYncVtWIacazCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCejS7sCT7LMPRoGvXeaXdpo1K4yMB8GA1UdIwQY
MBaAFJ0gQuOA1kdlE6zAj7VPvMc2Juw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDct
ZGVkMzg2MmI3NjMxLzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDctZGVkMzg2MmI3NjMx
LzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9T2uapW
MJnoi+iC+3s2rWlsD8TQvlpLuyw2K4JRWG9JpQh7DAwqY6+9N/p3kfLK6kB2gCDn
GHVwWZ2Tw/9N+lkyFVt47lB46V9bHKfeDWoh6W0ZXt5/2EBwBJcKe0S3i+Wd0AC/
e0ZE84fkXPQV0n6aoKb59x3dk+0rPOaF5FEK/0UC3qzM3M/1y9WAWsNMVkRbOoOg
2KShonir2J/6v/5lvIZ6Mc7fdAihuRXO2t0dA9gb77HC4swkl9vF1/UUtfvyjVti
RfGNfRsmssBWc6PSXKCbrnviNUIEeDIuuYmUNIDHXCRKckBHBk89++WUaBXXQb9x
IGqwL5xiyf3oXQ==
-----END CERTIFICATE-----