Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          aSScTtAnIHZvbnSWnJCTSBlkV10lIDBPwO5Acffje5U=
Subject key identifier:   5A:5B:CD:37:BD:4A:6C:81:AC:5C:FE:0F:AF:9E:4F:02:3C:6D:51:7A
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       019D2AE0EB3D11912FB36C52745BDAA71087
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          09F8
Signing time:             Thu 26 Mar 2026 16:01:16 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:16 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:16 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: wr5EdaLWuJGuzX28GfitjJdJ1t3anHdv9YPe41WAAUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:eb:3d:11:91:2f:b3:6c:52:74:5b:da:a7:10:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Mar 26 16:01:16 2026 GMT
            Not After : Mar 27 16:01:16 2026 GMT
        Subject: CN=5a5bcd37bd4a6c81ac5cfe0faf9e4f023c6d517a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3f:c4:ea:a3:1c:fe:58:b6:f6:a9:a4:e6:c9:
                    df:a9:1c:dc:7b:65:7d:29:92:7b:a3:ea:14:58:a7:
                    5b:bd:f9:47:35:7c:ac:35:55:c3:10:c9:58:55:05:
                    41:7b:cb:f0:f5:39:b2:a7:91:b4:6c:68:85:d1:5e:
                    97:97:bb:e1:2d:97:77:30:97:91:b8:c9:0d:ee:cc:
                    8d:84:88:5a:19:d2:f3:b9:fb:26:ae:51:6b:77:d4:
                    bf:1d:20:b5:a9:90:07:dc:2a:ab:99:80:46:bc:43:
                    8a:f8:d7:fa:ed:b7:7f:4a:a8:bc:11:0c:a8:e2:9a:
                    99:5e:f6:75:0f:03:1d:5d:df:f3:d8:84:fa:1a:75:
                    2e:12:3c:e7:92:50:fa:8f:c6:c5:8a:b6:50:a9:f7:
                    8d:e2:ed:71:8e:e4:c0:92:9f:a6:c6:71:43:f1:9c:
                    8f:a9:a1:e6:be:78:d1:27:07:6b:ec:85:13:b1:d7:
                    63:31:d2:6c:84:6e:73:b8:e1:58:2c:aa:89:43:a8:
                    bf:c0:15:cc:f3:d3:1b:30:54:c7:56:c0:f6:9f:85:
                    82:c2:7a:46:f3:8a:1e:ed:f7:fa:db:b7:1a:45:9d:
                    66:84:59:dc:84:cc:29:6b:df:95:7c:f6:1a:3f:48:
                    3a:da:2c:f0:73:a2:09:20:89:44:ba:a8:2b:04:d5:
                    85:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:5B:CD:37:BD:4A:6C:81:AC:5C:FE:0F:AF:9E:4F:02:3C:6D:51:7A
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:87:b1:7d:00:cd:da:ac:98:38:8c:df:ea:4a:df:c3:e5:14:
         8b:d9:a9:c8:27:66:b5:59:5c:b3:a7:3e:76:33:2f:38:2f:85:
         05:30:b5:ea:1e:bb:37:6b:d8:34:b7:99:09:6e:7c:7b:36:81:
         8f:76:f3:00:25:97:cc:6d:13:60:b8:47:95:09:57:c0:7b:11:
         59:23:77:d5:a2:81:7f:66:6b:83:41:53:75:54:fa:97:95:85:
         43:da:c6:7a:aa:b8:6a:bc:da:e4:37:f9:f9:5c:f4:e7:77:e0:
         d6:0c:db:1a:c3:b5:c3:ff:d4:c3:fa:1b:56:2a:40:4d:64:f4:
         4c:db:de:60:91:be:b5:a3:36:28:a9:c8:06:8a:c1:fa:89:72:
         a6:ee:f1:5c:c3:bb:9e:9e:0f:29:2b:27:68:5a:a2:f7:be:9d:
         c1:27:74:4b:df:9b:51:a5:06:24:f1:9c:7e:7a:9d:a2:0a:65:
         23:7b:6b:31:59:a2:e2:d1:b0:18:6e:a1:ff:83:bf:6f:3a:19:
         c2:01:9f:33:12:e4:63:d3:25:22:fc:f9:52:4b:30:44:db:68:
         fb:00:d3:66:a9:1a:93:72:37:8d:16:bc:56:0f:92:39:d6:66:
         69:15:94:b3:eb:9d:d7:76:ea:a8:f6:12:50:dc:10:93:f6:7a:
         04:e3:8d:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4Os9EZEvs2xSdFvapxCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjYwMzI2MTYwMTE2WhcNMjYwMzI3MTYwMTE2WjAzMTEwLwYDVQQD
Eyg1YTViY2QzN2JkNGE2YzgxYWM1Y2ZlMGZhZjllNGYwMjNjNmQ1MTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T/E6qMc/li29qmk5snfqRzce2V9
KZJ7o+oUWKdbvflHNXysNVXDEMlYVQVBe8vw9Tmyp5G0bGiF0V6Xl7vhLZd3MJeR
uMkN7syNhIhaGdLzufsmrlFrd9S/HSC1qZAH3CqrmYBGvEOK+Nf67bd/Sqi8EQyo
4pqZXvZ1DwMdXd/z2IT6GnUuEjznklD6j8bFirZQqfeN4u1xjuTAkp+mxnFD8ZyP
qaHmvnjRJwdr7IUTsddjMdJshG5zuOFYLKqJQ6i/wBXM89MbMFTHVsD2n4WCwnpG
84oe7ff627caRZ1mhFnchMwpa9+VfPYaP0g62izwc6IJIIlEuqgrBNWFJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpbzTe9SmyBrFz+D6+eTwI8bVF6MB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApIexfQDN
2qyYOIzf6krfw+UUi9mpyCdmtVlcs6c+djMvOC+FBTC16h67N2vYNLeZCW58ezaB
j3bzACWXzG0TYLhHlQlXwHsRWSN31aKBf2Zrg0FTdVT6l5WFQ9rGeqq4arza5Df5
+Vz053fg1gzbGsO1w//Uw/obVipATWT0TNveYJG+taM2KKnIBorB+olypu7xXMO7
np4PKSsnaFqi976dwSd0S9+bUaUGJPGcfnqdogplI3trMVmi4tGwGG6h/4O/bzoZ
wgGfMxLkY9MlIvz5UkswRNto+wDTZqkak3I3jRa8Vg+SOdZmaRWUs+ud13bqqPYS
UNwQk/Z6BOON2g==
-----END CERTIFICATE-----