Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          Gbcq9PwW2yuGX7Nnyw4IcMqC62OSsteuL6HX3dBsDY4=
Subject key identifier:   15:8F:72:7A:FE:31:AA:CE:BD:15:D7:AA:F8:C5:7C:EF:33:B9:B5:C4
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       019D38D30FD38990D66E12D12F3518FC0096
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 09:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:49 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: SJi/CIqkLVBmAwWApp+B6/ONcFPPxGG4fE6AAcBbj98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:0f:d3:89:90:d6:6e:12:d1:2f:35:18:fc:00:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Mar 29 09:00:49 2026 GMT
            Not After : Mar 30 09:00:49 2026 GMT
        Subject: CN=158f727afe31aacebd15d7aaf8c57cef33b9b5c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b1:21:9c:e5:05:c6:0f:ac:d9:4a:6f:2d:42:
                    64:26:a5:6f:53:e7:e0:93:aa:8d:98:84:cc:e3:01:
                    66:c4:66:47:aa:14:fe:c4:a6:af:f8:e4:0c:1c:a6:
                    81:ee:79:75:6c:17:58:aa:c4:7a:9e:42:0f:d3:d1:
                    07:10:28:91:7f:95:7a:1b:0b:68:db:69:28:3e:7e:
                    82:5b:5e:7a:06:4a:df:b9:ab:bc:8b:7e:50:c8:27:
                    a1:7d:a1:96:ce:bb:f7:13:b6:6e:1a:e8:12:f2:df:
                    aa:29:d4:1d:68:0c:8a:82:13:8c:08:d2:25:81:96:
                    17:dd:da:04:63:25:b4:96:84:0f:66:36:a3:6a:9c:
                    39:bc:e1:8c:83:14:a4:25:1a:cd:f4:46:dd:95:8f:
                    0b:64:ca:16:25:87:05:db:7a:8f:f6:99:48:42:40:
                    43:9d:00:57:68:87:a0:88:50:c4:d8:67:ea:c9:6f:
                    e4:dc:ec:83:a5:fa:34:1e:97:d7:4f:f7:b4:a4:5e:
                    1a:1a:79:3a:bb:9e:74:09:2c:0b:c4:37:65:36:ef:
                    03:e2:2a:7c:0e:29:d4:2a:07:d9:50:75:d5:44:7d:
                    9a:18:c6:89:89:2f:6a:43:c6:3a:04:3d:fa:a3:33:
                    2a:a9:aa:df:d2:34:d5:cb:c7:d2:c5:64:55:ea:65:
                    ab:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:8F:72:7A:FE:31:AA:CE:BD:15:D7:AA:F8:C5:7C:EF:33:B9:B5:C4
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:01:9a:cb:8f:fa:ce:66:1c:ed:4e:ba:bd:2c:a1:81:62:fd:
         75:b9:1f:b2:98:09:66:f0:d8:35:eb:7a:01:ef:d0:a5:bc:13:
         a7:fe:2a:8e:1a:a2:9f:f0:c8:51:e3:e0:4b:5e:82:3a:6a:8a:
         31:34:e4:18:91:9e:14:a1:b5:99:c9:7f:84:5a:f7:56:e8:cf:
         92:44:2d:f3:a5:55:d9:e9:ce:ae:f3:3a:dc:b6:51:10:6b:c4:
         e6:73:ea:89:2d:95:c1:d2:a6:6d:41:c0:0b:3d:bd:db:5e:94:
         84:5d:b4:90:36:3f:8f:d5:16:ce:2d:33:58:2a:0e:f8:b7:6d:
         f2:82:5a:a8:4b:90:ff:57:54:0c:2f:25:a1:8e:57:41:74:9c:
         6f:a6:34:c6:ec:e9:21:f4:85:5f:3f:62:62:28:ff:6d:ac:af:
         4a:c8:d5:79:f5:0d:8b:6d:b6:86:1b:ef:07:c9:12:b9:d6:c1:
         cd:8d:a3:0d:7c:9f:aa:ac:78:1d:4a:90:04:e4:56:ea:31:2d:
         c7:8d:ff:a1:05:77:62:73:35:27:bf:d0:05:cb:71:83:67:5f:
         e2:14:c8:5e:aa:50:34:4f:9e:5e:f2:15:0b:94:8c:8f:fb:7a:
         0d:5f:5b:1f:d9:68:7e:b5:71:10:68:4d:81:4b:3f:00:22:ba:
         10:6e:c8:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040w/TiZDWbhLRLzUY/ACWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjYwMzI5MDkwMDQ5WhcNMjYwMzMwMDkwMDQ5WjAzMTEwLwYDVQQD
EygxNThmNzI3YWZlMzFhYWNlYmQxNWQ3YWFmOGM1N2NlZjMzYjliNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbEhnOUFxg+s2UpvLUJkJqVvU+fg
k6qNmITM4wFmxGZHqhT+xKav+OQMHKaB7nl1bBdYqsR6nkIP09EHECiRf5V6Gwto
22koPn6CW156Bkrfuau8i35QyCehfaGWzrv3E7ZuGugS8t+qKdQdaAyKghOMCNIl
gZYX3doEYyW0loQPZjajapw5vOGMgxSkJRrN9EbdlY8LZMoWJYcF23qP9plIQkBD
nQBXaIegiFDE2GfqyW/k3OyDpfo0HpfXT/e0pF4aGnk6u550CSwLxDdlNu8D4ip8
DinUKgfZUHXVRH2aGMaJiS9qQ8Y6BD36ozMqqarf0jTVy8fSxWRV6mWrRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWPcnr+MarOvRXXqvjFfO8zubXEMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAGay4/6
zmYc7U66vSyhgWL9dbkfspgJZvDYNet6Ae/QpbwTp/4qjhqin/DIUePgS16COmqK
MTTkGJGeFKG1mcl/hFr3VujPkkQt86VV2enOrvM63LZREGvE5nPqiS2VwdKmbUHA
Cz29216UhF20kDY/j9UWzi0zWCoO+Ldt8oJaqEuQ/1dUDC8loY5XQXScb6Y0xuzp
IfSFXz9iYij/bayvSsjVefUNi222hhvvB8kSudbBzY2jDXyfqqx4HUqQBORW6jEt
x43/oQV3YnM1J7/QBctxg2df4hTIXqpQNE+eXvIVC5SMj/t6DV9bH9lofrVxEGhN
gUs/ACK6EG7I0w==
-----END CERTIFICATE-----