Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          qj0KGmjV/id4vfenK+hBoQolX/3QB6lOpN2SrCaDEoM=
Subject key identifier:   66:21:53:D6:7B:6C:85:C5:86:D5:EE:23:F3:18:92:53:13:55:A4:BE
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       019D281695634EEC71D54AFB4602E957EE4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          0540
Signing time:             Thu 26 Mar 2026 03:01:01 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:01 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:01 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: 3SfuNhBx9quwdCdDD/88fC953uT237fAahHHtmhsKrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:95:63:4e:ec:71:d5:4a:fb:46:02:e9:57:ee:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Mar 26 03:01:01 2026 GMT
            Not After : Mar 27 03:01:01 2026 GMT
        Subject: CN=662153d67b6c85c586d5ee23f31892531355a4be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0f:69:42:3f:d6:d8:66:1c:25:df:ce:ea:49:
                    c6:aa:59:aa:55:a1:89:ee:0c:f8:e8:38:76:95:ed:
                    1c:ea:5d:34:69:4e:8b:44:75:cd:2b:0c:98:f9:d3:
                    c6:76:38:dc:13:c5:dd:52:93:58:f1:7c:06:37:52:
                    e9:76:85:36:35:e1:fa:85:0a:a3:05:bc:d7:03:50:
                    a7:6e:0b:b7:3d:1d:82:25:93:07:e3:81:0f:3c:58:
                    e5:99:5b:dc:c9:43:86:d9:82:89:07:6a:1c:f1:32:
                    4b:58:93:23:be:ec:e3:e3:c4:fa:87:b9:1b:71:f9:
                    d7:a5:ce:25:b8:d5:09:15:fa:f1:f3:24:ab:6c:27:
                    9a:9d:79:11:03:b1:6d:b1:56:d5:b4:19:2a:d5:a8:
                    03:0c:7d:6a:02:1c:19:d6:7a:06:d9:c6:d8:81:13:
                    98:01:34:a8:80:2d:66:04:d7:49:c3:27:27:6a:81:
                    b8:c8:bc:4a:e9:3f:a6:0f:0a:f5:7f:a0:3c:83:90:
                    9b:73:06:b7:92:66:3b:b3:fa:f2:bb:e5:69:12:6f:
                    5a:aa:20:68:ed:b4:54:7e:0b:e6:4b:a4:2a:c7:49:
                    9d:82:98:82:41:76:88:87:19:e4:67:0e:dc:8d:23:
                    1e:8f:03:ee:f1:2e:48:ec:75:6b:dd:04:0b:0e:54:
                    7f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:21:53:D6:7B:6C:85:C5:86:D5:EE:23:F3:18:92:53:13:55:A4:BE
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:40:57:a8:1c:02:6e:20:c0:50:c9:0a:e5:d4:73:da:34:a5:
         92:d9:10:a8:ec:95:47:e7:ba:8e:1f:3b:f2:ab:d4:b7:56:de:
         e0:4c:a8:a8:52:89:f5:d1:1f:f5:6b:9b:bc:d7:47:c2:18:a8:
         29:47:f4:b1:c0:ce:58:e4:52:6a:9d:fe:20:0d:d4:37:f4:b0:
         b8:95:04:7b:95:06:bf:3a:a5:2f:13:27:3c:0b:2b:6a:5e:34:
         ae:25:39:83:16:05:8f:78:f7:e4:5d:13:07:e3:c8:ec:44:69:
         fb:ae:50:3d:4e:aa:97:6c:54:a9:32:fa:9d:5e:b9:b8:9a:45:
         39:5c:dd:6d:13:fc:5b:bf:e8:81:83:10:57:f8:4e:4d:41:2c:
         23:6e:3d:7e:a1:1a:22:a0:63:91:c1:6c:1d:9d:79:9d:2d:8e:
         75:81:0b:85:dd:56:03:10:07:82:51:26:28:e0:84:79:23:57:
         58:5c:12:6e:ff:bd:c2:ec:9d:5d:0e:7d:03:d8:fc:08:0f:3c:
         20:2c:3d:2f:25:63:08:f9:33:c7:8b:1e:90:56:6b:30:71:d1:
         ca:27:90:4e:aa:4f:31:43:0b:4f:fb:c2:a2:f7:1c:89:80:c1:
         1e:cb:4f:82:e7:b5:15:a1:ff:a2:12:bd:32:53:a8:22:8b:95:
         44:65:af:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFpVjTuxx1Ur7RgLpV+5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjYwMzI2MDMwMTAxWhcNMjYwMzI3MDMwMTAxWjAzMTEwLwYDVQQD
Eyg2NjIxNTNkNjdiNmM4NWM1ODZkNWVlMjNmMzE4OTI1MzEzNTVhNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg9pQj/W2GYcJd/O6knGqlmqVaGJ
7gz46Dh2le0c6l00aU6LRHXNKwyY+dPGdjjcE8XdUpNY8XwGN1LpdoU2NeH6hQqj
BbzXA1Cnbgu3PR2CJZMH44EPPFjlmVvcyUOG2YKJB2oc8TJLWJMjvuzj48T6h7kb
cfnXpc4luNUJFfrx8ySrbCeanXkRA7FtsVbVtBkq1agDDH1qAhwZ1noG2cbYgROY
ATSogC1mBNdJwycnaoG4yLxK6T+mDwr1f6A8g5Cbcwa3kmY7s/ryu+VpEm9aqiBo
7bRUfgvmS6Qqx0mdgpiCQXaIhxnkZw7cjSMejwPu8S5I7HVr3QQLDlR/XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYhU9Z7bIXFhtXuI/MYklMTVaS+MB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0BXqBwC
biDAUMkK5dRz2jSlktkQqOyVR+e6jh878qvUt1be4EyoqFKJ9dEf9WubvNdHwhio
KUf0scDOWORSap3+IA3UN/SwuJUEe5UGvzqlLxMnPAsral40riU5gxYFj3j35F0T
B+PI7ERp+65QPU6ql2xUqTL6nV65uJpFOVzdbRP8W7/ogYMQV/hOTUEsI249fqEa
IqBjkcFsHZ15nS2OdYELhd1WAxAHglEmKOCEeSNXWFwSbv+9wuydXQ59A9j8CA88
ICw9LyVjCPkzx4sekFZrMHHRyieQTqpPMUMLT/vCovcciYDBHstPgue1FaH/ohK9
MlOoIouVRGWvqA==
-----END CERTIFICATE-----