Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          ohW/MqQfvEuT3sNrqFcZgbZMgacuZMvLoM7N6KUYeQE=
Subject key identifier:   29:75:C6:04:A2:38:06:1B:30:06:0B:CF:D0:8B:9C:80:B1:A0:86:54
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       019D38D3A4D5E2054746DAD8BBA75FEC24B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          173B
Signing time:             Sun 29 Mar 2026 09:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:27 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: H6B3x7YAJK7y8Sfh9xa0bkJJS69/UUbhrxfqAP8r7Tw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a4:d5:e2:05:47:46:da:d8:bb:a7:5f:ec:24:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Mar 29 09:01:27 2026 GMT
            Not After : Mar 30 09:01:27 2026 GMT
        Subject: CN=2975c604a238061b30060bcfd08b9c80b1a08654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6f:25:5d:e7:2b:1a:97:83:7b:c5:a9:20:34:
                    de:df:16:71:55:8c:a4:37:39:46:bc:15:76:44:39:
                    68:55:58:05:b4:ed:e1:bb:48:39:48:01:c6:05:df:
                    af:61:d3:38:10:b1:73:43:ec:61:92:fc:81:15:45:
                    3b:8a:ef:c7:03:82:fc:e7:a6:43:af:99:ba:54:b6:
                    1e:cf:7d:78:fb:8f:48:98:98:01:1f:69:71:34:2a:
                    03:18:fe:4a:db:2a:f7:fc:bd:21:d9:8b:f8:e0:85:
                    83:1d:b7:de:24:83:7a:26:fd:69:22:e5:35:d9:a3:
                    71:57:b8:d0:68:0c:43:06:fd:8a:5c:7d:fa:38:83:
                    5c:aa:62:59:14:f4:cd:51:26:7c:b0:d7:9f:b3:de:
                    b5:6f:0f:55:47:a2:92:f3:58:3c:46:44:ed:1e:c8:
                    39:42:43:b3:e4:ab:db:94:52:0b:9a:8c:08:8b:7d:
                    4d:d7:e0:d8:0e:e1:02:4e:95:04:f8:85:73:a8:b8:
                    10:d0:f1:48:3b:53:87:f9:66:0b:51:4d:5c:2e:91:
                    05:9b:a6:c8:d5:3c:65:f9:0d:24:a1:2b:9e:b4:29:
                    8a:76:2c:1c:d1:e5:ce:cd:30:9f:28:55:3a:d6:0e:
                    5b:56:14:7f:84:7b:e9:42:e3:c1:63:33:ec:ce:21:
                    38:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:75:C6:04:A2:38:06:1B:30:06:0B:CF:D0:8B:9C:80:B1:A0:86:54
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:d8:46:40:d5:01:74:13:78:5e:7b:6f:a5:48:76:30:c4:3e:
         9c:32:8a:10:e8:26:cb:36:56:f2:e8:b2:40:8c:0e:05:89:3d:
         e2:f1:7e:24:93:e6:cc:b8:56:3d:68:51:d6:56:fa:41:3a:a8:
         fe:8b:15:ba:b6:de:ae:4d:67:66:c9:09:0b:71:27:12:8d:e7:
         17:39:35:02:e4:89:82:d4:1e:6d:45:45:f7:98:29:c3:4e:14:
         52:bb:7e:cc:93:8f:40:a1:5e:e0:81:cf:36:c8:1e:91:1e:05:
         b3:f9:4e:91:b7:f3:60:87:03:5c:4d:04:eb:0e:19:9b:6d:a0:
         35:8b:b2:97:1c:8e:6a:21:e1:2c:a5:17:77:93:bb:f0:69:e5:
         42:40:78:87:5f:10:1d:f6:ff:1a:26:ad:39:80:db:80:41:65:
         6d:f5:ed:bf:40:f9:b5:cc:6d:ad:d7:69:c9:06:6e:47:9a:23:
         da:ed:d9:1d:49:52:a8:7a:38:4b:08:4d:12:14:fb:b7:e5:81:
         b7:b7:38:2d:47:8a:14:ac:99:b3:2f:86:ed:b2:2c:dc:ad:3a:
         95:79:54:d7:cd:f4:c8:1e:aa:c3:d0:4e:2b:f2:dc:e9:84:eb:
         73:2a:3d:d9:20:25:1d:a9:31:e7:18:98:57:b9:8d:1a:92:2a:
         71:53:3f:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406TV4gVHRtrYu6df7CS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjYwMzI5MDkwMTI3WhcNMjYwMzMwMDkwMTI3WjAzMTEwLwYDVQQD
EygyOTc1YzYwNGEyMzgwNjFiMzAwNjBiY2ZkMDhiOWM4MGIxYTA4NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG8lXecrGpeDe8WpIDTe3xZxVYyk
NzlGvBV2RDloVVgFtO3hu0g5SAHGBd+vYdM4ELFzQ+xhkvyBFUU7iu/HA4L856ZD
r5m6VLYez314+49ImJgBH2lxNCoDGP5K2yr3/L0h2Yv44IWDHbfeJIN6Jv1pIuU1
2aNxV7jQaAxDBv2KXH36OINcqmJZFPTNUSZ8sNefs961bw9VR6KS81g8RkTtHsg5
QkOz5KvblFILmowIi31N1+DYDuECTpUE+IVzqLgQ0PFIO1OH+WYLUU1cLpEFm6bI
1Txl+Q0koSuetCmKdiwc0eXOzTCfKFU61g5bVhR/hHvpQuPBYzPsziE4uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCl1xgSiOAYbMAYLz9CLnICxoIZUMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNhGQNUB
dBN4XntvpUh2MMQ+nDKKEOgmyzZW8uiyQIwOBYk94vF+JJPmzLhWPWhR1lb6QTqo
/osVurberk1nZskJC3EnEo3nFzk1AuSJgtQebUVF95gpw04UUrt+zJOPQKFe4IHP
NsgekR4Fs/lOkbfzYIcDXE0E6w4Zm22gNYuylxyOaiHhLKUXd5O78GnlQkB4h18Q
Hfb/GiatOYDbgEFlbfXtv0D5tcxtrddpyQZuR5oj2u3ZHUlSqHo4SwhNEhT7t+WB
t7c4LUeKFKyZsy+G7bIs3K06lXlU1830yB6qw9BOK/Lc6YTrcyo92SAlHakx5xiY
V7mNGpIqcVM/hg==
-----END CERTIFICATE-----