Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          yikx+II7BA3JcWABEKo/iWro+vOvOFKW7Q/RphGh5s4=
Subject key identifier:   37:E8:ED:83:3E:11:20:06:62:94:BC:70:7D:94:90:C6:7F:B6:A7:4D
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       019D27047A66F29CB956DD8A65C5CDE2EFEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          1885
Signing time:             Wed 25 Mar 2026 22:01:37 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:37 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:37 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: 5xyWQ5m/S5O7pOXxw3RpAl+yb7qZwzq7B9uPHzWiNzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:7a:66:f2:9c:b9:56:dd:8a:65:c5:cd:e2:ef:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Mar 25 22:01:37 2026 GMT
            Not After : Mar 26 22:01:37 2026 GMT
        Subject: CN=37e8ed833e1120066294bc707d9490c67fb6a74d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f1:08:57:90:54:ba:ba:30:4b:13:a7:ae:84:
                    7f:96:9d:d7:7d:79:a8:b6:95:bd:c9:18:83:b0:8a:
                    47:f3:a8:f4:71:f7:a7:34:52:62:40:b8:9a:cf:be:
                    43:24:d1:b2:fb:12:d5:46:b1:da:f0:f8:7c:29:a9:
                    b6:6f:15:01:83:08:8e:ac:aa:f1:24:d2:dc:12:fe:
                    c9:df:a9:45:6a:5f:0a:91:33:94:7c:cb:7a:49:a9:
                    65:40:09:61:c7:5a:93:5b:c9:d1:f2:0b:31:ea:bb:
                    dd:40:bd:a1:cd:3f:22:85:c5:a6:c4:8d:5e:17:23:
                    88:f0:80:b4:c8:c6:16:b3:44:dd:e7:86:1e:48:b9:
                    b6:88:07:6d:4f:e5:80:00:09:29:cb:a8:bf:d2:35:
                    cc:d7:0e:0f:be:8a:1d:40:86:62:3e:61:2c:a4:3c:
                    29:40:1c:e9:9e:ee:65:d8:5c:32:9f:44:30:04:c7:
                    f7:9f:00:47:bb:a2:23:ca:91:51:24:bd:c6:43:05:
                    ae:a1:2a:1d:05:ec:53:fe:b8:a6:99:c2:1a:28:13:
                    e3:6e:2a:41:8a:f1:bb:ec:a9:c5:f2:f1:f3:90:23:
                    01:87:15:ab:42:f2:d9:89:87:b0:a8:4a:23:1e:19:
                    5f:49:bc:1c:4c:e6:33:17:82:1b:78:89:14:13:4a:
                    8d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E8:ED:83:3E:11:20:06:62:94:BC:70:7D:94:90:C6:7F:B6:A7:4D
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:64:14:1b:ec:e3:91:60:17:41:41:bc:16:c3:7d:8b:be:8f:
         44:ff:38:59:64:d2:7c:f1:fa:3f:0b:0f:6e:70:70:e4:53:6f:
         3b:85:f3:2a:d8:1d:7b:88:86:b3:bc:25:b9:80:a5:f5:13:e2:
         c3:00:d5:f6:e6:34:8f:8c:c3:ad:8b:29:7f:c2:42:72:dd:d8:
         f2:e9:e9:ee:27:8a:ac:02:de:fe:20:f9:f3:ac:f2:84:bd:35:
         a9:c3:13:6b:31:bd:58:c2:23:bd:e6:01:d4:68:0f:7e:70:27:
         7f:6c:32:ff:44:f2:88:ff:64:29:c2:87:81:92:b1:41:e7:2d:
         b0:73:f7:a7:c4:85:d3:fe:43:eb:9b:ab:79:65:a4:4e:9e:54:
         01:09:b3:fe:8d:e2:88:3e:75:9e:23:35:65:36:be:10:89:65:
         31:1e:84:2f:43:d8:59:6f:4f:d4:91:d5:1b:2f:a7:ac:24:9d:
         8e:49:e2:27:a5:fd:31:2d:f4:e8:87:62:f4:76:1c:01:ee:51:
         f0:71:d9:0a:2d:b8:59:f6:ff:62:e5:dc:da:55:51:d5:9f:75:
         2d:5e:49:f9:a5:f8:b2:ad:ff:ff:07:ca:14:ed:db:cb:f1:25:
         51:5e:b0:a1:64:63:b4:7b:a4:e4:76:8c:c3:ef:ed:0c:66:00:
         e0:a3:5e:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHpm8py5Vt2KZcXN4u/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjYwMzI1MjIwMTM3WhcNMjYwMzI2MjIwMTM3WjAzMTEwLwYDVQQD
EygzN2U4ZWQ4MzNlMTEyMDA2NjI5NGJjNzA3ZDk0OTBjNjdmYjZhNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvEIV5BUurowSxOnroR/lp3XfXmo
tpW9yRiDsIpH86j0cfenNFJiQLiaz75DJNGy+xLVRrHa8Ph8Kam2bxUBgwiOrKrx
JNLcEv7J36lFal8KkTOUfMt6SallQAlhx1qTW8nR8gsx6rvdQL2hzT8ihcWmxI1e
FyOI8IC0yMYWs0Td54YeSLm2iAdtT+WAAAkpy6i/0jXM1w4PvoodQIZiPmEspDwp
QBzpnu5l2Fwyn0QwBMf3nwBHu6IjypFRJL3GQwWuoSodBexT/rimmcIaKBPjbipB
ivG77KnF8vHzkCMBhxWrQvLZiYewqEojHhlfSbwcTOYzF4IbeIkUE0qNUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfo7YM+ESAGYpS8cH2UkMZ/tqdNMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATmQUG+zj
kWAXQUG8FsN9i76PRP84WWTSfPH6PwsPbnBw5FNvO4XzKtgde4iGs7wluYCl9RPi
wwDV9uY0j4zDrYspf8JCct3Y8unp7ieKrALe/iD586zyhL01qcMTazG9WMIjveYB
1GgPfnAnf2wy/0TyiP9kKcKHgZKxQectsHP3p8SF0/5D65ureWWkTp5UAQmz/o3i
iD51niM1ZTa+EIllMR6EL0PYWW9P1JHVGy+nrCSdjkniJ6X9MS306Idi9HYcAe5R
8HHZCi24Wfb/YuXc2lVR1Z91LV5J+aX4sq3//wfKFO3by/ElUV6woWRjtHuk5HaM
w+/tDGYA4KNeJA==
-----END CERTIFICATE-----