Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          DjoztQfBbsUawLVgn40sYsCqrPAEJJ8JUJI37HalQEE=
Subject key identifier:   25:C6:66:75:FE:07:4E:3A:79:FE:0F:2E:E0:2A:4D:A7:51:C5:91:2C
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       019D2628965F6DCC2D6345729C4C4FAA292F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          06F9
Signing time:             Wed 25 Mar 2026 18:01:27 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:27 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:27 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: PcQSrrWSygz+PnQjIDnVwmR2fcpozrsk5GOBYH2ZjBY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:96:5f:6d:cc:2d:63:45:72:9c:4c:4f:aa:29:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Mar 25 18:01:27 2026 GMT
            Not After : Mar 26 18:01:27 2026 GMT
        Subject: CN=25c66675fe074e3a79fe0f2ee02a4da751c5912c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:51:25:6c:4b:db:2d:78:d8:e7:8a:b9:6d:de:
                    3d:1d:70:b2:d6:62:1f:b8:fd:ec:25:fd:1a:58:b2:
                    b8:74:4b:16:93:27:42:85:58:ba:bb:04:c0:33:41:
                    07:86:f2:94:28:6a:9b:14:e0:01:89:1d:62:9f:f5:
                    31:85:fb:83:04:7d:8b:8d:32:19:af:93:de:7a:32:
                    c7:f9:82:28:8b:fb:b6:1c:7d:09:42:69:4d:3e:45:
                    9a:97:66:d1:32:f0:cd:ad:3f:db:f4:dd:9b:15:de:
                    44:41:ac:cf:f1:9f:c7:30:a4:4c:2e:36:b9:fa:86:
                    3d:79:8e:79:8f:fa:0e:2e:73:94:20:7c:d8:8e:16:
                    a8:94:88:90:11:e5:ed:a6:b0:a9:47:7e:69:59:eb:
                    ca:c2:51:e6:60:2b:1f:5c:60:03:be:db:8c:49:f0:
                    a6:c1:ca:10:ce:bc:8f:4f:f2:1d:e6:e6:07:32:38:
                    af:57:da:55:15:ec:0a:bf:ee:20:fb:ae:30:61:8e:
                    c9:14:02:67:82:17:0a:94:a6:6a:29:7c:fd:79:63:
                    56:41:b0:31:28:1c:4e:7f:23:41:1a:1d:69:ef:01:
                    22:e2:46:71:d8:cc:32:bc:97:3b:07:ee:44:be:7c:
                    85:9c:dd:26:b7:b2:f2:7d:35:a5:1b:55:02:75:fc:
                    45:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C6:66:75:FE:07:4E:3A:79:FE:0F:2E:E0:2A:4D:A7:51:C5:91:2C
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:f8:37:21:40:c7:6a:a8:05:26:bb:72:0c:6b:2d:ca:56:16:
         65:43:41:12:91:f9:db:da:21:2f:3f:87:a1:d2:b9:16:ce:48:
         5e:ad:8d:53:41:82:cc:c4:cc:66:b3:56:6b:f2:39:8a:d7:a0:
         bc:86:d5:a5:e8:e0:fb:b3:78:43:4a:23:bd:13:29:1b:d2:55:
         1d:d4:a9:a8:5c:64:6e:c0:0b:ed:c2:c3:94:74:a3:22:23:76:
         51:5e:a4:34:f4:e6:3d:17:e3:50:34:60:fb:6e:69:86:1e:ee:
         a1:e3:b8:b4:18:e3:04:e9:3e:3f:9f:43:75:b8:25:2b:43:10:
         08:77:d9:db:5f:80:a7:3f:87:19:46:d2:63:a0:6a:be:66:66:
         b3:4f:72:54:61:87:bd:01:5c:a6:34:32:57:c3:72:ad:d0:b4:
         8d:e3:e9:78:0d:8b:ce:10:f7:bc:3c:9c:d2:aa:dc:b3:ea:d2:
         1a:22:41:fc:a1:1a:95:1f:82:f1:cd:a6:e5:7a:d9:70:83:b1:
         6e:e0:32:a4:fd:08:3c:ba:b4:1c:f4:60:88:19:a5:82:56:db:
         c1:b9:b6:25:29:27:4e:cb:ae:31:21:cf:0d:14:5f:70:21:db:
         df:27:0b:d0:54:41:6d:7e:d5:51:00:b7:3c:a3:dc:89:af:38:
         62:79:da:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKJZfbcwtY0VynExPqikvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjYwMzI1MTgwMTI3WhcNMjYwMzI2MTgwMTI3WjAzMTEwLwYDVQQD
EygyNWM2NjY3NWZlMDc0ZTNhNzlmZTBmMmVlMDJhNGRhNzUxYzU5MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lElbEvbLXjY54q5bd49HXCy1mIf
uP3sJf0aWLK4dEsWkydChVi6uwTAM0EHhvKUKGqbFOABiR1in/UxhfuDBH2LjTIZ
r5PeejLH+YIoi/u2HH0JQmlNPkWal2bRMvDNrT/b9N2bFd5EQazP8Z/HMKRMLja5
+oY9eY55j/oOLnOUIHzYjhaolIiQEeXtprCpR35pWevKwlHmYCsfXGADvtuMSfCm
wcoQzryPT/Id5uYHMjivV9pVFewKv+4g+64wYY7JFAJnghcKlKZqKXz9eWNWQbAx
KBxOfyNBGh1p7wEi4kZx2MwyvJc7B+5EvnyFnN0mt7LyfTWlG1UCdfxFkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXGZnX+B046ef4PLuAqTadRxZEsMB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAePg3IUDH
aqgFJrtyDGstylYWZUNBEpH529ohLz+HodK5Fs5IXq2NU0GCzMTMZrNWa/I5iteg
vIbVpejg+7N4Q0ojvRMpG9JVHdSpqFxkbsAL7cLDlHSjIiN2UV6kNPTmPRfjUDRg
+25phh7uoeO4tBjjBOk+P59DdbglK0MQCHfZ21+Apz+HGUbSY6BqvmZms09yVGGH
vQFcpjQyV8NyrdC0jePpeA2LzhD3vDyc0qrcs+rSGiJB/KEalR+C8c2m5XrZcIOx
buAypP0IPLq0HPRgiBmlglbbwbm2JSknTsuuMSHPDRRfcCHb3ycL0FRBbX7VUQC3
PKPcia84YnnahQ==
-----END CERTIFICATE-----