Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4fd739-1d0d-4753-a845-907796e705da/1/npzXqbifTgVovUoLbCwRzRfn8OE.mft
File:                     npzXqbifTgVovUoLbCwRzRfn8OE.mft (raw, json)
Hash identifier:          oT/bIa8XXtKvQYk2pfkGDrAsof1E1NKHa+llvwsQ8IU=
Subject key identifier:   C2:7A:87:C1:DC:1A:38:74:A7:A3:64:AC:9E:A8:F4:8E:F8:3C:D1:E5
Authority key identifier: 9E:9C:D7:A9:B8:9F:4E:05:68:BD:4A:0B:6C:2C:11:CD:17:E7:F0:E1
Certificate issuer:       /CN=9e9cd7a9b89f4e0568bd4a0b6c2c11cd17e7f0e1
Certificate serial:       019D38D298A1B48A6517C260326A00382720
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npzXqbifTgVovUoLbCwRzRfn8OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4fd739-1d0d-4753-a845-907796e705da/1/npzXqbifTgVovUoLbCwRzRfn8OE.mft
Manifest number:          0641
Signing time:             Sun 29 Mar 2026 09:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:18 +0000
Files and hashes:         1: npzXqbifTgVovUoLbCwRzRfn8OE.crl (hash: ihvDaC1nlL3pgS4F/Zcd0NuN6zWtsC5zkBI6rTBRGjo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4fd739-1d0d-4753-a845-907796e705da/1/npzXqbifTgVovUoLbCwRzRfn8OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4fd739-1d0d-4753-a845-907796e705da/1/npzXqbifTgVovUoLbCwRzRfn8OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/npzXqbifTgVovUoLbCwRzRfn8OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:98:a1:b4:8a:65:17:c2:60:32:6a:00:38:27:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e9cd7a9b89f4e0568bd4a0b6c2c11cd17e7f0e1
        Validity
            Not Before: Mar 29 09:00:18 2026 GMT
            Not After : Mar 30 09:00:18 2026 GMT
        Subject: CN=c27a87c1dc1a3874a7a364ac9ea8f48ef83cd1e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4b:5e:4f:a2:d0:fd:00:ef:8c:98:b4:50:0f:
                    dd:d3:bb:7c:d3:7f:be:e8:8d:4c:67:4e:1b:16:25:
                    d0:39:08:09:2b:d6:cf:09:5a:a2:08:e0:8f:80:81:
                    72:f7:90:aa:2e:3c:05:95:95:6d:c8:d7:b7:de:87:
                    cf:a8:29:ca:f9:68:cf:48:c4:81:b8:a1:61:12:3d:
                    c4:fe:b4:0a:77:61:50:e8:ca:38:76:47:f1:6e:e0:
                    74:0e:1e:3f:54:c7:cb:53:49:ea:cf:5a:47:01:1f:
                    70:ff:70:f0:94:c1:e6:3f:46:08:e7:ba:3b:83:1e:
                    0a:45:bd:a8:27:98:bd:e1:39:b0:07:cf:34:e7:04:
                    75:a4:78:2d:c1:c6:57:31:15:62:14:a9:51:06:52:
                    55:48:e2:0f:74:83:17:4d:8d:57:56:b8:3d:df:aa:
                    6e:00:65:69:6c:2f:82:69:b4:f1:dd:ff:49:d4:be:
                    16:fe:d9:e7:9a:1d:46:20:ad:3f:c3:00:22:13:70:
                    50:a0:03:9d:d4:c0:9f:18:2b:16:c2:4c:5f:a3:f2:
                    b7:2a:e9:29:c0:d9:95:55:59:ad:1b:e9:b8:f3:87:
                    d2:96:78:16:65:06:1f:f0:d1:b2:a8:c7:56:3c:28:
                    c6:a0:b1:dc:f3:82:22:10:58:ec:d0:6e:ad:7f:84:
                    98:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7A:87:C1:DC:1A:38:74:A7:A3:64:AC:9E:A8:F4:8E:F8:3C:D1:E5
            X509v3 Authority Key Identifier:
                keyid:9E:9C:D7:A9:B8:9F:4E:05:68:BD:4A:0B:6C:2C:11:CD:17:E7:F0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npzXqbifTgVovUoLbCwRzRfn8OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4fd739-1d0d-4753-a845-907796e705da/1/npzXqbifTgVovUoLbCwRzRfn8OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4fd739-1d0d-4753-a845-907796e705da/1/npzXqbifTgVovUoLbCwRzRfn8OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:64:4c:a8:95:e2:90:70:24:44:c1:bc:2a:68:da:61:c0:e2:
         1e:27:63:9d:61:fa:8c:01:fb:89:31:78:e8:79:ee:e3:98:cc:
         ca:96:c8:3f:eb:67:78:89:6d:cf:97:a9:a8:47:67:61:3c:af:
         0a:ec:e9:e4:68:ef:72:24:7f:46:38:b0:a1:d4:33:09:17:f2:
         8c:99:ec:91:cd:14:f9:47:fe:7c:fa:ed:58:27:14:87:ac:33:
         9e:be:64:bf:76:dc:71:86:c8:93:7f:04:ef:96:21:9c:3b:47:
         e3:a0:f5:a4:e5:7c:16:80:33:cf:3b:6a:e4:6c:19:c0:75:d5:
         3c:f0:44:29:04:73:41:a0:7d:c1:9e:5d:5b:17:2d:0a:1f:1c:
         7e:b2:67:00:05:cd:17:3b:0d:64:a3:c6:e7:16:c8:b5:21:22:
         06:01:0f:46:db:1c:2e:ee:dc:20:43:b0:0f:d8:c1:25:48:7c:
         be:08:0d:24:98:39:7e:fd:ed:df:98:2b:26:9b:76:d4:2e:91:
         d6:fb:a2:22:20:97:a5:ea:64:6c:89:90:26:be:bd:0e:74:26:
         a5:d8:24:bc:45:31:61:b1:3e:7f:96:e2:3c:22:f7:7e:8e:05:
         67:21:67:72:e0:25:2c:68:df:24:bf:90:84:63:c6:6d:24:89:
         88:6c:82:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040pihtIplF8JgMmoAOCcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOWNkN2E5Yjg5ZjRlMDU2OGJkNGEwYjZjMmMxMWNkMTdl
N2YwZTEwHhcNMjYwMzI5MDkwMDE4WhcNMjYwMzMwMDkwMDE4WjAzMTEwLwYDVQQD
EyhjMjdhODdjMWRjMWEzODc0YTdhMzY0YWM5ZWE4ZjQ4ZWY4M2NkMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUteT6LQ/QDvjJi0UA/d07t803++
6I1MZ04bFiXQOQgJK9bPCVqiCOCPgIFy95CqLjwFlZVtyNe33ofPqCnK+WjPSMSB
uKFhEj3E/rQKd2FQ6Mo4dkfxbuB0Dh4/VMfLU0nqz1pHAR9w/3DwlMHmP0YI57o7
gx4KRb2oJ5i94TmwB8805wR1pHgtwcZXMRViFKlRBlJVSOIPdIMXTY1XVrg936pu
AGVpbC+CabTx3f9J1L4W/tnnmh1GIK0/wwAiE3BQoAOd1MCfGCsWwkxfo/K3Kukp
wNmVVVmtG+m484fSlngWZQYf8NGyqMdWPCjGoLHc84IiEFjs0G6tf4SYgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJ6h8HcGjh0p6NkrJ6o9I74PNHlMB8GA1UdIwQY
MBaAFJ6c16m4n04FaL1KC2wsEc0X5/DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnB6WHFiaWZUZ1ZvdlVvTGJDd1J6UmZuOE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZmQ3MzktMWQwZC00NzUzLWE4NDUt
OTA3Nzk2ZTcwNWRhLzEvbnB6WHFiaWZUZ1ZvdlVvTGJDd1J6UmZuOE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZmQ3MzktMWQwZC00NzUzLWE4NDUtOTA3Nzk2ZTcwNWRh
LzEvbnB6WHFiaWZUZ1ZvdlVvTGJDd1J6UmZuOE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGRMqJXi
kHAkRMG8KmjaYcDiHidjnWH6jAH7iTF46Hnu45jMypbIP+tneIltz5epqEdnYTyv
Cuzp5GjvciR/RjiwodQzCRfyjJnskc0U+Uf+fPrtWCcUh6wznr5kv3bccYbIk38E
75YhnDtH46D1pOV8FoAzzztq5GwZwHXVPPBEKQRzQaB9wZ5dWxctCh8cfrJnAAXN
FzsNZKPG5xbItSEiBgEPRtscLu7cIEOwD9jBJUh8vggNJJg5fv3t35grJpt21C6R
1vuiIiCXpepkbImQJr69DnQmpdgkvEUxYbE+f5biPCL3fo4FZyFncuAlLGjfJL+Q
hGPGbSSJiGyC2A==
-----END CERTIFICATE-----