Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          6ERQWQ9c/bbtrG2PXdmCJcfNti7c7TBtxb4PJKlU3rY=
Subject key identifier:   8F:DD:01:0C:ED:3F:01:EA:FF:F4:A8:EF:3E:5C:DD:44:1C:22:29:E7
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       019D2996D2CB31EEB28A55D85A71D758F11A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          130A
Signing time:             Thu 26 Mar 2026 10:00:43 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:43 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:43 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: ioYqjNWAyMFYIjH0Hu9oNr8by87Iaxvnnxkexb98OL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:d2:cb:31:ee:b2:8a:55:d8:5a:71:d7:58:f1:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Mar 26 10:00:43 2026 GMT
            Not After : Mar 27 10:00:43 2026 GMT
        Subject: CN=8fdd010ced3f01eafff4a8ef3e5cdd441c2229e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:2d:f5:19:ef:fb:cc:57:01:35:25:48:f5:f3:
                    e3:ff:6c:89:89:af:c3:45:1c:e4:b8:8a:f8:10:af:
                    f1:18:63:e7:6b:8b:86:21:aa:55:f1:3d:9d:3d:8e:
                    e4:ef:c8:27:e9:d8:27:9b:2e:19:03:ec:e0:06:f0:
                    9e:ca:c4:b6:e4:6d:2e:02:6c:b2:3d:e6:9b:8b:54:
                    46:bb:22:0e:ff:db:8c:6d:e6:b1:13:f1:4e:cb:64:
                    ad:e7:cd:5a:98:d0:64:30:91:43:bd:b4:a7:73:3a:
                    9f:86:bc:f0:9e:c0:e6:96:13:8a:ae:a4:5c:8c:2f:
                    66:9e:7c:80:82:14:25:54:60:7e:94:74:69:08:cf:
                    3a:6d:21:fb:a2:a5:a2:27:ae:24:23:ce:c6:ee:c1:
                    27:74:ed:c6:d2:4b:28:b5:b3:08:6e:9b:c6:94:60:
                    bb:d7:18:45:0d:cf:1c:f4:0f:f0:69:22:42:8d:5d:
                    0f:93:42:76:ba:e5:de:5f:52:00:13:8b:6b:86:c9:
                    51:7b:a3:29:0d:8f:1e:1e:2b:e7:ea:fe:97:fe:2d:
                    94:d3:45:47:c7:94:59:6e:42:1f:30:9b:57:a4:87:
                    15:0a:78:8f:0b:15:af:2c:03:53:c9:75:06:98:b2:
                    75:df:90:39:42:6b:0a:cd:e7:63:b3:68:17:15:f4:
                    ee:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DD:01:0C:ED:3F:01:EA:FF:F4:A8:EF:3E:5C:DD:44:1C:22:29:E7
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:36:e5:29:5c:bd:59:a2:f0:90:9c:c1:9e:50:68:70:89:8c:
         0a:1a:0b:22:29:ee:d7:97:84:a9:eb:a3:27:21:37:6e:02:b9:
         27:43:7f:08:cc:37:0e:6e:4b:7b:63:40:1a:61:be:f9:66:6d:
         b2:18:06:6a:45:e4:2f:a1:33:4f:82:b0:34:c1:3f:97:3f:87:
         b3:3c:8f:80:7b:62:52:8d:df:63:15:0f:e8:fe:14:5e:05:fd:
         8e:81:08:da:e7:ae:04:87:3b:8f:fa:a9:9c:d6:f4:fc:54:61:
         64:09:8c:48:fa:2a:01:8f:5a:21:21:e8:18:e4:a0:f3:1b:fb:
         d9:c1:66:be:57:b7:ba:89:5f:e4:c9:13:84:85:fe:5b:ae:cf:
         09:2f:b5:00:20:60:64:f5:f5:9f:38:af:d1:21:b8:eb:8a:53:
         6a:f4:b9:36:26:81:dd:60:ec:5d:f0:66:7f:81:16:72:3e:05:
         f9:16:76:6d:35:81:d3:51:3d:7b:a1:72:2d:c3:db:9a:57:7f:
         26:27:71:ad:8a:bf:db:f8:05:c3:1a:9a:01:8c:45:03:69:1f:
         fb:c0:83:81:55:bb:e7:cb:7f:1b:3e:a3:48:d2:32:82:21:a3:
         9b:fa:ed:22:1b:d7:eb:fe:71:cf:b1:8a:fe:8a:ab:6a:1f:bc:
         21:7b:55:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pltLLMe6yilXYWnHXWPEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjYwMzI2MTAwMDQzWhcNMjYwMzI3MTAwMDQzWjAzMTEwLwYDVQQD
Eyg4ZmRkMDEwY2VkM2YwMWVhZmZmNGE4ZWYzZTVjZGQ0NDFjMjIyOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy31Ge/7zFcBNSVI9fPj/2yJia/D
RRzkuIr4EK/xGGPna4uGIapV8T2dPY7k78gn6dgnmy4ZA+zgBvCeysS25G0uAmyy
Peabi1RGuyIO/9uMbeaxE/FOy2St581amNBkMJFDvbSnczqfhrzwnsDmlhOKrqRc
jC9mnnyAghQlVGB+lHRpCM86bSH7oqWiJ64kI87G7sEndO3G0ksotbMIbpvGlGC7
1xhFDc8c9A/waSJCjV0Pk0J2uuXeX1IAE4trhslRe6MpDY8eHivn6v6X/i2U00VH
x5RZbkIfMJtXpIcVCniPCxWvLANTyXUGmLJ135A5QmsKzedjs2gXFfTuFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/dAQztPwHq//So7z5c3UQcIinnMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMjblKVy9
WaLwkJzBnlBocImMChoLIinu15eEqeujJyE3bgK5J0N/CMw3Dm5Le2NAGmG++WZt
shgGakXkL6EzT4KwNME/lz+HszyPgHtiUo3fYxUP6P4UXgX9joEI2ueuBIc7j/qp
nNb0/FRhZAmMSPoqAY9aISHoGOSg8xv72cFmvle3uolf5MkThIX+W67PCS+1ACBg
ZPX1nziv0SG464pTavS5NiaB3WDsXfBmf4EWcj4F+RZ2bTWB01E9e6FyLcPbmld/
JidxrYq/2/gFwxqaAYxFA2kf+8CDgVW758t/Gz6jSNIygiGjm/rtIhvX6/5xz7GK
/oqrah+8IXtV/g==
-----END CERTIFICATE-----