Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          ADZmOYkigHwBr8fchtyZPn5Hmuj6C3geRmIsPqCKMBs=
Subject key identifier:   B0:9A:C2:6C:FD:0A:23:3C:37:A5:9D:1D:E6:D2:F5:2E:DC:5B:46:A9
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       019D273B02ABAD1F42A541A9F94C35DAEEA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          0B0D
Signing time:             Wed 25 Mar 2026 23:01:11 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:11 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:11 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: 33gYMfUIPcbS9OC3f+16CRTojHAx7KZk8y9YKPysR3E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3b:02:ab:ad:1f:42:a5:41:a9:f9:4c:35:da:ee:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Mar 25 23:01:11 2026 GMT
            Not After : Mar 26 23:01:11 2026 GMT
        Subject: CN=b09ac26cfd0a233c37a59d1de6d2f52edc5b46a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:98:e4:34:ea:2e:70:ef:b8:bb:39:05:06:d2:
                    bc:18:f2:f5:97:e1:73:05:46:de:d9:ef:98:56:c1:
                    ff:d9:21:80:33:11:ff:14:36:8d:b1:db:f3:28:cc:
                    36:63:2d:e1:f1:6c:48:68:20:3d:ab:93:39:2a:f9:
                    c1:ee:a2:7e:8a:08:06:07:28:41:1e:fc:00:dc:70:
                    0d:42:90:95:84:b8:71:2a:15:41:3e:13:4f:40:6f:
                    c4:df:76:a8:c1:51:a1:69:86:da:59:66:a5:49:de:
                    0a:fd:e4:1e:3c:46:69:0a:f4:f2:50:5f:69:ab:38:
                    a3:c6:fe:13:d7:9f:d0:72:86:65:60:83:89:e2:d6:
                    74:41:29:4f:f3:99:97:51:a9:4f:c0:0a:a7:20:a4:
                    33:23:4d:10:8e:da:7a:60:df:81:9b:52:2f:7d:51:
                    32:40:b1:9d:60:f3:ca:be:9e:a7:e9:59:91:e4:6c:
                    c5:9e:2c:19:47:15:b2:d7:4c:2c:d6:52:19:26:40:
                    09:62:fd:e7:64:22:9e:f0:32:dc:2c:b4:75:44:d4:
                    a4:ed:81:43:37:a9:51:7d:e4:5f:b1:9f:c4:a1:9e:
                    fa:db:80:58:29:05:e7:34:2f:d5:80:4c:42:7c:06:
                    b9:4e:e7:f7:a1:de:37:b1:d2:0f:aa:5f:24:79:d9:
                    b5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:9A:C2:6C:FD:0A:23:3C:37:A5:9D:1D:E6:D2:F5:2E:DC:5B:46:A9
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:86:98:00:ef:17:73:f6:b2:bc:ef:d5:c9:04:e3:41:99:56:
         1e:75:ac:0f:57:07:33:e1:38:63:af:6a:26:d0:ab:47:ec:5a:
         1a:d1:4e:10:23:6d:61:a7:5f:5e:7d:b3:5f:40:fa:1b:57:ee:
         09:88:28:4a:ad:85:ab:6b:95:4d:00:19:b6:4c:80:c6:c9:55:
         22:e9:db:64:e1:4a:6a:5d:76:6e:c7:f0:03:bd:b8:20:55:1a:
         94:33:4c:da:ac:26:6e:18:7a:b7:27:eb:45:8c:6f:9d:53:11:
         59:55:d4:88:af:5a:55:07:1c:a6:96:19:14:a1:3a:4c:5a:ae:
         23:d5:2e:0b:b0:54:55:d8:ea:62:58:0e:69:b0:c2:a2:4e:67:
         72:0e:94:2f:d3:51:ea:31:5b:b1:c4:d7:02:78:c0:b7:98:34:
         87:77:88:9a:98:e1:7a:b7:0d:dd:9c:fc:c7:6d:da:3c:6b:1d:
         77:1c:44:a1:2b:f6:8e:72:3b:b3:22:0c:a8:ab:ba:d0:eb:86:
         c5:41:6b:d4:b4:1c:62:9f:f6:b9:f5:e8:77:c1:68:b2:05:84:
         82:cb:6f:a1:02:c9:90:22:8c:a1:37:55:62:e1:c3:d8:95:bc:
         4a:8e:61:3d:07:29:26:2d:67:bf:c8:a3:71:5a:8f:a6:f1:22:
         e4:dc:13:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOwKrrR9CpUGp+Uw12u6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjYwMzI1MjMwMTExWhcNMjYwMzI2MjMwMTExWjAzMTEwLwYDVQQD
EyhiMDlhYzI2Y2ZkMGEyMzNjMzdhNTlkMWRlNmQyZjUyZWRjNWI0NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5jkNOoucO+4uzkFBtK8GPL1l+Fz
BUbe2e+YVsH/2SGAMxH/FDaNsdvzKMw2Yy3h8WxIaCA9q5M5KvnB7qJ+iggGByhB
HvwA3HANQpCVhLhxKhVBPhNPQG/E33aowVGhaYbaWWalSd4K/eQePEZpCvTyUF9p
qzijxv4T15/QcoZlYIOJ4tZ0QSlP85mXUalPwAqnIKQzI00Qjtp6YN+Bm1IvfVEy
QLGdYPPKvp6n6VmR5GzFniwZRxWy10ws1lIZJkAJYv3nZCKe8DLcLLR1RNSk7YFD
N6lRfeRfsZ/EoZ7624BYKQXnNC/VgExCfAa5Tuf3od43sdIPql8kedm14wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCawmz9CiM8N6WdHebS9S7cW0apMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV4aYAO8X
c/ayvO/VyQTjQZlWHnWsD1cHM+E4Y69qJtCrR+xaGtFOECNtYadfXn2zX0D6G1fu
CYgoSq2Fq2uVTQAZtkyAxslVIunbZOFKal12bsfwA724IFUalDNM2qwmbhh6tyfr
RYxvnVMRWVXUiK9aVQccppYZFKE6TFquI9UuC7BUVdjqYlgOabDCok5ncg6UL9NR
6jFbscTXAnjAt5g0h3eImpjhercN3Zz8x23aPGsddxxEoSv2jnI7syIMqKu60OuG
xUFr1LQcYp/2ufXod8FosgWEgstvoQLJkCKMoTdVYuHD2JW8So5hPQcpJi1nv8ij
cVqPpvEi5NwTZw==
-----END CERTIFICATE-----