Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          c8pHgBC7a6rtPhfIW5STapHgug2vOZfQGis7b7MrUI8=
Subject key identifier:   29:37:23:B9:43:F9:E1:B2:47:8E:1C:C0:7B:28:FC:20:27:BD:79:FA
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019D386684EFA2635B809DD001B2C0C0CCEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          109D
Signing time:             Sun 29 Mar 2026 07:02:15 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:15 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:15 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: je/exdU5UmSENtz8/fq1BHx77B3whEBKh/nRF3GlMwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:84:ef:a2:63:5b:80:9d:d0:01:b2:c0:c0:cc:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Mar 29 07:02:15 2026 GMT
            Not After : Mar 30 07:02:15 2026 GMT
        Subject: CN=293723b943f9e1b2478e1cc07b28fc2027bd79fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e9:6c:32:59:0d:6b:88:79:71:c0:b7:c2:fb:
                    49:5d:e3:33:0a:9b:a0:f5:c1:f6:9b:10:b4:8d:2a:
                    60:f6:84:b0:fa:ec:c4:73:e7:2c:a9:9b:6b:b3:5b:
                    ed:99:8b:6e:82:93:ec:f6:cb:25:1d:34:e2:d0:8a:
                    a1:14:e7:f7:9a:eb:88:0f:48:54:cc:e8:cb:97:c7:
                    5d:d0:19:73:e8:35:22:c8:a6:1d:cf:34:c3:c9:8d:
                    25:b3:7e:aa:4d:17:04:2e:a0:71:f1:38:03:4a:57:
                    d9:0d:9a:0c:5c:7c:ac:77:85:fc:bb:5d:19:48:0d:
                    ba:0f:cd:82:60:c0:87:27:22:b2:f8:3c:e7:c3:1e:
                    0c:bd:8a:c5:82:4c:68:9d:25:5b:a6:9e:b9:2b:b3:
                    e9:4d:bf:82:f4:6b:87:d7:57:c4:8a:7d:f9:8b:03:
                    52:cd:ec:cf:e8:4c:35:a3:69:08:40:88:c2:72:41:
                    0a:7d:e2:50:19:8f:a0:ee:61:bc:b0:b0:f1:e5:42:
                    eb:fd:84:dd:54:eb:8f:aa:5b:0e:b2:ab:af:4d:97:
                    e5:7f:14:a4:3c:f4:63:c6:96:a9:4f:38:9f:b1:a6:
                    0f:97:5f:33:b7:ae:9e:d5:26:bd:57:5f:60:cb:c4:
                    e6:8d:ab:60:2d:39:cf:13:c7:d7:9d:b5:b1:e8:1b:
                    45:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:37:23:B9:43:F9:E1:B2:47:8E:1C:C0:7B:28:FC:20:27:BD:79:FA
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:fb:41:3c:d8:dd:97:36:12:6d:c5:ef:e4:2b:fd:3a:25:bf:
         a4:19:81:69:c0:2e:25:fa:26:1e:39:73:72:01:c0:42:dd:e6:
         b5:21:36:83:ca:cf:ad:85:5d:08:84:af:2b:fe:f2:58:3f:a3:
         63:e7:bd:fa:68:1c:8b:42:b9:75:c7:8d:e6:31:d3:f3:1c:4b:
         c7:96:ac:1d:05:c3:74:27:eb:33:f4:19:bb:69:5f:20:d8:a3:
         2b:a8:c3:f9:73:68:7d:d9:0e:45:73:d1:10:66:cd:e7:40:33:
         e0:5c:4f:b2:a8:9c:4c:a3:ed:f7:a7:35:05:8f:be:c1:93:eb:
         14:2f:cf:0e:22:99:af:84:48:63:ac:be:7b:b4:a9:43:b5:51:
         da:fd:94:e8:2d:eb:80:24:ab:36:96:05:a4:4f:76:07:f2:e5:
         33:84:76:ee:78:50:b2:a2:05:f1:32:42:86:f2:73:56:74:ae:
         25:03:93:3c:8d:e3:d5:e6:2e:d3:c7:6a:84:3a:27:1b:03:c6:
         c9:85:5c:d1:ae:bb:df:4a:ea:3c:5d:39:bf:bf:1a:e9:48:72:
         be:d1:1f:14:83:d2:15:3b:22:24:09:4f:94:f8:68:b8:c9:d7:
         f3:02:ba:4d:6b:c7:9f:fe:c2:64:fc:06:64:43:58:3f:3d:34:
         44:48:ff:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZoTvomNbgJ3QAbLAwMzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjYwMzI5MDcwMjE1WhcNMjYwMzMwMDcwMjE1WjAzMTEwLwYDVQQD
EygyOTM3MjNiOTQzZjllMWIyNDc4ZTFjYzA3YjI4ZmMyMDI3YmQ3OWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqulsMlkNa4h5ccC3wvtJXeMzCpug
9cH2mxC0jSpg9oSw+uzEc+csqZtrs1vtmYtugpPs9sslHTTi0IqhFOf3muuID0hU
zOjLl8dd0Blz6DUiyKYdzzTDyY0ls36qTRcELqBx8TgDSlfZDZoMXHysd4X8u10Z
SA26D82CYMCHJyKy+Dznwx4MvYrFgkxonSVbpp65K7PpTb+C9GuH11fEin35iwNS
zezP6Ew1o2kIQIjCckEKfeJQGY+g7mG8sLDx5ULr/YTdVOuPqlsOsquvTZflfxSk
PPRjxpapTzifsaYPl18zt66e1Sa9V19gy8TmjatgLTnPE8fXnbWx6BtFsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCk3I7lD+eGyR44cwHso/CAnvXn6MB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXPtBPNjd
lzYSbcXv5Cv9OiW/pBmBacAuJfomHjlzcgHAQt3mtSE2g8rPrYVdCISvK/7yWD+j
Y+e9+mgci0K5dceN5jHT8xxLx5asHQXDdCfrM/QZu2lfINijK6jD+XNofdkORXPR
EGbN50Az4FxPsqicTKPt96c1BY++wZPrFC/PDiKZr4RIY6y+e7SpQ7VR2v2U6C3r
gCSrNpYFpE92B/LlM4R27nhQsqIF8TJChvJzVnSuJQOTPI3j1eYu08dqhDonGwPG
yYVc0a6730rqPF05v78a6UhyvtEfFIPSFTsiJAlPlPhouMnX8wK6TWvHn/7CZPwG
ZENYPz00REj/rQ==
-----END CERTIFICATE-----