Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
File:                     C_TOA4nPk-LVfggvG-xh2oJy__E.mft (raw, json)
Hash identifier:          88r6KX9Zw4MVQEAjVNBmVCoivdNuLrTfL2EaNXIhIMs=
Subject key identifier:   11:5C:48:46:D5:91:B6:04:91:76:ED:92:35:4C:B3:BC:22:99:5F:87
Authority key identifier: 0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1
Certificate issuer:       /CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
Certificate serial:       019D27DF703BFA7088BA5E64FE3898F72419
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
Manifest number:          1154
Signing time:             Thu 26 Mar 2026 02:00:47 +0000
Manifest this update:     Thu 26 Mar 2026 02:00:47 +0000
Manifest next update:     Fri 27 Mar 2026 02:00:47 +0000
Files and hashes:         1: C_TOA4nPk-LVfggvG-xh2oJy__E.crl (hash: qyNSUDIck2TvawLwhSs0j9RhzW2oQFtlW2VKWB9k2vI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:70:3b:fa:70:88:ba:5e:64:fe:38:98:f7:24:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bf4ce0389cf93e2d57e082f1bec61da8272fff1
        Validity
            Not Before: Mar 26 02:00:47 2026 GMT
            Not After : Mar 27 02:00:47 2026 GMT
        Subject: CN=115c4846d591b6049176ed92354cb3bc22995f87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:3b:49:ab:fd:8f:f0:a2:0c:eb:92:4b:44:69:
                    57:0c:24:37:db:5a:0b:3e:80:d0:c6:07:6d:ea:f6:
                    d8:f0:dc:7e:1a:e8:0c:80:e0:26:19:13:71:59:4f:
                    83:a0:f4:93:00:e0:38:d9:0c:ef:d6:2a:40:bf:e0:
                    41:fe:ed:30:b0:8b:60:44:8f:bb:05:13:17:f7:eb:
                    16:da:8c:51:10:e1:66:46:77:22:0b:57:a7:6a:31:
                    d2:d7:4b:a7:27:e3:f9:98:95:a3:e9:33:ff:ec:e5:
                    2c:03:14:ec:0d:e8:b1:d7:0f:cb:01:53:1c:90:6b:
                    cd:05:e9:df:e3:bc:11:a6:06:0f:ce:34:2e:98:04:
                    b7:2c:6d:aa:9a:98:aa:83:f6:e9:17:85:0a:f5:d3:
                    95:74:0f:bd:52:1a:d5:f4:6d:1b:a4:67:47:68:a2:
                    10:19:ae:3c:e1:81:b3:4b:72:ca:cf:94:55:97:4b:
                    c0:51:e2:b7:91:6f:be:3f:09:b8:ef:c2:01:87:fd:
                    61:1f:6f:71:4a:68:c4:ae:8d:ef:91:82:28:89:49:
                    0a:c8:0d:a4:5e:9e:b8:d6:ae:07:27:1b:78:91:ca:
                    7d:30:28:77:19:d5:73:c6:c6:9c:68:62:e8:5b:ab:
                    7d:a2:b9:56:64:3e:b7:24:17:2a:75:ac:bf:e3:94:
                    14:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:5C:48:46:D5:91:B6:04:91:76:ED:92:35:4C:B3:BC:22:99:5F:87
            X509v3 Authority Key Identifier:
                keyid:0B:F4:CE:03:89:CF:93:E2:D5:7E:08:2F:1B:EC:61:DA:82:72:FF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_TOA4nPk-LVfggvG-xh2oJy__E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3ac783-9fab-4623-894c-5628faefe11d/1/C_TOA4nPk-LVfggvG-xh2oJy__E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:99:20:a8:53:34:3f:2f:c6:ee:52:3f:1e:ab:9e:f1:8e:d4:
         96:12:8f:aa:76:d8:ab:c3:a1:65:51:3a:df:da:3c:dd:f8:a8:
         15:80:0b:ab:43:d5:a3:db:b5:87:43:80:06:17:38:e0:23:35:
         a9:1f:c8:9f:62:19:cb:ef:d4:db:10:a7:fe:0c:30:b0:f0:9c:
         69:ea:7b:33:da:70:a8:89:f5:44:74:a8:52:e1:5d:10:ed:25:
         60:63:ff:c6:e7:0a:e9:9b:49:a4:50:bf:e7:75:70:bc:2a:60:
         40:8a:ec:4f:37:e8:c0:c8:8a:6a:34:08:aa:8e:9f:45:2b:9d:
         94:2b:8a:56:74:17:2e:b8:21:49:95:f6:e4:87:ec:0b:32:52:
         51:ca:7a:d0:d6:c9:be:83:46:a2:3c:3b:1b:2d:58:77:0b:9e:
         15:57:64:cb:27:81:cc:bc:d0:4c:bc:7e:e7:92:08:ab:c6:6e:
         dd:1e:6f:83:b9:96:2c:65:24:3d:c1:6c:70:79:73:90:35:e3:
         2d:2d:af:29:dc:6a:5d:e9:c6:bf:0d:b6:c3:b8:3f:b3:5b:f7:
         15:d8:6a:b7:2b:01:3a:f4:e7:43:a9:4d:4b:f5:f2:0f:a5:32:
         a7:25:9a:d5:ef:8f:f1:47:67:fc:a5:0a:20:89:a5:06:ea:ca:
         4f:12:08:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n33A7+nCIul5k/jiY9yQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjRjZTAzODljZjkzZTJkNTdlMDgyZjFiZWM2MWRhODI3
MmZmZjEwHhcNMjYwMzI2MDIwMDQ3WhcNMjYwMzI3MDIwMDQ3WjAzMTEwLwYDVQQD
EygxMTVjNDg0NmQ1OTFiNjA0OTE3NmVkOTIzNTRjYjNiYzIyOTk1Zjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TtJq/2P8KIM65JLRGlXDCQ321oL
PoDQxgdt6vbY8Nx+GugMgOAmGRNxWU+DoPSTAOA42Qzv1ipAv+BB/u0wsItgRI+7
BRMX9+sW2oxREOFmRnciC1enajHS10unJ+P5mJWj6TP/7OUsAxTsDeix1w/LAVMc
kGvNBenf47wRpgYPzjQumAS3LG2qmpiqg/bpF4UK9dOVdA+9UhrV9G0bpGdHaKIQ
Ga484YGzS3LKz5RVl0vAUeK3kW++Pwm478IBh/1hH29xSmjEro3vkYIoiUkKyA2k
Xp641q4HJxt4kcp9MCh3GdVzxsacaGLoW6t9orlWZD63JBcqday/45QU6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFcSEbVkbYEkXbtkjVMs7wimV+HMB8GA1UdIwQY
MBaAFAv0zgOJz5Pi1X4ILxvsYdqCcv/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMt
NTYyOGZhZWZlMTFkLzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYWM3ODMtOWZhYi00NjIzLTg5NGMtNTYyOGZhZWZlMTFk
LzEvQ19UT0E0blBrLUxWZmdndkcteGgyb0p5X19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK5kgqFM0
Py/G7lI/Hque8Y7UlhKPqnbYq8OhZVE639o83fioFYALq0PVo9u1h0OABhc44CM1
qR/In2IZy+/U2xCn/gwwsPCcaep7M9pwqIn1RHSoUuFdEO0lYGP/xucK6ZtJpFC/
53VwvCpgQIrsTzfowMiKajQIqo6fRSudlCuKVnQXLrghSZX25IfsCzJSUcp60NbJ
voNGojw7Gy1YdwueFVdkyyeBzLzQTLx+55IIq8Zu3R5vg7mWLGUkPcFscHlzkDXj
LS2vKdxqXenGvw22w7g/s1v3FdhqtysBOvTnQ6lNS/XyD6UypyWa1e+P8Udn/KUK
IImlBurKTxIIrg==
-----END CERTIFICATE-----