Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft
File:                     tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft (raw, json)
Hash identifier:          Rmu8eYPOcLS65492D4ItFsgLF62pkJwB4/WoupVhBuA=
Subject key identifier:   FF:09:D2:3C:6A:9B:9A:5D:C0:DE:8B:2D:A1:A7:12:33:71:9B:F1:23
Authority key identifier: B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B
Certificate issuer:       /CN=b66c4985cd60643220e064a2e114d78f5b039c2b
Certificate serial:       019D26CCB12F6C04CC591521239A57E17B39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft
Manifest number:          0AD3
Signing time:             Wed 25 Mar 2026 21:00:41 +0000
Manifest this update:     Wed 25 Mar 2026 21:00:41 +0000
Manifest next update:     Thu 26 Mar 2026 21:00:41 +0000
Files and hashes:         1: tmxJhc1gZDIg4GSi4RTXj1sDnCs.crl (hash: /UpFeqRkHqlK+yPMtQrMPWGMjkU1imb3KSj5Ioh/reI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:b1:2f:6c:04:cc:59:15:21:23:9a:57:e1:7b:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b66c4985cd60643220e064a2e114d78f5b039c2b
        Validity
            Not Before: Mar 25 21:00:41 2026 GMT
            Not After : Mar 26 21:00:41 2026 GMT
        Subject: CN=ff09d23c6a9b9a5dc0de8b2da1a71233719bf123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:72:39:ca:2d:97:d4:3f:9c:3a:d4:23:d1:09:
                    f4:4a:05:e4:74:33:5e:03:74:1d:58:80:d9:1d:09:
                    53:ad:b3:62:ac:ce:a0:e9:3c:7a:2c:7e:b5:6a:46:
                    2d:84:b1:54:0a:80:7c:f6:37:71:44:aa:c2:17:aa:
                    8c:3c:14:02:3f:2f:dc:63:74:17:d8:e4:d9:cc:b7:
                    eb:29:97:ae:53:99:b8:dc:b7:2e:ab:a5:9a:36:77:
                    03:16:89:52:9e:74:d9:00:c3:1c:0e:98:a2:77:55:
                    bd:32:20:d4:45:6e:e7:a6:9d:81:2f:19:f8:51:b2:
                    6b:46:0b:b2:dd:73:11:83:c7:cd:93:8d:96:bc:f3:
                    e4:3c:62:2c:ce:e7:89:b9:06:21:f2:04:b1:ea:3f:
                    f0:36:b9:24:39:13:fd:e5:8e:34:12:df:5a:0c:1f:
                    8d:61:13:98:9f:42:8d:08:cc:db:ed:0a:51:12:23:
                    0c:2a:4c:44:5d:7f:f0:04:70:dc:12:e8:fe:08:5a:
                    7f:4d:e9:72:99:94:11:40:f3:72:9a:1c:8f:2d:27:
                    1b:59:1d:d9:00:f5:6a:2d:d0:16:45:e7:99:02:63:
                    88:c7:1a:af:95:75:1d:5e:89:ea:f9:ef:76:c9:c2:
                    05:3e:c6:29:9d:58:9f:86:8d:2e:8c:de:c1:d0:0f:
                    cd:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:09:D2:3C:6A:9B:9A:5D:C0:DE:8B:2D:A1:A7:12:33:71:9B:F1:23
            X509v3 Authority Key Identifier:
                keyid:B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:c4:75:21:c7:f1:83:86:9c:2e:48:fb:d7:ca:be:1a:3a:d0:
         db:b6:e0:85:66:40:4e:d8:a0:1a:8a:41:71:44:41:db:96:c2:
         60:02:8d:0b:b8:80:d0:03:41:d1:68:19:0e:87:5e:93:69:94:
         87:8f:93:dc:96:f3:c5:e5:d9:cc:4f:0f:3d:b8:9c:50:f8:a9:
         8f:75:80:35:ac:a7:16:d8:df:d5:19:2d:5e:ce:30:29:86:22:
         46:6f:51:dc:b2:5f:81:0d:b0:e1:5c:58:2a:58:f8:29:f8:43:
         48:f8:b6:6e:58:ad:14:d8:d7:9b:27:e0:9a:7e:3e:17:08:17:
         ce:5a:68:ec:e8:a3:ac:e7:1e:89:a4:2b:8c:f4:9b:e4:31:c8:
         79:55:3e:ac:8c:bf:e0:41:e7:9e:6a:14:1d:1f:c2:e9:2b:6a:
         ec:f3:6c:f3:99:a2:5b:88:0b:a5:81:be:08:f6:b1:66:91:50:
         5c:e4:2e:3a:e2:d9:f6:55:c7:6c:ec:4f:ab:60:a3:b4:d1:96:
         35:b8:64:fc:64:93:97:19:d3:4f:2a:3c:0d:80:63:31:14:c1:
         41:4e:49:84:be:ff:5c:e2:5a:8d:79:be:bb:4d:b7:de:be:7f:
         1e:57:e4:b9:f4:44:85:3d:9c:00:15:00:39:30:2e:20:f9:d6:
         f9:57:eb:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzLEvbATMWRUhI5pX4Xs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmM0OTg1Y2Q2MDY0MzIyMGUwNjRhMmUxMTRkNzhmNWIw
MzljMmIwHhcNMjYwMzI1MjEwMDQxWhcNMjYwMzI2MjEwMDQxWjAzMTEwLwYDVQQD
EyhmZjA5ZDIzYzZhOWI5YTVkYzBkZThiMmRhMWE3MTIzMzcxOWJmMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HI5yi2X1D+cOtQj0Qn0SgXkdDNe
A3QdWIDZHQlTrbNirM6g6Tx6LH61akYthLFUCoB89jdxRKrCF6qMPBQCPy/cY3QX
2OTZzLfrKZeuU5m43Lcuq6WaNncDFolSnnTZAMMcDpiid1W9MiDURW7npp2BLxn4
UbJrRguy3XMRg8fNk42WvPPkPGIszueJuQYh8gSx6j/wNrkkORP95Y40Et9aDB+N
YROYn0KNCMzb7QpREiMMKkxEXX/wBHDcEuj+CFp/TelymZQRQPNymhyPLScbWR3Z
APVqLdAWReeZAmOIxxqvlXUdXonq+e92ycIFPsYpnVifho0ujN7B0A/NIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8J0jxqm5pdwN6LLaGnEjNxm/EjMB8GA1UdIwQY
MBaAFLZsSYXNYGQyIOBkouEU149bA5wrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG14SmhjMWdaRElnNEdTaTRSVFhqMXNEbkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xZDBjMzktMjU1NS00NjhmLWJlNjYt
ZmY5YmFiOTBhZjE4LzEvdG14SmhjMWdaRElnNEdTaTRSVFhqMXNEbkNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xZDBjMzktMjU1NS00NjhmLWJlNjYtZmY5YmFiOTBhZjE4
LzEvdG14SmhjMWdaRElnNEdTaTRSVFhqMXNEbkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAccR1Icfx
g4acLkj718q+GjrQ27bghWZATtigGopBcURB25bCYAKNC7iA0ANB0WgZDodek2mU
h4+T3JbzxeXZzE8PPbicUPipj3WANaynFtjf1RktXs4wKYYiRm9R3LJfgQ2w4VxY
Klj4KfhDSPi2blitFNjXmyfgmn4+FwgXzlpo7OijrOceiaQrjPSb5DHIeVU+rIy/
4EHnnmoUHR/C6Stq7PNs85miW4gLpYG+CPaxZpFQXOQuOuLZ9lXHbOxPq2CjtNGW
Nbhk/GSTlxnTTyo8DYBjMRTBQU5JhL7/XOJajXm+u0233r5/HlfkufREhT2cABUA
OTAuIPnW+VfrQw==
-----END CERTIFICATE-----