Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          wgyTyfaEww7TMvgoHmZxMDCLvChpxb8QXW0r2UqttIg=
Subject key identifier:   59:E2:D8:CB:86:9B:C2:C8:A6:36:28:6A:90:B8:8F:6A:62:B1:E5:12
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       019D3866143822F66B7FD02086CCA13A013C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          15A5
Signing time:             Sun 29 Mar 2026 07:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:47 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: Q3W7TslbkS7r/A7yL/yk6spsvBENM8oPeCxHOjgh9kk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:14:38:22:f6:6b:7f:d0:20:86:cc:a1:3a:01:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Mar 29 07:01:47 2026 GMT
            Not After : Mar 30 07:01:47 2026 GMT
        Subject: CN=59e2d8cb869bc2c8a636286a90b88f6a62b1e512
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:88:ff:5e:3e:6d:a7:35:80:d0:4b:78:79:74:
                    70:b5:fa:f4:7c:1f:44:ee:f2:e8:5d:e7:3f:8e:52:
                    5c:56:45:e9:85:86:d0:90:f3:20:7f:9c:e0:94:a4:
                    27:17:df:53:42:4a:60:3c:16:e4:e0:b6:9d:2b:da:
                    18:ea:4a:8e:8d:1f:fc:c7:c0:f4:f8:e1:93:ec:94:
                    51:87:24:2b:08:90:53:f7:13:59:91:c7:b4:40:cd:
                    7a:b6:25:e1:a6:7d:a4:17:00:95:ef:bc:dc:ce:36:
                    07:01:4a:11:c0:b1:e4:1d:f1:59:ae:98:54:fa:65:
                    e4:9c:9d:55:db:25:90:9d:c9:a3:4a:b0:24:64:12:
                    09:09:7b:5d:94:f0:b5:2a:8c:18:95:2b:95:a4:82:
                    dd:dc:45:92:57:21:5b:d0:4a:06:cb:09:9c:9c:f2:
                    bc:b3:99:a1:4f:b4:2e:20:3d:3d:57:a3:aa:1c:5a:
                    91:86:17:c6:22:1f:3a:55:0a:9d:4a:e5:5a:57:c7:
                    4c:f5:c8:75:79:a4:9e:a2:01:4a:55:be:b4:06:6a:
                    38:17:07:7e:02:6a:b3:e3:5c:af:27:d5:82:f5:0a:
                    af:58:86:e3:68:00:ad:c3:5b:4e:69:9e:ee:04:66:
                    ca:14:4e:aa:90:e3:e1:08:69:a4:47:90:5d:eb:c8:
                    f3:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:E2:D8:CB:86:9B:C2:C8:A6:36:28:6A:90:B8:8F:6A:62:B1:E5:12
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:3c:43:01:3f:e1:42:07:5b:87:2c:01:b3:60:86:89:c2:7e:
         85:21:26:9c:31:ed:22:43:60:b8:14:8f:50:09:62:0c:39:dc:
         b1:58:c1:73:b6:64:94:f3:e7:6b:ed:2e:0d:a3:11:c5:e8:09:
         80:a0:69:13:7a:3f:f9:7a:c3:8f:02:cd:e1:88:f7:d0:b2:c8:
         94:04:2f:95:64:5a:66:12:ea:68:ac:4f:b1:e9:14:dd:17:9d:
         da:0b:c1:fb:88:81:7c:14:8b:09:31:60:27:44:1f:ed:43:39:
         4d:43:7f:f9:d2:01:80:2f:7e:85:4c:09:48:bd:80:31:16:8b:
         99:3a:3d:62:d3:22:ff:e8:c8:56:9e:87:12:fa:12:da:5b:b2:
         7d:a2:cb:c0:49:32:2d:e4:74:39:e2:d1:79:1a:15:e6:1d:b7:
         f2:ce:00:67:b6:ba:b8:00:ab:03:38:5c:3d:b7:74:01:39:b8:
         46:dd:59:51:0e:e4:7d:4c:5f:4c:7a:d7:fb:e3:e1:4a:cd:b9:
         79:11:6b:86:a9:d0:04:89:04:b9:22:e0:33:07:75:93:55:ad:
         7f:57:23:f0:35:69:ef:b9:da:9e:29:bf:18:15:02:5a:d6:c2:
         0d:98:a5:5e:ab:cc:61:ff:12:22:45:85:a0:70:96:b8:e3:c4:
         1b:b6:e8:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhQ4IvZrf9AghsyhOgE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
Eyg1OWUyZDhjYjg2OWJjMmM4YTYzNjI4NmE5MGI4OGY2YTYyYjFlNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24j/Xj5tpzWA0Et4eXRwtfr0fB9E
7vLoXec/jlJcVkXphYbQkPMgf5zglKQnF99TQkpgPBbk4LadK9oY6kqOjR/8x8D0
+OGT7JRRhyQrCJBT9xNZkce0QM16tiXhpn2kFwCV77zczjYHAUoRwLHkHfFZrphU
+mXknJ1V2yWQncmjSrAkZBIJCXtdlPC1KowYlSuVpILd3EWSVyFb0EoGywmcnPK8
s5mhT7QuID09V6OqHFqRhhfGIh86VQqdSuVaV8dM9ch1eaSeogFKVb60Bmo4Fwd+
Amqz41yvJ9WC9QqvWIbjaACtw1tOaZ7uBGbKFE6qkOPhCGmkR5Bd68jzAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFni2MuGm8LIpjYoapC4j2piseUSMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGTxDAT/h
QgdbhywBs2CGicJ+hSEmnDHtIkNguBSPUAliDDncsVjBc7ZklPPna+0uDaMRxegJ
gKBpE3o/+XrDjwLN4Yj30LLIlAQvlWRaZhLqaKxPsekU3Red2gvB+4iBfBSLCTFg
J0Qf7UM5TUN/+dIBgC9+hUwJSL2AMRaLmTo9YtMi/+jIVp6HEvoS2luyfaLLwEky
LeR0OeLReRoV5h238s4AZ7a6uACrAzhcPbd0ATm4Rt1ZUQ7kfUxfTHrX++PhSs25
eRFrhqnQBIkEuSLgMwd1k1Wtf1cj8DVp77nanim/GBUCWtbCDZilXqvMYf8SIkWF
oHCWuOPEG7boiQ==
-----END CERTIFICATE-----