Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          NSJHsfEKgOJsYtBk3jj/7OrGhG8OmSEWUESbsMynE2U=
Subject key identifier:   82:32:2A:89:A4:8C:1F:9C:3F:F7:2F:14:7D:68:DA:B5:A2:9C:F1:ED
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019D3865F3ED932706EB45A96DA0EAB9210F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:38 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:38 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:38 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: hneDVu2v3XqOerbx+vemXNbwXxHBlxcgIjVAZpmERi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f3:ed:93:27:06:eb:45:a9:6d:a0:ea:b9:21:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Mar 29 07:01:38 2026 GMT
            Not After : Mar 30 07:01:38 2026 GMT
        Subject: CN=82322a89a48c1f9c3ff72f147d68dab5a29cf1ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:3e:ca:e4:5e:b7:4d:91:c1:20:b5:d3:f0:b0:
                    49:1b:db:20:3d:c9:b2:6f:82:f1:71:60:bb:6e:ca:
                    7f:7d:68:58:9a:be:81:e4:05:2b:62:d1:4b:22:16:
                    dc:5f:d3:e3:6f:49:04:d3:ca:6e:f3:e5:b4:90:d1:
                    19:50:8e:f1:c6:33:d4:71:05:39:bf:c2:21:e2:f2:
                    64:b6:28:60:3a:7a:f2:51:87:1c:c4:5b:c3:8b:f2:
                    50:64:a3:eb:b8:7e:35:e4:ab:5e:65:e8:28:35:f3:
                    9e:cf:53:eb:de:11:01:00:ac:6b:21:9c:17:b8:f0:
                    87:42:36:7e:58:b0:f3:fa:4c:94:16:07:75:ac:58:
                    d7:b6:82:c6:fc:33:77:4b:7d:cd:96:90:b7:28:f8:
                    6b:3d:27:e6:01:f4:e1:e3:e5:91:a9:f3:ae:39:f0:
                    1a:29:38:93:35:22:e9:00:95:16:25:f2:c9:6b:da:
                    34:e1:4f:d7:d9:fa:58:53:fd:94:d0:bf:fc:2e:67:
                    68:52:7b:af:83:75:48:ca:22:7a:0e:fd:15:b1:f3:
                    79:db:30:6a:cb:40:f7:46:ca:88:54:d6:0c:3c:bc:
                    ba:89:fd:54:7a:72:63:4f:6c:b0:be:b9:32:9a:89:
                    65:69:59:24:b4:03:20:15:eb:26:da:08:f5:74:81:
                    36:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:32:2A:89:A4:8C:1F:9C:3F:F7:2F:14:7D:68:DA:B5:A2:9C:F1:ED
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:cc:76:e2:9a:3c:1e:55:3c:27:bd:63:d7:d3:0d:d2:dd:40:
         54:01:4d:4c:e2:1f:5f:e0:c6:19:c6:61:65:4b:8a:f1:28:14:
         11:77:93:d9:6f:f7:9a:50:19:8a:de:e7:47:7b:03:7c:f6:ac:
         69:b9:ce:ba:cc:20:94:a7:a6:9a:fe:aa:87:58:b1:5c:9a:42:
         7b:ef:fc:b4:a3:bc:ca:35:8c:c7:3d:d3:62:88:5d:d5:f5:60:
         c9:14:df:cd:0d:c2:3f:77:a5:b5:f7:59:6a:a7:12:61:f7:1d:
         82:48:82:34:dc:44:30:e7:b0:2c:19:03:94:7e:dc:ee:9f:4f:
         e0:cb:d5:dc:21:a3:20:43:e6:2e:b6:36:16:e5:d5:72:56:78:
         c6:65:0f:b2:55:18:3c:49:3c:f3:87:c6:3c:b1:ae:10:4d:da:
         df:4e:52:f3:d7:ca:72:6d:89:6c:3d:15:4a:78:a1:dc:22:f2:
         07:67:e1:ed:0d:c9:55:e1:eb:f1:39:8a:22:c7:8b:a8:44:4c:
         90:4b:8c:8c:f2:7f:7b:5d:5e:ce:e3:ed:7c:b8:48:42:f4:97:
         9d:38:42:14:a4:55:8d:1b:83:bc:5e:b0:49:8b:f6:b4:57:48:
         4c:b8:4a:f8:56:06:16:10:be:4f:f8:9e:fd:c3:61:75:15:1c:
         20:de:6b:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfPtkycG60WpbaDquSEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjYwMzI5MDcwMTM4WhcNMjYwMzMwMDcwMTM4WjAzMTEwLwYDVQQD
Eyg4MjMyMmE4OWE0OGMxZjljM2ZmNzJmMTQ3ZDY4ZGFiNWEyOWNmMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j7K5F63TZHBILXT8LBJG9sgPcmy
b4LxcWC7bsp/fWhYmr6B5AUrYtFLIhbcX9Pjb0kE08pu8+W0kNEZUI7xxjPUcQU5
v8Ih4vJktihgOnryUYccxFvDi/JQZKPruH415KteZegoNfOez1Pr3hEBAKxrIZwX
uPCHQjZ+WLDz+kyUFgd1rFjXtoLG/DN3S33NlpC3KPhrPSfmAfTh4+WRqfOuOfAa
KTiTNSLpAJUWJfLJa9o04U/X2fpYU/2U0L/8LmdoUnuvg3VIyiJ6Dv0VsfN52zBq
y0D3RsqIVNYMPLy6if1UenJjT2ywvrkymollaVkktAMgFesm2gj1dIE2ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIyKomkjB+cP/cvFH1o2rWinPHtMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXcx24po8
HlU8J71j19MN0t1AVAFNTOIfX+DGGcZhZUuK8SgUEXeT2W/3mlAZit7nR3sDfPas
abnOuswglKemmv6qh1ixXJpCe+/8tKO8yjWMxz3TYohd1fVgyRTfzQ3CP3eltfdZ
aqcSYfcdgkiCNNxEMOewLBkDlH7c7p9P4MvV3CGjIEPmLrY2FuXVclZ4xmUPslUY
PEk884fGPLGuEE3a305S89fKcm2JbD0VSnih3CLyB2fh7Q3JVeHr8TmKIseLqERM
kEuMjPJ/e11ezuPtfLhIQvSXnThCFKRVjRuDvF6wSYv2tFdITLhK+FYGFhC+T/ie
/cNhdRUcIN5rYQ==
-----END CERTIFICATE-----