Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
File:                     NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft (raw, json)
Hash identifier:          2/9/iulSWE+NRqsV4mVVubMVYCn6zEmZiNz0zBDfpHg=
Subject key identifier:   5E:2C:B9:EA:99:74:98:25:46:33:02:74:3E:E2:21:CD:3F:DB:AF:FB
Authority key identifier: 35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05
Certificate issuer:       /CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
Certificate serial:       019D37C06CD8900D0D8A3B5DFBB209A7A1E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
Manifest number:          0C3B
Signing time:             Sun 29 Mar 2026 04:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:50 +0000
Files and hashes:         1: NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl (hash: ChYyjU8siSyM4HnbfA6j7VtAywdvt4xL1tWRz53/njU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:6c:d8:90:0d:0d:8a:3b:5d:fb:b2:09:a7:a1:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
        Validity
            Not Before: Mar 29 04:00:50 2026 GMT
            Not After : Mar 30 04:00:50 2026 GMT
        Subject: CN=5e2cb9ea99749825463302743ee221cd3fdbaffb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9f:1d:3c:45:73:84:e9:d3:1b:97:cc:7d:f4:
                    ec:d3:40:ac:3f:93:ae:d1:01:4a:f8:eb:df:a7:d4:
                    07:e7:6f:6f:19:59:13:1c:da:47:c3:e0:0d:b9:86:
                    8d:55:8b:a4:7c:a3:63:6e:38:2c:8f:98:04:35:62:
                    8b:df:d1:ce:6e:29:4f:71:b1:7c:a1:c2:0a:e7:cd:
                    0a:db:fa:c1:23:ee:df:7e:f9:56:70:0f:a1:17:a2:
                    2d:a8:d4:88:70:7d:74:e6:78:3e:68:16:f7:04:82:
                    37:49:02:0c:7b:3e:e9:52:67:09:c3:c6:db:bc:11:
                    3e:d8:46:a5:74:23:ec:1f:3c:6c:dc:b3:d6:95:08:
                    8e:86:7f:e2:52:a9:8f:f9:2d:e8:1d:3e:ad:86:00:
                    00:56:d0:6d:b2:57:14:97:09:ba:fd:e6:9b:be:91:
                    cf:a4:3b:de:b0:5b:28:a1:82:08:6d:49:a4:5b:31:
                    1d:39:31:9e:dc:82:f5:a8:0d:ea:f7:12:92:4d:1f:
                    de:e8:57:25:d5:21:ce:d6:6c:2b:c9:11:c8:25:d1:
                    56:07:94:c5:f6:36:77:9e:88:13:23:f3:37:3c:17:
                    5b:80:8d:dc:47:0b:79:24:2c:32:72:4b:4a:f7:64:
                    ea:2d:78:1a:ed:7b:4b:9a:f1:26:c3:6f:e0:df:28:
                    33:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:2C:B9:EA:99:74:98:25:46:33:02:74:3E:E2:21:CD:3F:DB:AF:FB
            X509v3 Authority Key Identifier:
                keyid:35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:00:54:2c:a0:d8:8a:f6:27:8d:60:a8:80:90:43:31:cb:1c:
         b7:67:47:84:44:d7:3e:a1:11:fd:01:e4:e3:31:5d:ee:57:ba:
         5c:a8:ca:f9:94:98:b4:2c:f2:e1:3b:a8:6d:7d:86:c1:aa:37:
         76:65:37:01:33:5a:55:0a:6d:f8:0c:4b:8d:5a:86:41:70:01:
         a9:bf:9f:dc:89:26:13:2c:1e:79:72:36:87:43:2e:55:35:a0:
         1c:20:a6:73:4e:1d:e4:30:4c:1f:f6:5d:e4:fe:18:64:35:07:
         0e:5d:49:d2:d2:52:70:04:20:a5:cb:7d:5c:ce:bf:03:65:c6:
         a9:d2:4f:40:f7:f0:42:0a:df:c9:ec:81:8a:30:de:ef:cd:07:
         60:b4:63:ae:40:a6:e0:d8:e0:93:d0:57:6f:35:45:a4:f8:ce:
         f6:2a:89:36:e8:5e:98:03:03:fd:b9:fc:24:af:23:26:7a:34:
         5c:aa:15:93:60:77:2b:d1:86:12:b6:bd:fb:7f:de:2f:9c:4d:
         5d:53:85:52:8c:96:07:81:4e:1a:ee:4a:e7:be:b3:dd:bd:4a:
         ed:c3:ab:ee:4c:d6:d7:db:78:d4:0f:85:28:63:85:94:10:9d:
         a2:a5:c8:c3:45:99:24:7b:57:17:fa:c4:ec:7a:4d:77:2e:ef:
         9d:c6:f8:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wGzYkA0Nijtd+7IJp6HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YTU1NWUxNDZiZTRhZTVmN2NjZmU1YTNjMTJkM2YyYTI1
NDNiMDUwHhcNMjYwMzI5MDQwMDUwWhcNMjYwMzMwMDQwMDUwWjAzMTEwLwYDVQQD
Eyg1ZTJjYjllYTk5NzQ5ODI1NDYzMzAyNzQzZWUyMjFjZDNmZGJhZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ8dPEVzhOnTG5fMffTs00CsP5Ou
0QFK+Ovfp9QH529vGVkTHNpHw+ANuYaNVYukfKNjbjgsj5gENWKL39HObilPcbF8
ocIK580K2/rBI+7ffvlWcA+hF6ItqNSIcH105ng+aBb3BII3SQIMez7pUmcJw8bb
vBE+2EaldCPsHzxs3LPWlQiOhn/iUqmP+S3oHT6thgAAVtBtslcUlwm6/eabvpHP
pDvesFsooYIIbUmkWzEdOTGe3IL1qA3q9xKSTR/e6Fcl1SHO1mwryRHIJdFWB5TF
9jZ3nogTI/M3PBdbgI3cRwt5JCwycktK92TqLXga7XtLmvEmw2/g3ygzAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4sueqZdJglRjMCdD7iIc0/26/7MB8GA1UdIwQY
MBaAFDWlVeFGvkrl98z+WjwS0/KiVDsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgt
MDUxY2QzMGNiY2YxLzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgtMDUxY2QzMGNiY2Yx
LzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcABULKDY
ivYnjWCogJBDMcsct2dHhETXPqER/QHk4zFd7le6XKjK+ZSYtCzy4TuobX2Gwao3
dmU3ATNaVQpt+AxLjVqGQXABqb+f3IkmEyweeXI2h0MuVTWgHCCmc04d5DBMH/Zd
5P4YZDUHDl1J0tJScAQgpct9XM6/A2XGqdJPQPfwQgrfyeyBijDe780HYLRjrkCm
4Njgk9BXbzVFpPjO9iqJNuhemAMD/bn8JK8jJno0XKoVk2B3K9GGEra9+3/eL5xN
XVOFUoyWB4FOGu5K576z3b1K7cOr7kzW19t41A+FKGOFlBCdoqXIw0WZJHtXF/rE
7HpNdy7vncb4Vw==
-----END CERTIFICATE-----