Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          WpkUMVFBRcdy/1nOC+CKYZZ9ziHnxwRv54qzxW/oeAE=
Subject key identifier:   60:78:6F:F2:D9:EF:77:65:59:D6:6F:93:5F:CA:97:BA:41:F3:24:44
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       019D25F203FCDF20D0945277713A77F53F3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          096A
Signing time:             Wed 25 Mar 2026 17:01:50 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:50 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:50 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: smk/d7UA92Q9KShsNnv0Lh5KY9iyLiuljprH510zuB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f2:03:fc:df:20:d0:94:52:77:71:3a:77:f5:3f:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: Mar 25 17:01:50 2026 GMT
            Not After : Mar 26 17:01:50 2026 GMT
        Subject: CN=60786ff2d9ef776559d66f935fca97ba41f32444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:96:75:d7:06:db:45:c6:b0:5e:59:48:bc:3a:
                    c1:5e:08:a9:a4:dd:52:25:9e:59:4d:ae:f5:fc:e4:
                    db:91:a9:d0:a7:03:35:c2:4b:b2:10:31:d8:54:be:
                    70:a4:31:71:da:98:cb:e3:91:8e:4a:17:61:50:0e:
                    b9:7f:59:7e:02:fe:fa:96:1b:04:35:ed:d1:07:6c:
                    22:2a:cd:06:3f:d5:8a:64:51:5f:36:07:b2:95:c3:
                    92:d0:4e:04:78:7f:8f:70:3e:5b:fa:53:85:94:92:
                    1e:84:61:37:b5:5d:97:48:ce:9b:52:4c:6d:23:c2:
                    d0:83:07:90:f3:53:f3:8a:99:9a:31:09:c4:9b:4b:
                    07:3e:6d:09:30:b3:13:8d:de:bf:1e:78:67:17:cc:
                    e5:86:ed:6e:71:55:fb:ec:7a:e0:8c:d7:56:ae:1e:
                    2f:94:8a:78:bd:fd:e1:df:d0:af:18:bc:18:dd:e2:
                    6f:95:86:9f:1e:05:45:42:fc:bc:06:b6:b3:81:ac:
                    cd:a4:99:65:f2:77:63:ea:fa:d1:f1:d1:05:a2:4f:
                    6a:4c:84:94:2c:94:b4:a0:aa:e3:1f:43:d2:98:fc:
                    4b:ff:fe:79:42:de:7c:6a:22:46:12:92:22:9b:11:
                    21:53:a9:b2:5a:90:61:af:4a:3c:df:55:f8:3e:cc:
                    c0:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:78:6F:F2:D9:EF:77:65:59:D6:6F:93:5F:CA:97:BA:41:F3:24:44
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e2:04:a0:d7:28:1b:08:f1:8e:92:5c:02:20:fc:84:62:20:
         ae:ad:b1:52:3e:29:33:2c:cc:db:6d:0f:d6:f4:e5:94:7d:1d:
         5c:fa:77:52:e4:61:91:e8:2d:da:d6:56:ba:0f:ac:6e:f3:91:
         f7:be:db:16:a9:5d:f8:ea:cc:cf:7f:80:85:1d:bd:c6:ea:e4:
         78:5e:52:35:fe:69:2b:f2:4a:03:ef:1a:71:dd:b5:ab:e0:70:
         a2:52:97:15:60:30:be:1d:1e:b0:0b:e4:8e:e9:58:70:3e:60:
         27:d2:2d:18:d2:93:8a:e1:9d:da:d9:8b:77:51:5f:a1:12:b7:
         59:59:0a:09:77:7d:63:ab:95:3e:4c:4a:7b:83:d8:05:60:1d:
         6b:40:06:2e:66:f1:f1:52:f5:59:47:0a:98:12:4d:88:78:a9:
         d7:d9:ec:52:a6:09:68:2e:3b:2d:3b:a1:58:c8:3a:cf:82:2b:
         25:39:f7:aa:3d:00:f0:e5:e8:b2:8d:65:bb:1d:31:43:7f:c2:
         75:61:17:80:03:a0:9f:2a:71:14:13:47:20:e4:7a:39:f0:49:
         56:d7:01:ff:2d:af:28:4a:d0:66:cb:e6:fe:12:f4:88:a7:44:
         a1:ef:a9:45:f6:02:51:93:0c:1f:d4:8b:eb:ab:82:90:b7:7c:
         c3:b2:57:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8gP83yDQlFJ3cTp39T86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjYwMzI1MTcwMTUwWhcNMjYwMzI2MTcwMTUwWjAzMTEwLwYDVQQD
Eyg2MDc4NmZmMmQ5ZWY3NzY1NTlkNjZmOTM1ZmNhOTdiYTQxZjMyNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5Z11wbbRcawXllIvDrBXgippN1S
JZ5ZTa71/OTbkanQpwM1wkuyEDHYVL5wpDFx2pjL45GOShdhUA65f1l+Av76lhsE
Ne3RB2wiKs0GP9WKZFFfNgeylcOS0E4EeH+PcD5b+lOFlJIehGE3tV2XSM6bUkxt
I8LQgweQ81PzipmaMQnEm0sHPm0JMLMTjd6/HnhnF8zlhu1ucVX77HrgjNdWrh4v
lIp4vf3h39CvGLwY3eJvlYafHgVFQvy8BrazgazNpJll8ndj6vrR8dEFok9qTISU
LJS0oKrjH0PSmPxL//55Qt58aiJGEpIimxEhU6myWpBhr0o831X4PszAsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGB4b/LZ73dlWdZvk1/Kl7pB8yREMB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeIEoNco
GwjxjpJcAiD8hGIgrq2xUj4pMyzM220P1vTllH0dXPp3UuRhkegt2tZWug+sbvOR
977bFqld+OrMz3+AhR29xurkeF5SNf5pK/JKA+8acd21q+BwolKXFWAwvh0esAvk
julYcD5gJ9ItGNKTiuGd2tmLd1FfoRK3WVkKCXd9Y6uVPkxKe4PYBWAda0AGLmbx
8VL1WUcKmBJNiHip19nsUqYJaC47LTuhWMg6z4IrJTn3qj0A8OXoso1lux0xQ3/C
dWEXgAOgnypxFBNHIOR6OfBJVtcB/y2vKErQZsvm/hL0iKdEoe+pRfYCUZMMH9SL
66uCkLd8w7JXrA==
-----END CERTIFICATE-----