Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          wXCTTc03vJy3YfoYWQf4tiaTbFe+e1OWrN/qa+4oRhQ=
Subject key identifier:   28:97:16:B1:88:E9:5F:34:23:9B:AF:2C:D5:06:99:C1:41:1F:20:31
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       019D25833D39E0DCA8CE9680A6C64DF808E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          0A9A
Signing time:             Wed 25 Mar 2026 15:00:50 +0000
Manifest this update:     Wed 25 Mar 2026 15:00:50 +0000
Manifest next update:     Thu 26 Mar 2026 15:00:50 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: agHvvt8rgRNMZv0yOGq2p4g5w9Vfdont9DDc1Y+Sw+0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:3d:39:e0:dc:a8:ce:96:80:a6:c6:4d:f8:08:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Mar 25 15:00:50 2026 GMT
            Not After : Mar 26 15:00:50 2026 GMT
        Subject: CN=289716b188e95f34239baf2cd50699c1411f2031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:d6:51:20:34:7a:d3:1f:5f:c4:86:c2:98:05:
                    ca:3d:5f:ce:82:30:21:18:d9:07:7a:3b:2d:98:7d:
                    66:2d:80:16:21:3a:b0:44:42:50:09:03:46:23:b5:
                    b3:12:11:14:cb:b5:af:3d:01:3b:1a:43:bb:bf:3f:
                    33:56:32:7c:9b:7e:2d:4c:0f:7b:c8:16:2c:d8:9d:
                    6f:e9:06:ad:da:58:5a:19:f8:da:36:ff:d6:e9:75:
                    82:00:0e:b1:5b:6a:18:b4:78:26:86:53:b9:30:09:
                    c0:13:4c:c2:d2:41:56:11:76:cf:04:0e:a6:f6:60:
                    1d:ee:70:0c:3b:74:5c:18:ab:7a:90:5d:70:6c:b9:
                    5a:df:fa:ee:a6:31:58:84:c7:e2:1a:d5:83:43:0c:
                    0f:9d:a7:95:01:33:df:ac:66:41:c1:81:ce:33:cd:
                    31:20:b8:6d:a2:5c:84:e1:27:d0:bf:ca:fe:6e:0f:
                    d0:56:c2:4c:f4:55:6b:34:4c:9d:8e:d6:63:bb:f1:
                    f8:ff:2b:c9:f6:ed:b0:6f:28:21:c1:e2:00:1b:ef:
                    1b:2b:ef:bd:b3:32:6a:35:50:35:4b:4e:61:43:7e:
                    41:2a:c5:5f:fc:3e:52:2d:f6:09:3c:cc:0a:48:ad:
                    e3:7c:ce:f5:97:fd:d1:ff:0b:c2:d7:b7:69:5f:f2:
                    f3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:97:16:B1:88:E9:5F:34:23:9B:AF:2C:D5:06:99:C1:41:1F:20:31
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:44:e6:17:55:7b:96:0a:64:f9:29:82:24:f0:e7:4c:8a:d3:
         85:2c:d6:9e:7e:ae:a4:62:41:51:d5:bd:a8:44:a3:8d:66:6f:
         8f:23:8a:b1:37:0b:32:36:9d:be:8b:ae:cc:d1:ca:2e:d6:cc:
         04:8b:00:7d:cf:8f:d1:d0:8e:3e:63:4a:7d:b6:cf:f5:99:32:
         e8:2d:1b:33:f9:d4:22:d2:b5:d4:41:f6:c3:dd:06:1e:b1:10:
         b7:eb:0f:3c:ba:8a:4c:7c:df:3e:9d:e0:61:34:76:f0:68:ff:
         be:00:68:82:a9:ed:8b:c0:39:86:30:00:c7:3c:fc:56:c6:2a:
         d5:1e:79:46:b7:45:60:d0:99:9e:a5:51:4e:6f:bc:43:e5:53:
         81:cb:b6:b1:57:80:00:0d:46:4f:66:d2:cb:2a:a2:6f:be:69:
         e5:ec:e0:f7:76:56:a6:90:de:00:34:1d:aa:09:82:b4:70:e0:
         f6:7a:55:fd:cf:68:01:c4:0a:7e:4e:f7:c4:00:ef:fb:67:a4:
         f4:b8:ca:e8:8d:a0:52:57:3e:5f:da:09:73:9d:76:f2:eb:22:
         88:b5:ac:c0:a3:6b:a3:a2:85:0a:28:01:01:2f:da:d9:ae:8b:
         82:1a:9b:0b:3a:ce:f0:f0:c2:b1:6c:68:b2:55:85:e4:38:51:
         9b:39:f2:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lgz054NyozpaApsZN+AjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjYwMzI1MTUwMDUwWhcNMjYwMzI2MTUwMDUwWjAzMTEwLwYDVQQD
EygyODk3MTZiMTg4ZTk1ZjM0MjM5YmFmMmNkNTA2OTljMTQxMWYyMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NZRIDR60x9fxIbCmAXKPV/OgjAh
GNkHejstmH1mLYAWITqwREJQCQNGI7WzEhEUy7WvPQE7GkO7vz8zVjJ8m34tTA97
yBYs2J1v6Qat2lhaGfjaNv/W6XWCAA6xW2oYtHgmhlO5MAnAE0zC0kFWEXbPBA6m
9mAd7nAMO3RcGKt6kF1wbLla3/rupjFYhMfiGtWDQwwPnaeVATPfrGZBwYHOM80x
ILhtolyE4SfQv8r+bg/QVsJM9FVrNEydjtZju/H4/yvJ9u2wbyghweIAG+8bK++9
szJqNVA1S05hQ35BKsVf/D5SLfYJPMwKSK3jfM71l/3R/wvC17dpX/LzAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiXFrGI6V80I5uvLNUGmcFBHyAxMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0TmF1V7
lgpk+SmCJPDnTIrThSzWnn6upGJBUdW9qESjjWZvjyOKsTcLMjadvouuzNHKLtbM
BIsAfc+P0dCOPmNKfbbP9Zky6C0bM/nUItK11EH2w90GHrEQt+sPPLqKTHzfPp3g
YTR28Gj/vgBogqnti8A5hjAAxzz8VsYq1R55RrdFYNCZnqVRTm+8Q+VTgcu2sVeA
AA1GT2bSyyqib75p5ezg93ZWppDeADQdqgmCtHDg9npV/c9oAcQKfk73xADv+2ek
9LjK6I2gUlc+X9oJc5128usiiLWswKNro6KFCigBAS/a2a6LghqbCzrO8PDCsWxo
slWF5DhRmznyow==
-----END CERTIFICATE-----