Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          n5R0o68n+X16DyrhGBz5M8G1Qs0Kvb79azZcOuB06Wc=
Subject key identifier:   C2:A1:FF:1C:5C:E4:E3:49:F6:7A:4C:6F:60:EF:A6:63:99:DF:2B:D5
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019D2996E9D86349971CAEDF5014498B6495
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          1555
Signing time:             Thu 26 Mar 2026 10:00:49 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:49 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:49 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: +/10M/yo8DJmzXQEp0dS7gSH3nt6Q6MKYJNUI+2ZXHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:e9:d8:63:49:97:1c:ae:df:50:14:49:8b:64:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Mar 26 10:00:49 2026 GMT
            Not After : Mar 27 10:00:49 2026 GMT
        Subject: CN=c2a1ff1c5ce4e349f67a4c6f60efa66399df2bd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:69:21:c1:d1:20:96:3d:4a:83:96:f9:c4:92:
                    ab:e9:88:80:00:53:1d:11:49:ac:e9:14:86:c6:20:
                    76:eb:e1:be:5e:f7:ae:29:15:c6:02:54:b3:46:67:
                    92:c8:36:ee:b3:87:af:74:57:c9:38:2f:d0:6b:e2:
                    9c:d3:1b:21:aa:85:77:ad:9b:43:57:5d:36:a9:27:
                    cb:ee:cf:3b:92:ba:70:2d:9c:f5:9e:a9:e3:8e:10:
                    b6:68:95:0f:72:34:cb:2e:09:df:97:42:ad:0e:94:
                    a8:c4:41:1f:09:84:90:d5:df:dd:0a:42:d1:82:82:
                    c1:c0:ff:15:2f:b6:56:6e:eb:cf:b6:c1:54:2f:de:
                    ab:42:69:68:d2:cb:a7:17:91:5c:f5:f7:c3:c7:64:
                    74:48:5d:bb:24:68:64:cd:3c:2d:d2:cc:f4:ec:a9:
                    01:c8:38:58:c2:e0:8f:bb:13:97:1e:34:4d:cc:e7:
                    7e:ac:05:af:0c:1d:ff:0b:a0:05:88:67:ec:7e:e4:
                    a2:c8:7c:c6:70:2e:74:20:44:4e:6b:b5:27:6b:b8:
                    94:76:72:00:cb:7c:60:0a:77:b0:91:95:c3:73:e1:
                    2d:34:73:7a:e1:88:5a:0d:71:2d:c6:db:e1:2e:68:
                    de:2d:cc:ba:a2:0e:a1:39:d1:19:6b:00:54:af:ab:
                    89:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:A1:FF:1C:5C:E4:E3:49:F6:7A:4C:6F:60:EF:A6:63:99:DF:2B:D5
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:1c:27:e2:c9:16:27:9a:0e:64:35:af:17:4d:fe:6a:1a:1e:
         9d:48:7e:5d:1f:f4:c1:0a:77:ef:f0:9d:1d:59:2d:22:5d:b3:
         2b:7f:f5:a6:52:b3:99:44:a6:52:55:d6:66:f8:94:66:2d:5b:
         2e:f2:98:67:3b:99:14:67:fb:b4:22:9f:fc:98:e9:1c:04:50:
         7a:24:a1:b6:36:cf:11:5f:a9:57:97:42:04:00:59:3a:b2:0d:
         ea:33:9a:d9:3b:04:49:cd:42:87:85:fe:e3:76:3e:38:b2:7d:
         cb:d8:ff:11:4a:f1:da:3c:32:7c:79:5a:07:2a:5b:dd:84:d9:
         51:62:71:c5:4b:37:9a:68:53:b5:72:7d:51:5e:3d:b7:13:9d:
         ea:11:04:7e:07:3a:2e:e8:17:cd:85:06:5f:2f:56:b4:56:ff:
         0f:dc:b3:4d:6d:5c:9c:7f:ee:2d:01:df:4b:30:76:5c:42:32:
         f0:cb:ed:9f:cf:c9:c6:58:84:f9:7f:06:48:6a:2d:28:4a:59:
         4d:c0:18:8a:c5:84:14:d7:df:bf:e0:91:4d:27:f9:b7:2c:59:
         88:03:19:b6:88:cf:0e:9d:41:e0:0f:83:e0:a7:09:29:f0:fc:
         23:7e:97:6c:d0:db:46:98:12:bf:93:13:5c:48:b4:15:de:ec:
         a1:a6:20:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plunYY0mXHK7fUBRJi2SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjYwMzI2MTAwMDQ5WhcNMjYwMzI3MTAwMDQ5WjAzMTEwLwYDVQQD
EyhjMmExZmYxYzVjZTRlMzQ5ZjY3YTRjNmY2MGVmYTY2Mzk5ZGYyYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/GkhwdEglj1Kg5b5xJKr6YiAAFMd
EUms6RSGxiB26+G+XveuKRXGAlSzRmeSyDbus4evdFfJOC/Qa+Kc0xshqoV3rZtD
V102qSfL7s87krpwLZz1nqnjjhC2aJUPcjTLLgnfl0KtDpSoxEEfCYSQ1d/dCkLR
goLBwP8VL7ZWbuvPtsFUL96rQmlo0sunF5Fc9ffDx2R0SF27JGhkzTwt0sz07KkB
yDhYwuCPuxOXHjRNzOd+rAWvDB3/C6AFiGfsfuSiyHzGcC50IEROa7Una7iUdnIA
y3xgCnewkZXDc+EtNHN64YhaDXEtxtvhLmjeLcy6og6hOdEZawBUr6uJCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKh/xxc5ONJ9npMb2DvpmOZ3yvVMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlxwn4skW
J5oOZDWvF03+ahoenUh+XR/0wQp37/CdHVktIl2zK3/1plKzmUSmUlXWZviUZi1b
LvKYZzuZFGf7tCKf/JjpHARQeiShtjbPEV+pV5dCBABZOrIN6jOa2TsESc1Ch4X+
43Y+OLJ9y9j/EUrx2jwyfHlaBypb3YTZUWJxxUs3mmhTtXJ9UV49txOd6hEEfgc6
LugXzYUGXy9WtFb/D9yzTW1cnH/uLQHfSzB2XEIy8Mvtn8/JxliE+X8GSGotKEpZ
TcAYisWEFNffv+CRTSf5tyxZiAMZtojPDp1B4A+D4KcJKfD8I36XbNDbRpgSv5MT
XEi0Fd7soaYg3w==
-----END CERTIFICATE-----