Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
File:                     Tle6dst9bSrsBSA89BuOZxbufqA.mft (raw, json)
Hash identifier:          Q8vZ9sZ3Pa+j6UooJybPmR3pw3h7YUO8bEXn9OoCMTs=
Subject key identifier:   A2:40:4B:94:8A:08:DE:0D:C0:A2:D9:0C:64:C4:F2:A7:D2:68:9F:8D
Authority key identifier: 4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0
Certificate issuer:       /CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
Certificate serial:       019D2704DCAFEBB43C271FE86345D52E5643
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
Manifest number:          11AB
Signing time:             Wed 25 Mar 2026 22:02:02 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:02 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:02 +0000
Files and hashes:         1: Tle6dst9bSrsBSA89BuOZxbufqA.crl (hash: wlE8VCzInzVwz3Yn2qxebIijVy0bAm64ZqKeBBYl1iY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:dc:af:eb:b4:3c:27:1f:e8:63:45:d5:2e:56:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
        Validity
            Not Before: Mar 25 22:02:02 2026 GMT
            Not After : Mar 26 22:02:02 2026 GMT
        Subject: CN=a2404b948a08de0dc0a2d90c64c4f2a7d2689f8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a3:d0:67:43:1e:9f:4e:db:1e:3e:66:b6:57:
                    57:e6:b5:7c:fc:ca:92:05:10:cd:2e:74:cd:c5:9a:
                    9d:2b:90:76:6c:39:c8:01:11:5c:9c:66:5b:d0:11:
                    b7:82:82:3a:71:1b:52:18:29:23:f1:a4:6e:83:a0:
                    d3:76:ad:b9:61:0f:a6:c8:56:0a:de:8a:b3:15:6e:
                    81:38:ab:6d:e4:67:09:70:d0:15:fe:28:9b:ed:04:
                    bc:bf:9b:dc:d4:4a:82:a5:47:d2:af:2a:2a:13:2b:
                    c3:24:cc:8a:e8:22:ec:13:1a:c3:e4:63:26:ae:05:
                    97:51:6b:2f:56:6e:ff:ac:dc:1e:c3:df:14:41:cb:
                    5b:65:6e:b6:f0:09:c3:b2:d3:82:7f:0f:78:c6:f1:
                    d6:ed:eb:1d:41:ae:c8:f5:50:b3:4e:86:21:6d:fa:
                    80:b5:cd:07:00:39:ad:c4:74:b5:38:e2:4d:68:f3:
                    69:09:f7:3f:58:da:60:99:41:92:01:fc:c7:3d:51:
                    53:11:dd:2c:12:6f:2b:28:4d:52:b0:f0:df:e3:61:
                    fe:18:41:25:7b:e8:c7:c7:44:d5:89:ed:c0:2c:f2:
                    5d:2c:c9:7a:ce:04:37:26:4e:05:93:01:5d:9d:b3:
                    de:ee:fe:84:78:81:34:38:dc:f5:11:5c:93:8a:cd:
                    d7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:40:4B:94:8A:08:DE:0D:C0:A2:D9:0C:64:C4:F2:A7:D2:68:9F:8D
            X509v3 Authority Key Identifier:
                keyid:4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:84:bf:2d:e5:55:5b:a9:2c:e8:2f:51:f0:7b:63:80:20:a2:
         c5:82:70:3b:7a:ae:90:87:d5:4a:8f:b2:3c:74:5a:a3:0a:00:
         c2:08:36:cc:c9:7a:0a:f2:21:70:f1:22:83:85:fd:e2:c5:4e:
         b9:e9:5a:db:12:87:59:3d:62:47:69:68:98:4b:90:29:ec:08:
         14:e8:87:2c:35:7c:dd:d4:ff:14:1b:d3:b9:cc:4b:1f:2d:cb:
         ff:95:d4:21:0e:41:fd:6a:95:1c:06:d4:0e:bb:f2:b5:fd:09:
         12:e1:c6:54:c4:f7:b6:7a:79:66:52:85:fd:38:5d:d6:ff:ba:
         a4:8c:0d:01:6e:f0:7a:fb:0a:a6:25:7c:70:5c:c8:f7:58:09:
         19:8b:2b:79:52:cd:c9:1a:c9:fe:15:4b:c2:8e:07:9b:d0:07:
         ee:da:bd:9d:58:16:42:60:26:dc:26:1b:96:8d:ad:6e:6c:51:
         23:f4:6e:64:5d:71:ab:b1:14:0c:a7:9c:b9:0b:5d:5b:42:fb:
         bb:37:89:06:32:c3:27:7e:7d:01:bb:b7:0c:9a:bd:5a:6f:f1:
         cb:73:69:68:53:e6:fa:74:17:84:6a:23:1d:b2:d1:1f:91:b7:
         8d:3f:dd:bd:a9:38:b5:65:1f:82:9c:fe:c0:12:48:d1:5d:80:
         a3:6b:c0:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBNyv67Q8Jx/oY0XVLlZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTdiYTc2Y2I3ZDZkMmFlYzA1MjAzY2Y0MWI4ZTY3MTZl
ZTdlYTAwHhcNMjYwMzI1MjIwMjAyWhcNMjYwMzI2MjIwMjAyWjAzMTEwLwYDVQQD
EyhhMjQwNGI5NDhhMDhkZTBkYzBhMmQ5MGM2NGM0ZjJhN2QyNjg5ZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraPQZ0Men07bHj5mtldX5rV8/MqS
BRDNLnTNxZqdK5B2bDnIARFcnGZb0BG3goI6cRtSGCkj8aRug6DTdq25YQ+myFYK
3oqzFW6BOKtt5GcJcNAV/iib7QS8v5vc1EqCpUfSryoqEyvDJMyK6CLsExrD5GMm
rgWXUWsvVm7/rNwew98UQctbZW628AnDstOCfw94xvHW7esdQa7I9VCzToYhbfqA
tc0HADmtxHS1OOJNaPNpCfc/WNpgmUGSAfzHPVFTEd0sEm8rKE1SsPDf42H+GEEl
e+jHx0TVie3ALPJdLMl6zgQ3Jk4FkwFdnbPe7v6EeIE0ONz1EVyTis3XGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJAS5SKCN4NwKLZDGTE8qfSaJ+NMB8GA1UdIwQY
MBaAFE5XunbLfW0q7AUgPPQbjmcW7n6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEt
YjcyZDdhZGJmYjk2LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEtYjcyZDdhZGJmYjk2
LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApoS/LeVV
W6ks6C9R8HtjgCCixYJwO3qukIfVSo+yPHRaowoAwgg2zMl6CvIhcPEig4X94sVO
uela2xKHWT1iR2lomEuQKewIFOiHLDV83dT/FBvTucxLHy3L/5XUIQ5B/WqVHAbU
Drvytf0JEuHGVMT3tnp5ZlKF/Thd1v+6pIwNAW7wevsKpiV8cFzI91gJGYsreVLN
yRrJ/hVLwo4Hm9AH7tq9nVgWQmAm3CYblo2tbmxRI/RuZF1xq7EUDKecuQtdW0L7
uzeJBjLDJ359Abu3DJq9Wm/xy3NpaFPm+nQXhGojHbLRH5G3jT/dvak4tWUfgpz+
wBJI0V2Ao2vAhA==
-----END CERTIFICATE-----