Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
File:                     Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft (raw, json)
Hash identifier:          oqOyU+r1/jE8SH8ll32/ad8WOxa5NlcEpgi4AK1db2w=
Subject key identifier:   42:B1:5D:0B:5D:05:08:F9:C9:59:FB:A0:23:DD:C6:44:E3:D6:4F:E1
Authority key identifier: 35:FC:74:B5:79:8C:70:5B:30:BD:0E:AF:A9:8F:FD:3D:5B:D4:22:B0
Certificate issuer:       /CN=35fc74b5798c705b30bd0eafa98ffd3d5bd422b0
Certificate serial:       019D38D2FA6DAB7209CCCB62A2F3A5CB9A9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
Manifest number:          065A
Signing time:             Sun 29 Mar 2026 09:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:43 +0000
Files and hashes:         1: Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl (hash: EQEobKMb1XCgLFWE+Dx5bIQOjZF1oF7P/eMyghIPi0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:fa:6d:ab:72:09:cc:cb:62:a2:f3:a5:cb:9a:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35fc74b5798c705b30bd0eafa98ffd3d5bd422b0
        Validity
            Not Before: Mar 29 09:00:43 2026 GMT
            Not After : Mar 30 09:00:43 2026 GMT
        Subject: CN=42b15d0b5d0508f9c959fba023ddc644e3d64fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5c:36:cd:dc:fb:4b:dd:d2:7c:af:5d:e0:6a:
                    d6:5a:d7:38:3a:b2:44:a6:cd:7f:c3:df:c6:02:26:
                    17:75:9a:d3:87:a3:e2:ba:80:4f:0c:ae:2b:59:dd:
                    ff:3c:80:d8:1f:07:e1:24:82:7b:c8:f5:98:8a:78:
                    b7:32:6e:10:35:9c:94:fc:4c:fc:8e:9d:91:d5:86:
                    ff:43:cc:8d:4a:64:02:6a:9a:01:11:50:6d:af:56:
                    55:e8:44:dc:b6:b7:81:eb:38:e7:62:0a:65:4c:6b:
                    85:e5:ff:1f:46:20:53:38:5d:7a:f5:fd:3f:fa:c9:
                    ac:9a:e7:2e:26:95:21:53:41:86:1f:8e:eb:8f:3e:
                    45:c3:4e:18:ae:b9:45:62:15:70:1c:a3:60:49:e7:
                    99:eb:a4:85:33:59:9e:e2:36:4c:0f:88:9c:c9:39:
                    56:0c:af:f5:05:90:66:64:31:9d:76:05:d1:09:4a:
                    f2:8c:fc:9a:dd:88:92:b6:e8:a2:e6:e8:5d:69:be:
                    bd:25:dd:1d:3a:31:3a:70:64:cc:c2:36:a8:80:38:
                    1c:7a:fb:42:25:b9:27:ab:41:ad:e5:3d:a5:5c:95:
                    5b:01:82:aa:ab:89:7f:52:60:08:92:4e:c0:f4:ff:
                    fc:78:0b:36:0b:c3:81:ca:a3:70:e1:12:a8:27:fb:
                    6b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B1:5D:0B:5D:05:08:F9:C9:59:FB:A0:23:DD:C6:44:E3:D6:4F:E1
            X509v3 Authority Key Identifier:
                keyid:35:FC:74:B5:79:8C:70:5B:30:BD:0E:AF:A9:8F:FD:3D:5B:D4:22:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:ed:b3:97:63:65:0e:2f:6f:16:c9:0c:e1:4f:a1:69:e5:56:
         4f:60:16:7b:08:08:fe:41:59:b2:c1:7a:a0:ec:0d:1b:62:1f:
         45:92:ed:4a:d4:43:ac:60:61:42:69:a9:f9:60:17:d0:94:2d:
         66:99:2f:a5:45:a8:53:2d:31:2e:09:ae:59:ff:f6:48:9e:b1:
         9c:1b:14:7d:7d:ce:12:59:8b:3b:10:c2:10:75:90:a8:46:c9:
         b3:37:f8:4c:ee:96:11:f0:c1:41:be:e5:93:99:b5:d5:30:7b:
         fc:41:aa:f8:2b:2e:95:85:fe:e3:ba:59:fd:44:e9:c4:11:10:
         64:db:74:86:7e:3f:d5:ab:56:5c:25:cf:8a:d3:0c:91:b2:3f:
         3c:94:2b:92:c6:bd:5e:3b:b3:b8:96:43:b9:78:34:43:37:e8:
         18:2e:ec:b2:0a:35:06:25:34:87:fa:35:10:7d:e7:22:1f:c7:
         ee:7e:e4:16:c6:98:86:c1:96:e3:cf:c3:93:6e:30:89:38:27:
         6f:51:ad:61:e5:e9:bb:b7:66:6d:cf:6c:11:97:c1:5d:bb:55:
         91:58:d6:af:8f:ae:34:3e:2c:bd:79:47:f5:01:b4:e5:c9:b1:
         57:2b:e1:7a:cd:11:5a:d9:c5:2a:da:c5:71:44:62:03:23:1b:
         2d:37:e7:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vptq3IJzMtiovOly5qcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZmM3NGI1Nzk4YzcwNWIzMGJkMGVhZmE5OGZmZDNkNWJk
NDIyYjAwHhcNMjYwMzI5MDkwMDQzWhcNMjYwMzMwMDkwMDQzWjAzMTEwLwYDVQQD
Eyg0MmIxNWQwYjVkMDUwOGY5Yzk1OWZiYTAyM2RkYzY0NGUzZDY0ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1w2zdz7S93SfK9d4GrWWtc4OrJE
ps1/w9/GAiYXdZrTh6PiuoBPDK4rWd3/PIDYHwfhJIJ7yPWYini3Mm4QNZyU/Ez8
jp2R1Yb/Q8yNSmQCapoBEVBtr1ZV6ETctreB6zjnYgplTGuF5f8fRiBTOF169f0/
+smsmucuJpUhU0GGH47rjz5Fw04YrrlFYhVwHKNgSeeZ66SFM1me4jZMD4icyTlW
DK/1BZBmZDGddgXRCUryjPya3YiStuii5uhdab69Jd0dOjE6cGTMwjaogDgcevtC
Jbknq0Gt5T2lXJVbAYKqq4l/UmAIkk7A9P/8eAs2C8OByqNw4RKoJ/trrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKxXQtdBQj5yVn7oCPdxkTj1k/hMB8GA1UdIwQY
MBaAFDX8dLV5jHBbML0Or6mP/T1b1CKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xMTVjZDAtMDhkZC00N2FjLTk4NDgt
Y2RkY2QxODM1NTE2LzEvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xMTVjZDAtMDhkZC00N2FjLTk4NDgtY2RkY2QxODM1NTE2
LzEvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAle2zl2Nl
Di9vFskM4U+haeVWT2AWewgI/kFZssF6oOwNG2IfRZLtStRDrGBhQmmp+WAX0JQt
ZpkvpUWoUy0xLgmuWf/2SJ6xnBsUfX3OElmLOxDCEHWQqEbJszf4TO6WEfDBQb7l
k5m11TB7/EGq+CsulYX+47pZ/UTpxBEQZNt0hn4/1atWXCXPitMMkbI/PJQrksa9
XjuzuJZDuXg0QzfoGC7ssgo1BiU0h/o1EH3nIh/H7n7kFsaYhsGW48/Dk24wiTgn
b1GtYeXpu7dmbc9sEZfBXbtVkVjWr4+uND4svXlH9QG05cmxVyvhes0RWtnFKtrF
cURiAyMbLTfnpw==
-----END CERTIFICATE-----