Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          2z3PxgevxrV64R3VyNMzBbcS1OaA7FzkMvSvvEpLb5M=
Subject key identifier:   11:1D:3C:EB:D6:73:AB:F0:80:E4:E2:62:73:84:C5:48:1B:D5:7E:38
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       019D27044F1066C63DD703216EF067E6CDD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:26 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:26 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:26 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: yTX8syTyK7xgumKzvWoJN9wvDJ/baN9j/SsJNjWiiaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:4f:10:66:c6:3d:d7:03:21:6e:f0:67:e6:cd:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Mar 25 22:01:26 2026 GMT
            Not After : Mar 26 22:01:26 2026 GMT
        Subject: CN=111d3cebd673abf080e4e2627384c5481bd57e38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2a:ca:ce:ab:a1:4d:7f:00:47:14:7c:9f:f1:
                    3d:0e:8f:47:a5:a0:ed:2d:b5:f8:91:28:e7:bc:bb:
                    e0:3a:5d:97:42:51:3a:61:06:13:93:fc:e3:3a:fc:
                    b4:4a:51:a9:bb:64:cd:d5:35:d6:16:bf:4e:4c:41:
                    dc:b2:df:cc:9d:49:10:65:bb:d2:ab:a6:3a:a1:92:
                    c9:e5:df:a4:61:a9:fe:0f:ef:3c:c4:fa:28:66:d3:
                    42:b8:9c:0c:82:a4:7b:1b:d6:ed:b8:ce:9a:4b:d1:
                    00:8c:90:f0:fc:a3:30:d4:d1:71:3c:e8:b2:4c:be:
                    62:a8:32:3d:42:59:87:56:b2:7c:6a:f0:d4:b5:9e:
                    a4:7d:f6:85:f6:f9:3e:b8:6d:bc:9e:e0:24:37:92:
                    c8:c4:63:0d:de:9f:76:d9:2d:41:3c:a4:17:50:ce:
                    48:4f:7b:65:72:83:91:fa:0b:38:87:3d:6f:31:30:
                    84:cf:59:dd:b5:8b:5b:f3:c8:58:f5:51:ec:55:16:
                    37:51:88:cd:2b:9d:52:17:8a:ac:0b:21:e2:73:af:
                    bb:d7:ff:40:78:53:03:1d:19:f8:b9:f7:3e:6f:12:
                    22:7b:41:02:50:b6:03:15:fd:23:33:07:2f:1c:32:
                    3f:bd:c5:28:d3:8b:02:0e:3e:8d:f8:c2:9a:4f:8f:
                    65:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:1D:3C:EB:D6:73:AB:F0:80:E4:E2:62:73:84:C5:48:1B:D5:7E:38
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:37:71:31:d2:a3:2d:dc:ee:80:0c:0f:f1:ec:ab:c0:85:57:
         be:da:1d:3a:12:68:8a:32:60:3b:82:1c:54:01:cc:bc:d7:30:
         d3:1e:8d:92:a3:f4:8e:2a:b0:a4:06:e0:99:f1:39:6c:63:20:
         ca:89:71:6f:3a:b8:fe:0a:5a:c0:24:35:00:21:c2:6b:2c:42:
         5a:e6:16:bc:14:19:cd:88:da:44:7c:a0:fb:cb:01:97:e7:be:
         89:70:0e:89:b4:c8:86:1e:e0:89:ad:89:d1:3a:6a:ae:6d:c6:
         96:3b:85:fc:ec:29:e1:79:68:26:ae:6f:0a:d8:73:f7:33:05:
         c1:1e:65:af:95:15:15:50:b3:4d:36:e3:61:44:56:de:17:bd:
         d7:81:8e:b3:40:c7:47:ac:8c:58:31:c1:ca:a7:64:79:64:63:
         09:45:ae:d3:db:fb:1a:fe:81:33:ea:43:a3:45:26:96:91:73:
         7b:79:c0:43:26:65:23:8b:d9:92:6f:07:cf:7a:00:60:24:d8:
         c5:bc:85:25:1f:8c:7f:9a:dc:ca:e7:2a:a4:12:20:98:2c:b9:
         d7:ec:26:85:01:91:6e:00:44:44:d7:f8:61:0a:d1:9b:e0:bd:
         ed:1b:b1:d7:83:8e:3d:6b:1f:85:f3:6d:8f:ee:df:2d:ae:f1:
         bb:82:f2:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBE8QZsY91wMhbvBn5s3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjYwMzI1MjIwMTI2WhcNMjYwMzI2MjIwMTI2WjAzMTEwLwYDVQQD
EygxMTFkM2NlYmQ2NzNhYmYwODBlNGUyNjI3Mzg0YzU0ODFiZDU3ZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArirKzquhTX8ARxR8n/E9Do9HpaDt
LbX4kSjnvLvgOl2XQlE6YQYTk/zjOvy0SlGpu2TN1TXWFr9OTEHcst/MnUkQZbvS
q6Y6oZLJ5d+kYan+D+88xPooZtNCuJwMgqR7G9btuM6aS9EAjJDw/KMw1NFxPOiy
TL5iqDI9QlmHVrJ8avDUtZ6kffaF9vk+uG28nuAkN5LIxGMN3p922S1BPKQXUM5I
T3tlcoOR+gs4hz1vMTCEz1ndtYtb88hY9VHsVRY3UYjNK51SF4qsCyHic6+71/9A
eFMDHRn4ufc+bxIie0ECULYDFf0jMwcvHDI/vcUo04sCDj6N+MKaT49ljwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEdPOvWc6vwgOTiYnOExUgb1X44MB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfDdxMdKj
LdzugAwP8eyrwIVXvtodOhJoijJgO4IcVAHMvNcw0x6NkqP0jiqwpAbgmfE5bGMg
yolxbzq4/gpawCQ1ACHCayxCWuYWvBQZzYjaRHyg+8sBl+e+iXAOibTIhh7gia2J
0Tpqrm3GljuF/Owp4XloJq5vCthz9zMFwR5lr5UVFVCzTTbjYURW3he914GOs0DH
R6yMWDHByqdkeWRjCUWu09v7Gv6BM+pDo0UmlpFze3nAQyZlI4vZkm8Hz3oAYCTY
xbyFJR+Mf5rcyucqpBIgmCy51+wmhQGRbgBERNf4YQrRm+C97Rux14OOPWsfhfNt
j+7fLa7xu4LyOw==
-----END CERTIFICATE-----