Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          LMbKGNE0qSp28cl8h+XRwuqd/3eu5iPgT4uX4iKOd4I=
Subject key identifier:   FD:40:83:83:44:97:4D:BC:D8:05:67:0E:44:5B:C9:1E:12:0F:92:AF
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       019D284D7F89160CB5702619DBC49CBC0D1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          097B
Signing time:             Thu 26 Mar 2026 04:01:00 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:00 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:00 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: 3ISGEOdZT3mXnRmo6hrlVAKN60Mxvr5Y+mO0ag47QpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:7f:89:16:0c:b5:70:26:19:db:c4:9c:bc:0d:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Mar 26 04:01:00 2026 GMT
            Not After : Mar 27 04:01:00 2026 GMT
        Subject: CN=fd40838344974dbcd805670e445bc91e120f92af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:00:09:fc:50:4d:2e:86:61:90:21:ae:f5:b2:
                    fd:ad:d8:66:31:94:a8:dc:e8:62:c7:4b:d9:e3:ad:
                    92:bc:6a:94:d2:4a:2b:3f:66:c5:64:dd:6f:e0:1a:
                    41:82:f5:03:e9:c9:94:53:ca:38:c1:ca:23:5d:3c:
                    ca:35:5e:24:43:4e:58:be:3a:4e:21:ff:e9:1c:4e:
                    5a:e0:89:d6:bc:58:b2:03:bb:5d:83:aa:6a:ae:fe:
                    cb:31:f8:b6:c1:77:a8:0e:0c:31:c5:19:c5:60:cb:
                    b0:3f:23:4a:11:a6:42:c1:f9:44:3c:6a:20:12:87:
                    4d:a6:3c:ff:82:82:fb:15:3f:7b:9b:cf:d7:09:4e:
                    8e:46:5d:37:7d:0b:85:77:45:4f:88:b5:3c:37:89:
                    7b:7b:ad:03:82:4c:7d:5c:40:f7:34:a0:43:a6:54:
                    db:ba:f9:85:37:3f:35:4e:39:eb:ed:6f:6f:a5:95:
                    3b:21:d5:e8:e4:29:75:5a:d5:2d:75:ce:7e:a0:80:
                    dd:59:02:ae:ec:46:b4:e0:89:6b:7e:ec:6d:db:9d:
                    1f:6b:00:be:32:04:7a:f6:b9:30:9e:d5:2c:bb:3d:
                    2f:7a:f7:cc:12:90:7c:13:ac:20:78:3c:4c:3e:00:
                    67:7b:1d:c5:83:85:41:93:3c:d3:03:02:7d:25:4b:
                    a8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:40:83:83:44:97:4D:BC:D8:05:67:0E:44:5B:C9:1E:12:0F:92:AF
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:a0:31:33:1c:3d:8c:bb:51:6e:49:72:17:61:c7:0d:5a:ac:
         81:d8:31:73:10:a9:ad:c3:06:58:a0:2e:63:bb:60:31:a4:5f:
         63:e1:0b:d5:67:8b:dc:01:55:41:91:1c:6a:58:1b:96:4f:86:
         2f:ee:34:c5:61:46:99:48:ed:1f:fd:66:0a:16:9d:fa:ba:86:
         d9:98:3a:01:b5:b9:13:d5:b7:66:7b:92:09:10:ed:cc:6e:05:
         18:4d:67:37:5b:a6:e8:24:73:f7:9d:da:7b:d6:69:2e:f7:c3:
         b2:a2:26:e8:2d:b7:86:3c:a5:ef:d5:66:19:3c:9c:2b:00:d3:
         82:bf:fc:59:4e:a8:87:74:b2:4a:5a:9e:db:74:16:74:46:fd:
         f6:da:49:1d:3b:7c:17:7b:6c:f1:21:4e:2b:95:bb:01:21:3a:
         65:c6:6b:01:bf:2f:ad:34:fb:4a:fb:49:12:80:73:23:98:1e:
         8b:74:55:35:e9:6c:6b:40:14:59:bc:bc:36:6f:1a:34:57:1c:
         61:7f:c3:dc:53:e6:8d:d0:19:51:2a:1f:f4:ef:5b:ae:59:f3:
         07:74:c8:f7:e4:a1:59:ca:f1:7f:72:7a:17:d4:90:64:97:b3:
         9b:4e:cf:0b:c5:76:04:24:6a:06:69:69:28:83:7d:6c:5f:8d:
         48:39:e6:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTX+JFgy1cCYZ28ScvA0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjYwMzI2MDQwMTAwWhcNMjYwMzI3MDQwMTAwWjAzMTEwLwYDVQQD
EyhmZDQwODM4MzQ0OTc0ZGJjZDgwNTY3MGU0NDViYzkxZTEyMGY5MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAAJ/FBNLoZhkCGu9bL9rdhmMZSo
3Ohix0vZ462SvGqU0korP2bFZN1v4BpBgvUD6cmUU8o4wcojXTzKNV4kQ05YvjpO
If/pHE5a4InWvFiyA7tdg6pqrv7LMfi2wXeoDgwxxRnFYMuwPyNKEaZCwflEPGog
EodNpjz/goL7FT97m8/XCU6ORl03fQuFd0VPiLU8N4l7e60Dgkx9XED3NKBDplTb
uvmFNz81Tjnr7W9vpZU7IdXo5Cl1WtUtdc5+oIDdWQKu7Ea04Ilrfuxt250fawC+
MgR69rkwntUsuz0vevfMEpB8E6wgeDxMPgBnex3Fg4VBkzzTAwJ9JUuo+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1Ag4NEl0282AVnDkRbyR4SD5KvMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFqAxMxw9
jLtRbklyF2HHDVqsgdgxcxCprcMGWKAuY7tgMaRfY+EL1WeL3AFVQZEcalgblk+G
L+40xWFGmUjtH/1mChad+rqG2Zg6AbW5E9W3ZnuSCRDtzG4FGE1nN1um6CRz953a
e9ZpLvfDsqIm6C23hjyl79VmGTycKwDTgr/8WU6oh3SySlqe23QWdEb99tpJHTt8
F3ts8SFOK5W7ASE6ZcZrAb8vrTT7SvtJEoBzI5gei3RVNelsa0AUWby8Nm8aNFcc
YX/D3FPmjdAZUSof9O9brlnzB3TI9+ShWcrxf3J6F9SQZJezm07PC8V2BCRqBmlp
KIN9bF+NSDnm2A==
-----END CERTIFICATE-----