Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
File:                     C_TOA4nPk-LVfggvG-xh2oJy__E.mft (raw, json)
Hash identifier:          wJkHYm/+FF8uNMPLMfp0kfEzRfk68G7d2Q/KXOfebAM=
Subject key identifier:   F7:42:1F:B8:4A:FD:91:63:5D:67:DA:B4:C5:70:42:79:CE:B3:6C:27
Authority key identifier: 0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1
Certificate issuer:       /CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
Certificate serial:       019E1D225CC05326B0AE233F1FC0FFDA9BB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
Manifest number:          11D3
Signing time:             Tue 12 May 2026 17:00:51 +0000
Manifest this update:     Tue 12 May 2026 17:00:51 +0000
Manifest next update:     Wed 13 May 2026 17:00:51 +0000
Files and hashes:         1: C_TOA4nPk-LVfggvG-xh2oJy__E.crl (hash: /jtCLxE1hPD9MgsijhX5rpm/bvl9cwZd+Yb1liXh2Xg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:22:5c:c0:53:26:b0:ae:23:3f:1f:c0:ff:da:9b:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
        Validity
            Not Before: May 12 17:00:51 2026 GMT
            Not After : May 13 17:00:51 2026 GMT
        Subject: CN=f7421fb84afd91635d67dab4c5704279ceb36c27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:84:bc:c6:79:ba:3e:5d:29:90:41:25:60:8a:
                    c5:a8:95:1c:b0:43:ac:93:2e:3c:b3:74:d7:66:e1:
                    b3:6b:1b:47:1d:17:f5:4b:86:d0:55:53:d1:73:82:
                    fa:dd:96:77:4f:bb:03:09:8d:29:88:58:61:7b:f8:
                    ea:cf:e3:e2:1b:72:cf:e8:de:04:2a:c5:ef:37:05:
                    50:9a:0f:58:1e:dd:41:7a:58:8c:44:3c:8c:2c:b7:
                    40:80:28:ee:25:2b:7c:d4:9a:7c:14:2f:e8:fe:2a:
                    07:5d:e6:79:77:88:4d:09:7f:97:2f:ac:c1:cb:33:
                    be:2e:1b:0a:aa:16:e6:6f:94:a2:89:74:97:58:2a:
                    52:b7:07:0b:d6:c2:70:ec:12:48:99:72:00:30:85:
                    57:2c:78:3c:30:5c:13:f5:9d:12:70:38:84:ce:ee:
                    cd:b0:9a:e0:d2:39:59:fb:9b:78:17:f8:4b:83:d2:
                    49:cc:77:eb:94:c8:af:04:d5:53:4e:73:65:d8:88:
                    b5:2b:71:bb:5f:ff:c2:93:1c:b0:b4:2c:31:3b:24:
                    39:34:84:c7:d8:73:c2:fc:ea:8c:95:29:d2:a4:a4:
                    1b:9a:07:75:56:66:64:d0:2f:59:a4:11:5b:d2:4e:
                    80:37:ad:ce:27:e4:1f:bd:76:f1:8d:4c:41:55:54:
                    f9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:42:1F:B8:4A:FD:91:63:5D:67:DA:B4:C5:70:42:79:CE:B3:6C:27
            X509v3 Authority Key Identifier:
                keyid:0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:85:f0:9d:ae:33:92:a5:ef:32:63:e8:f1:23:08:49:4d:ce:
         c9:d7:3e:9a:f3:a4:d8:c5:84:ec:a3:6d:16:29:d9:1d:2d:fc:
         87:5a:fd:17:3e:44:7f:c0:32:a8:88:52:c9:ee:2c:b0:16:3b:
         7f:84:0f:42:09:9c:69:e5:73:a1:ff:08:72:7d:01:71:9b:0c:
         a2:d5:6e:a1:3e:14:63:bb:17:a6:b5:26:62:24:79:f0:77:de:
         55:54:6b:34:a2:2b:43:6e:e0:ef:c7:4c:22:e3:12:0e:82:0e:
         75:a3:04:b6:7d:8d:17:a3:14:dd:e7:07:f9:db:0f:69:99:0f:
         97:97:4f:84:9a:7f:a2:e3:61:3e:bc:e4:b5:3f:5c:d4:ca:df:
         8f:82:4e:70:e5:ab:a9:df:0a:fb:f4:66:a5:7c:ac:3a:b1:70:
         cc:90:dd:ce:24:d5:94:a9:c7:ff:92:4b:a1:ab:98:36:74:c3:
         01:84:fa:1d:33:3f:84:c2:2f:c1:1f:f9:bd:f1:38:1d:fe:a6:
         46:21:1f:d9:b4:59:ab:82:bb:cc:8e:b0:bb:11:51:f0:25:2c:
         04:ee:e5:d9:99:90:2f:93:d8:40:9c:c7:63:ef:c5:ab:ac:37:
         56:65:e4:cb:80:94:2c:7c:fa:17:cb:b4:5e:c0:68:6f:e9:e5:
         ce:d6:73:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dIlzAUyawriM/H8D/2pu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjRjZTAzODljZjkzZTJkNTdlMDgyZjFiZWM2MWRhODI3
MmZmZjEwHhcNMjYwNTEyMTcwMDUxWhcNMjYwNTEzMTcwMDUxWjAzMTEwLwYDVQQD
EyhmNzQyMWZiODRhZmQ5MTYzNWQ2N2RhYjRjNTcwNDI3OWNlYjM2YzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIS8xnm6Pl0pkEElYIrFqJUcsEOs
ky48s3TXZuGzaxtHHRf1S4bQVVPRc4L63ZZ3T7sDCY0piFhhe/jqz+PiG3LP6N4E
KsXvNwVQmg9YHt1BeliMRDyMLLdAgCjuJSt81Jp8FC/o/ioHXeZ5d4hNCX+XL6zB
yzO+LhsKqhbmb5SiiXSXWCpStwcL1sJw7BJImXIAMIVXLHg8MFwT9Z0ScDiEzu7N
sJrg0jlZ+5t4F/hLg9JJzHfrlMivBNVTTnNl2Ii1K3G7X//CkxywtCwxOyQ5NITH
2HPC/OqMlSnSpKQbmgd1VmZk0C9ZpBFb0k6AN63OJ+QfvXbxjUxBVVT5qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdCH7hK/ZFjXWfatMVwQnnOs2wnMB8GA1UdIwQY
MBaAFAv0zgOJz5Pi1X4ILxvsYdqCcv/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMt
NTYyOGZhZWZlMTFkLzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMtNTYyOGZhZWZlMTFk
LzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEIXwna4z
kqXvMmPo8SMISU3Oydc+mvOk2MWE7KNtFinZHS38h1r9Fz5Ef8AyqIhSye4ssBY7
f4QPQgmcaeVzof8Icn0BcZsMotVuoT4UY7sXprUmYiR58HfeVVRrNKIrQ27g78dM
IuMSDoIOdaMEtn2NF6MU3ecH+dsPaZkPl5dPhJp/ouNhPrzktT9c1Mrfj4JOcOWr
qd8K+/RmpXysOrFwzJDdziTVlKnH/5JLoauYNnTDAYT6HTM/hMIvwR/5vfE4Hf6m
RiEf2bRZq4K7zI6wuxFR8CUsBO7l2ZmQL5PYQJzHY+/Fq6w3VmXky4CULHz6F8u0
XsBob+nlztZzew==
-----END CERTIFICATE-----