Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
File:                     tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft (raw, json)
Hash identifier:          bSmJ91/FIMrWOUDYbcWNia+SHA4tEHusORDOvnXTSE4=
Subject key identifier:   F5:52:47:34:2E:55:33:71:76:FA:84:35:12:FD:B9:CE:A8:63:0C:13
Authority key identifier: B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E
Certificate issuer:       /CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
Certificate serial:       019D28F2E8AD5B7699468FB63D8949E926BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
Manifest number:          0EF1
Signing time:             Thu 26 Mar 2026 07:01:41 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:41 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:41 +0000
Files and hashes:         1: tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl (hash: 7TjetsYjcXiOiKUjQU7a6XV5oACPatIlmbS0Xo01zC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:e8:ad:5b:76:99:46:8f:b6:3d:89:49:e9:26:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e
        Validity
            Not Before: Mar 26 07:01:41 2026 GMT
            Not After : Mar 27 07:01:41 2026 GMT
        Subject: CN=f55247342e55337176fa843512fdb9cea8630c13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a9:23:4f:b7:25:37:4a:3e:86:23:d5:67:24:
                    81:7e:a9:2e:99:5c:31:e4:d7:69:41:51:9d:a2:d2:
                    ce:c6:b9:59:26:b8:d4:1e:0e:7a:de:30:3c:89:2f:
                    74:99:13:da:7e:59:00:96:70:8d:7b:32:b8:a8:14:
                    1b:c9:d4:f1:00:8d:33:9e:d9:ec:cd:36:ae:cd:e0:
                    48:77:c8:bd:e9:33:0b:7a:a3:89:b5:9a:1c:11:a0:
                    3a:ea:62:ff:06:3a:71:0a:53:bf:97:8a:38:1b:fd:
                    d9:58:be:77:58:8a:05:42:aa:b5:b4:c2:82:89:cf:
                    d4:b0:b5:ee:77:44:d1:ad:d0:fb:ea:7a:9e:86:b1:
                    92:cb:59:21:c4:ed:43:00:68:b2:1e:0a:10:32:65:
                    ad:a0:d5:4f:b3:30:59:8a:0c:cf:51:80:4a:14:53:
                    27:e2:00:ba:ef:b0:b3:0b:2e:90:13:d7:38:52:b0:
                    a2:dd:23:22:74:1e:e2:53:4d:ad:f1:e7:28:cc:00:
                    6f:cd:d4:c9:6d:03:c4:ef:85:4f:21:8f:cc:a8:ce:
                    64:53:bb:ce:d3:5d:8d:55:e6:ad:28:3c:7b:94:10:
                    ca:9a:3e:a9:40:ec:ab:f6:53:9e:4b:2c:ff:74:47:
                    c3:93:f4:32:03:db:b3:5b:f9:e6:89:4b:f0:36:7d:
                    0e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:52:47:34:2E:55:33:71:76:FA:84:35:12:FD:B9:CE:A8:63:0C:13
            X509v3 Authority Key Identifier:
                keyid:B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:37:fd:83:a0:46:f5:7e:c7:71:0f:74:34:f1:8f:b3:c5:bf:
         f3:d0:3f:73:fb:df:81:a7:d6:07:2b:dc:af:62:1a:9c:b5:90:
         d1:ca:9a:b4:d1:d4:c3:ee:4d:f8:c5:a6:f8:1a:37:47:53:8c:
         46:69:11:a6:de:fc:d4:b8:87:5b:c2:d2:79:e1:14:02:a3:91:
         a2:91:d7:9d:42:ee:f5:3c:13:63:58:ca:b9:e0:32:4c:30:6d:
         c4:da:03:5c:49:cc:a6:5a:61:4e:fe:3a:43:28:f4:fe:7a:28:
         42:96:b9:7f:b0:3e:0a:86:1b:6c:95:46:65:8f:7a:d4:39:a0:
         04:25:c7:d4:53:75:93:2f:05:42:59:c6:51:00:b9:0b:37:d6:
         ea:db:4b:f4:27:79:2a:1d:8f:cb:f9:c1:18:4e:fb:8c:5b:77:
         38:19:d8:cd:5a:d0:77:59:0e:02:91:42:15:80:26:67:b6:fa:
         3a:65:98:49:51:cd:c6:88:a3:98:81:c5:ec:75:7c:22:06:2f:
         6c:1d:63:3d:be:00:40:ea:5a:ee:e0:ab:62:86:f4:ad:91:d2:
         e0:30:04:9d:c8:7e:6c:29:e6:c5:80:0d:7e:0b:9d:f4:d2:cc:
         c9:1e:ea:27:96:a4:2b:e5:3f:30:5c:0d:ee:60:f9:30:e3:51:
         66:9f:69:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8uitW3aZRo+2PYlJ6Sa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NzA3MTk3ZTgzNjc2MGM1OTJlMWVmMTFmMWI0Y2JlNWJm
ZDRkMmUwHhcNMjYwMzI2MDcwMTQxWhcNMjYwMzI3MDcwMTQxWjAzMTEwLwYDVQQD
EyhmNTUyNDczNDJlNTUzMzcxNzZmYTg0MzUxMmZkYjljZWE4NjMwYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qkjT7clN0o+hiPVZySBfqkumVwx
5NdpQVGdotLOxrlZJrjUHg563jA8iS90mRPaflkAlnCNezK4qBQbydTxAI0zntns
zTauzeBId8i96TMLeqOJtZocEaA66mL/BjpxClO/l4o4G/3ZWL53WIoFQqq1tMKC
ic/UsLXud0TRrdD76nqehrGSy1khxO1DAGiyHgoQMmWtoNVPszBZigzPUYBKFFMn
4gC677CzCy6QE9c4UrCi3SMidB7iU02t8ecozABvzdTJbQPE74VPIY/MqM5kU7vO
012NVeatKDx7lBDKmj6pQOyr9lOeSyz/dEfDk/QyA9uzW/nmiUvwNn0OPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVSRzQuVTNxdvqENRL9uc6oYwwTMB8GA1UdIwQY
MBaAFLZwcZfoNnYMWS4e8R8bTL5b/U0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4Nzgt
NjY2N2ZhNTFjNDYwLzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4NzgtNjY2N2ZhNTFjNDYw
LzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuDf9g6BG
9X7HcQ90NPGPs8W/89A/c/vfgafWByvcr2IanLWQ0cqatNHUw+5N+MWm+Bo3R1OM
RmkRpt781LiHW8LSeeEUAqORopHXnULu9TwTY1jKueAyTDBtxNoDXEnMplphTv46
Qyj0/nooQpa5f7A+CoYbbJVGZY961DmgBCXH1FN1ky8FQlnGUQC5CzfW6ttL9Cd5
Kh2Py/nBGE77jFt3OBnYzVrQd1kOApFCFYAmZ7b6OmWYSVHNxoijmIHF7HV8IgYv
bB1jPb4AQOpa7uCrYob0rZHS4DAEnch+bCnmxYANfgud9NLMyR7qJ5akK+U/MFwN
7mD5MONRZp9pbA==
-----END CERTIFICATE-----