Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
File:                     n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json)
Hash identifier:          1AL1v9QJ3H8lpHcDeW/EDMEnNriK22WT6VGE6nEkEeI=
Subject key identifier:   5B:FD:C9:51:44:44:B8:FF:37:75:2D:95:0C:FD:63:11:5A:11:74:60
Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
Certificate issuer:       /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Certificate serial:       019D38662FC5A2C073890FF9F0A4BEB62BD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
Manifest number:          1269
Signing time:             Sun 29 Mar 2026 07:01:54 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:54 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:54 +0000
Files and hashes:         1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: VRj1rhzqIkh+rR4imLodJTVMR12yYQ27Pciw3V+gzjI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2f:c5:a2:c0:73:89:0f:f9:f0:a4:be:b6:2b:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
        Validity
            Not Before: Mar 29 07:01:54 2026 GMT
            Not After : Mar 30 07:01:54 2026 GMT
        Subject: CN=5bfdc9514444b8ff37752d950cfd63115a117460
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:92:de:1c:dd:e5:f1:cc:c4:47:bd:9f:d4:54:
                    10:fa:29:5e:de:74:32:54:80:47:6a:c0:cd:ca:77:
                    21:cb:a4:b2:e5:bf:d2:f0:01:de:06:be:7b:c7:23:
                    42:0f:b9:0c:21:70:a1:cf:3a:be:80:db:1a:ca:c6:
                    fd:bc:1f:f2:db:3c:b4:62:19:82:d5:82:dd:b9:42:
                    50:44:ce:d1:89:9b:2b:ff:a6:06:6f:8b:50:c5:4a:
                    9e:34:6d:ff:06:81:1b:27:c9:38:e1:9a:73:d5:e4:
                    d6:3c:42:09:a1:0e:04:30:df:98:a1:d1:ee:9e:ea:
                    4f:9d:81:1e:1f:12:8a:d5:da:84:ba:55:72:5e:b0:
                    55:9a:c2:62:44:61:8c:3b:5b:e9:93:7a:fe:e4:fb:
                    6c:d9:1c:f2:ec:b2:86:9e:7d:bf:f7:37:00:bf:62:
                    a4:b1:31:d9:06:de:97:7a:cf:69:12:86:d5:3f:b8:
                    e6:41:e5:17:49:73:4b:5c:b8:37:30:85:69:dc:fb:
                    b9:8d:65:ba:59:1d:0c:1b:11:55:d3:93:0d:d4:1f:
                    9b:33:14:9b:b9:f5:0e:d8:c7:92:8a:85:1b:cc:55:
                    d4:7b:17:79:0c:3a:69:2e:ce:6b:67:07:dc:a2:cd:
                    0e:2b:c0:a6:e9:83:9d:3b:bc:a6:29:39:31:b3:ad:
                    70:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:FD:C9:51:44:44:B8:FF:37:75:2D:95:0C:FD:63:11:5A:11:74:60
            X509v3 Authority Key Identifier:
                keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:2c:29:9b:a9:2f:53:2e:58:0b:b0:74:b1:e5:2a:8c:9b:af:
         39:21:f0:e1:4a:20:6e:30:c1:b2:c2:0e:dc:52:f6:55:5c:cd:
         08:08:bf:e5:2a:c8:fe:38:e0:d3:6a:fc:94:26:a6:6a:c3:68:
         30:24:8b:c7:aa:91:f1:47:19:e2:4a:4c:48:b0:d4:86:b2:90:
         a4:da:5f:7e:bc:de:dd:5e:f8:cd:0c:73:ab:6d:54:bf:72:47:
         c3:0c:5b:49:30:d3:2c:00:18:27:81:4f:63:3d:a9:ce:3c:9a:
         0b:10:fc:d2:31:b5:12:7d:70:df:2b:4d:0a:9e:85:6f:92:11:
         81:49:82:f5:2f:9a:52:dc:74:2f:d6:26:d4:b3:1b:8c:a8:b5:
         df:96:05:bf:e9:13:6e:10:74:c8:da:5f:98:79:78:47:ba:b3:
         a5:fe:7a:c2:cb:96:0c:f1:37:5f:ac:00:05:10:7b:44:a3:47:
         4d:58:ac:63:c8:fb:67:17:0a:c6:09:6f:53:14:c7:ea:5d:ff:
         c1:64:91:6b:1f:1d:bb:d5:92:c9:00:cd:39:09:14:b6:65:4c:
         87:3c:18:64:87:31:f3:9c:bb:f4:71:c7:03:45:64:ff:59:e0:
         95:5e:72:eb:ae:e1:56:ed:fe:0f:35:4d:11:11:44:48:9c:ff:
         ce:65:1b:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zi/FosBziQ/58KS+tivXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5
YzkzM2YwHhcNMjYwMzI5MDcwMTU0WhcNMjYwMzMwMDcwMTU0WjAzMTEwLwYDVQQD
Eyg1YmZkYzk1MTQ0NDRiOGZmMzc3NTJkOTUwY2ZkNjMxMTVhMTE3NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZLeHN3l8czER72f1FQQ+ile3nQy
VIBHasDNynchy6Sy5b/S8AHeBr57xyNCD7kMIXChzzq+gNsaysb9vB/y2zy0YhmC
1YLduUJQRM7RiZsr/6YGb4tQxUqeNG3/BoEbJ8k44Zpz1eTWPEIJoQ4EMN+YodHu
nupPnYEeHxKK1dqEulVyXrBVmsJiRGGMO1vpk3r+5Pts2Rzy7LKGnn2/9zcAv2Kk
sTHZBt6Xes9pEobVP7jmQeUXSXNLXLg3MIVp3Pu5jWW6WR0MGxFV05MN1B+bMxSb
ufUO2MeSioUbzFXUexd5DDppLs5rZwfcos0OK8Cm6YOdO7ymKTkxs61w3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv9yVFERLj/N3UtlQz9YxFaEXRgMB8GA1UdIwQY
MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt
NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4
LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACiwpm6kv
Uy5YC7B0seUqjJuvOSHw4UogbjDBssIO3FL2VVzNCAi/5SrI/jjg02r8lCamasNo
MCSLx6qR8UcZ4kpMSLDUhrKQpNpffrze3V74zQxzq21Uv3JHwwxbSTDTLAAYJ4FP
Yz2pzjyaCxD80jG1En1w3ytNCp6Fb5IRgUmC9S+aUtx0L9Ym1LMbjKi135YFv+kT
bhB0yNpfmHl4R7qzpf56wsuWDPE3X6wABRB7RKNHTVisY8j7ZxcKxglvUxTH6l3/
wWSRax8du9WSyQDNOQkUtmVMhzwYZIcx85y79HHHA0Vk/1nglV5y667hVu3+DzVN
ERFESJz/zmUbyg==
-----END CERTIFICATE-----