Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
File:                     TkMMADsADTVe0WnlXYzPOTg34go.mft (raw, json)
Hash identifier:          NtMBWQNVPXSqjS+DuUdk60hHqAWDsbSBrem8yQ7cHTA=
Subject key identifier:   23:CB:F7:BB:50:6C:9A:7D:01:B2:0D:A8:6E:E3:9B:BA:CE:42:73:AE
Authority key identifier: 4E:43:0C:00:3B:00:0D:35:5E:D1:69:E5:5D:8C:CF:39:38:37:E2:0A
Certificate issuer:       /CN=4e430c003b000d355ed169e55d8ccf393837e20a
Certificate serial:       019D2772465850125CF26BDADFCD533D445E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
Manifest number:          100A
Signing time:             Thu 26 Mar 2026 00:01:33 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:33 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:33 +0000
Files and hashes:         1: TkMMADsADTVe0WnlXYzPOTg34go.crl (hash: ebIDzwM8IBxkrBsXIsyPDiM79fC5FPy2tEsxZNDAUZ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:46:58:50:12:5c:f2:6b:da:df:cd:53:3d:44:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e430c003b000d355ed169e55d8ccf393837e20a
        Validity
            Not Before: Mar 26 00:01:33 2026 GMT
            Not After : Mar 27 00:01:33 2026 GMT
        Subject: CN=23cbf7bb506c9a7d01b20da86ee39bbace4273ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:87:7a:0e:3e:93:87:7e:c1:ba:2f:cf:e7:95:
                    ea:15:5d:0b:49:d9:3b:f6:d1:42:c8:4a:56:1f:03:
                    60:4e:e7:c6:c7:a5:f8:08:85:c7:db:89:31:6e:25:
                    15:99:d5:59:73:04:c8:21:8f:7c:d3:1a:f9:9a:59:
                    b5:32:bf:2c:d3:62:71:69:f0:f3:82:d7:d3:07:e9:
                    7a:e2:06:01:28:1e:ca:55:c9:e6:6d:a4:b3:7d:87:
                    8b:f9:7b:82:08:49:02:fa:4e:42:16:81:cb:b9:4b:
                    96:64:b0:94:62:eb:4e:c5:aa:cf:4f:dc:5d:70:e6:
                    49:76:45:0c:a0:2e:dc:e8:ce:02:a2:af:15:b4:1c:
                    49:eb:6a:cc:cb:1b:42:bd:58:dd:4b:f2:0b:c9:ce:
                    aa:c4:ad:d2:37:43:32:e7:41:e7:e1:80:65:b5:25:
                    49:f9:da:60:d5:3d:7b:9d:7c:e9:cf:b9:37:f9:04:
                    f2:b4:c3:59:8a:49:ee:8f:50:c5:6c:81:71:d0:6c:
                    9e:5b:2e:9b:80:d9:ce:68:15:de:31:77:a2:52:55:
                    53:60:a4:0c:1c:6f:42:47:f9:8f:d3:10:8c:db:db:
                    0c:63:13:7a:1a:2a:7d:bd:0a:a1:4d:3e:17:28:46:
                    77:b2:b2:cc:ac:ff:9f:0d:ee:72:0e:9a:86:73:5a:
                    70:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:CB:F7:BB:50:6C:9A:7D:01:B2:0D:A8:6E:E3:9B:BA:CE:42:73:AE
            X509v3 Authority Key Identifier:
                keyid:4E:43:0C:00:3B:00:0D:35:5E:D1:69:E5:5D:8C:CF:39:38:37:E2:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkMMADsADTVe0WnlXYzPOTg34go.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/82225d-040a-4d9b-a33b-88d8234a6d3e/1/TkMMADsADTVe0WnlXYzPOTg34go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d5:81:d3:b5:29:30:1b:3e:d4:d8:6c:b6:d1:53:02:36:88:
         50:d1:b9:2a:a7:bb:dd:27:3e:e2:56:db:28:87:a7:ab:a1:06:
         c4:1b:3e:d3:f0:ed:f0:0d:76:d5:63:af:58:29:4a:71:79:77:
         56:0d:6a:17:fa:42:c3:e9:b4:c3:1d:6d:c4:cc:fc:34:6e:bf:
         0e:ad:18:e3:5b:55:c0:41:34:3f:da:f5:0a:46:e0:4e:e8:94:
         35:e8:28:0a:05:d1:9d:9a:cf:c3:cc:ea:0b:ad:59:48:5d:e4:
         94:9b:7a:b3:30:68:f8:37:f4:97:8c:e9:35:65:b8:84:8c:0c:
         7a:60:a1:a6:c2:f7:40:39:d1:7a:09:ce:c1:44:22:9a:32:22:
         ec:0b:83:91:f6:e1:22:06:f5:33:5f:5b:79:6a:8b:3d:6f:1d:
         6a:cd:cb:a1:f7:4b:63:2d:49:56:56:bd:a0:b2:88:29:f3:d4:
         8a:bf:41:b1:b5:21:7c:e9:44:81:0b:a0:01:02:13:f1:3a:0b:
         b6:57:cf:5c:87:19:e2:56:ae:88:77:33:65:c9:d8:ef:da:74:
         91:b8:39:3d:6c:50:9e:7c:a1:09:f3:89:63:8d:2b:64:fe:8b:
         4e:6a:ae:33:e5:1b:f5:e6:b3:15:0b:e2:56:68:32:56:2f:fb:
         90:01:72:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nckZYUBJc8mva381TPUReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDMwYzAwM2IwMDBkMzU1ZWQxNjllNTVkOGNjZjM5Mzgz
N2UyMGEwHhcNMjYwMzI2MDAwMTMzWhcNMjYwMzI3MDAwMTMzWjAzMTEwLwYDVQQD
EygyM2NiZjdiYjUwNmM5YTdkMDFiMjBkYTg2ZWUzOWJiYWNlNDI3M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4d6Dj6Th37Bui/P55XqFV0LSdk7
9tFCyEpWHwNgTufGx6X4CIXH24kxbiUVmdVZcwTIIY980xr5mlm1Mr8s02JxafDz
gtfTB+l64gYBKB7KVcnmbaSzfYeL+XuCCEkC+k5CFoHLuUuWZLCUYutOxarPT9xd
cOZJdkUMoC7c6M4Coq8VtBxJ62rMyxtCvVjdS/ILyc6qxK3SN0My50Hn4YBltSVJ
+dpg1T17nXzpz7k3+QTytMNZiknuj1DFbIFx0GyeWy6bgNnOaBXeMXeiUlVTYKQM
HG9CR/mP0xCM29sMYxN6Gip9vQqhTT4XKEZ3srLMrP+fDe5yDpqGc1pwvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPL97tQbJp9AbINqG7jm7rOQnOuMB8GA1UdIwQY
MBaAFE5DDAA7AA01XtFp5V2Mzzk4N+IKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84MjIyNWQtMDQwYS00ZDliLWEzM2It
ODhkODIzNGE2ZDNlLzEvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84MjIyNWQtMDQwYS00ZDliLWEzM2ItODhkODIzNGE2ZDNl
LzEvVGtNTUFEc0FEVFZlMFdubFhZelBPVGczNGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddWB07Up
MBs+1NhsttFTAjaIUNG5Kqe73Sc+4lbbKIenq6EGxBs+0/Dt8A121WOvWClKcXl3
Vg1qF/pCw+m0wx1txMz8NG6/Dq0Y41tVwEE0P9r1CkbgTuiUNegoCgXRnZrPw8zq
C61ZSF3klJt6szBo+Df0l4zpNWW4hIwMemChpsL3QDnRegnOwUQimjIi7AuDkfbh
Igb1M19beWqLPW8das3LofdLYy1JVla9oLKIKfPUir9BsbUhfOlEgQugAQIT8ToL
tlfPXIcZ4lauiHczZcnY79p0kbg5PWxQnnyhCfOJY40rZP6LTmquM+Ub9eazFQvi
VmgyVi/7kAFybg==
-----END CERTIFICATE-----