Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          Dp5HvZNpnnK4QdMs3dOlO21a4f1obdiSlWY/n9FAAFY=
Subject key identifier:   C0:15:1E:DB:0B:CB:D2:BC:23:61:7B:51:0A:A4:F6:BA:80:92:FF:EE
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       019D29CDCA8F09B5584ABA51414CC1EEEB5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          057C
Signing time:             Thu 26 Mar 2026 11:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 11:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 11:00:45 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: JDef9UdvDx+e/TLjGf2NX/e38f5uKe5I8NWFCgzPnls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:cd:ca:8f:09:b5:58:4a:ba:51:41:4c:c1:ee:eb:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Mar 26 11:00:45 2026 GMT
            Not After : Mar 27 11:00:45 2026 GMT
        Subject: CN=c0151edb0bcbd2bc23617b510aa4f6ba8092ffee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:09:a0:2b:72:12:16:90:65:ff:c9:65:da:a5:
                    99:97:d7:c8:f6:e1:64:85:39:cc:3d:ae:d7:00:21:
                    31:d5:3e:a6:61:c6:f2:f1:1a:83:e4:1b:28:ad:88:
                    4a:c2:20:50:03:79:3d:5a:be:31:29:dd:74:b9:4d:
                    b1:4b:26:7b:8b:f7:62:92:0e:49:46:bf:48:ba:67:
                    84:54:c3:d7:1a:a4:8b:97:14:d1:09:d2:a3:c8:a5:
                    85:df:fa:1a:09:c1:1c:3f:f5:cb:5d:43:72:37:a6:
                    da:2e:78:91:e5:d1:96:5a:6a:f1:5c:01:a4:ce:8b:
                    24:92:54:9b:ad:31:e4:ce:59:61:17:98:52:37:fe:
                    3f:c5:5a:8b:17:43:f5:f7:ef:f0:44:3f:c8:96:f6:
                    19:bc:01:3b:53:c7:81:97:1f:1a:46:59:9a:f6:92:
                    f2:91:50:e7:86:32:61:5e:14:2b:ff:9a:aa:ec:37:
                    a2:81:20:1e:dc:85:7d:f9:fc:a5:85:0d:6d:b6:f2:
                    fa:2c:33:92:d9:3e:55:49:36:f0:31:0e:00:62:65:
                    ef:bd:05:29:7e:ce:c8:0f:1d:00:30:7f:8b:1b:2d:
                    2f:d8:3c:3c:cc:da:33:77:7d:de:1f:6d:49:67:68:
                    e2:6b:39:d3:68:f7:32:25:bb:85:19:c0:f5:c4:11:
                    e7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:15:1E:DB:0B:CB:D2:BC:23:61:7B:51:0A:A4:F6:BA:80:92:FF:EE
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:a2:6c:06:f6:14:6a:7e:6e:3e:a1:bb:8f:71:2f:a0:d6:d4:
         a8:18:94:07:73:c3:17:38:f0:c5:16:c1:c6:49:43:92:d9:72:
         6b:f8:e3:33:7c:86:30:7c:de:6b:72:6a:24:f5:fe:0c:6c:38:
         17:68:31:74:f1:ac:22:25:31:e6:93:e1:30:67:40:31:5c:ca:
         b2:2b:9f:52:12:0b:9c:5e:93:cb:e8:ad:46:8e:bc:83:4d:6c:
         bd:26:6a:10:d4:3a:ca:74:3b:34:77:85:fc:3e:0a:20:19:8c:
         b4:87:1b:5d:d7:21:0e:04:23:ec:9f:39:15:5a:9f:21:de:17:
         e4:d0:6d:96:29:67:c4:98:e3:cf:63:03:2d:5f:7f:73:9c:e7:
         a7:a7:af:c4:c5:86:41:37:41:20:36:ae:7d:e8:03:3c:9e:15:
         d7:7d:af:5b:61:ea:8b:f2:99:01:29:d5:19:79:e8:13:89:1b:
         7e:c5:48:ec:c5:53:32:da:91:b5:b3:40:72:d7:18:db:a5:f9:
         09:2b:3e:e7:34:8e:1b:5d:81:39:04:28:d2:31:24:bf:49:07:
         b9:a7:e9:35:43:a4:c2:ef:df:19:f7:ea:2c:b2:c7:c0:21:9d:
         5a:86:e4:32:6d:c2:0c:d6:e3:8d:82:dc:8e:73:a6:c6:fb:8d:
         91:4c:3b:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzcqPCbVYSrpRQUzB7utaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjYwMzI2MTEwMDQ1WhcNMjYwMzI3MTEwMDQ1WjAzMTEwLwYDVQQD
EyhjMDE1MWVkYjBiY2JkMmJjMjM2MTdiNTEwYWE0ZjZiYTgwOTJmZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AmgK3ISFpBl/8ll2qWZl9fI9uFk
hTnMPa7XACEx1T6mYcby8RqD5BsorYhKwiBQA3k9Wr4xKd10uU2xSyZ7i/dikg5J
Rr9IumeEVMPXGqSLlxTRCdKjyKWF3/oaCcEcP/XLXUNyN6baLniR5dGWWmrxXAGk
zoskklSbrTHkzllhF5hSN/4/xVqLF0P19+/wRD/IlvYZvAE7U8eBlx8aRlma9pLy
kVDnhjJhXhQr/5qq7DeigSAe3IV9+fylhQ1ttvL6LDOS2T5VSTbwMQ4AYmXvvQUp
fs7IDx0AMH+LGy0v2Dw8zNozd33eH21JZ2jiaznTaPcyJbuFGcD1xBHnGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAVHtsLy9K8I2F7UQqk9rqAkv/uMB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfaJsBvYU
an5uPqG7j3EvoNbUqBiUB3PDFzjwxRbBxklDktlya/jjM3yGMHzea3JqJPX+DGw4
F2gxdPGsIiUx5pPhMGdAMVzKsiufUhILnF6Ty+itRo68g01svSZqENQ6ynQ7NHeF
/D4KIBmMtIcbXdchDgQj7J85FVqfId4X5NBtlilnxJjjz2MDLV9/c5znp6evxMWG
QTdBIDaufegDPJ4V132vW2Hqi/KZASnVGXnoE4kbfsVI7MVTMtqRtbNActcY26X5
CSs+5zSOG12BOQQo0jEkv0kHuafpNUOkwu/fGffqLLLHwCGdWobkMm3CDNbjjYLc
jnOmxvuNkUw7Ow==
-----END CERTIFICATE-----