Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
File:                     TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json)
Hash identifier:          eHKA1zkWuc0Ar0HfsY7Pd1/UHVbX+ofmWeopF2H9WGQ=
Subject key identifier:   0A:A9:CA:BD:80:57:E3:E3:A5:7A:9A:D7:40:65:37:B1:14:EC:32:4B
Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4
Certificate issuer:       /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
Certificate serial:       019D25F162A34D51F5CFF84DEADF4ECC6C25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
Manifest number:          0DF8
Signing time:             Wed 25 Mar 2026 17:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:09 +0000
Files and hashes:         1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: h1CUL0lL0FLRK5hj6bJmsZNSa+stHv2crYYDyXHvkvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 17:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:62:a3:4d:51:f5:cf:f8:4d:ea:df:4e:cc:6c:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
        Validity
            Not Before: Mar 25 17:01:09 2026 GMT
            Not After : Mar 26 17:01:09 2026 GMT
        Subject: CN=0aa9cabd8057e3e3a57a9ad7406537b114ec324b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f7:e6:4e:9a:8e:84:95:14:51:2c:10:f6:cd:
                    47:32:a3:eb:fc:e7:63:78:71:31:7d:29:09:61:01:
                    2a:52:47:64:d9:42:34:44:be:12:bb:8b:7d:86:53:
                    ac:8d:7c:33:d8:7b:15:e2:83:39:4c:f8:30:49:96:
                    ee:03:9d:0d:e0:aa:0d:92:64:7b:05:c1:0a:6a:61:
                    cf:d3:ff:47:be:bc:33:8d:0f:1d:50:e4:e0:c5:90:
                    63:4c:0b:99:97:f5:a7:86:2f:b7:08:8c:ad:e8:41:
                    6f:44:68:49:87:ea:22:0a:de:da:92:47:4c:a9:de:
                    10:5a:fb:3f:17:b6:e4:61:b4:9e:94:ee:ec:18:d9:
                    70:f8:0d:f6:aa:2b:92:c3:c3:fd:5a:fb:b5:e3:f0:
                    ef:c2:fc:00:88:c0:d8:d2:4f:12:ab:32:ae:c2:35:
                    03:3e:3d:92:1a:c1:8b:3a:ee:4e:9f:7d:a2:9c:8b:
                    ff:65:d3:6f:15:14:22:bf:0b:71:6c:e6:b0:97:aa:
                    7a:d5:ea:bb:de:fa:2f:85:19:eb:e4:49:4d:56:82:
                    9c:0a:52:48:8c:2a:51:87:58:d6:f7:81:ec:55:33:
                    e6:99:38:c5:fe:90:7e:e9:cf:3f:ff:a7:45:81:b8:
                    e7:9d:da:db:bc:38:86:0f:87:12:b5:b5:1d:01:f6:
                    dd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:A9:CA:BD:80:57:E3:E3:A5:7A:9A:D7:40:65:37:B1:14:EC:32:4B
            X509v3 Authority Key Identifier:
                keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:6c:18:11:b3:8c:7c:2f:7a:c7:f4:67:d0:3d:f5:7d:7d:b7:
         59:c4:4b:69:96:ab:28:9c:2f:5a:3d:15:66:7c:fa:fe:cc:d0:
         53:c3:e9:f4:1e:24:94:b0:c2:ca:67:f6:7a:c6:bc:8e:12:60:
         2e:e6:24:15:79:d8:07:51:6a:1c:b1:76:ac:a2:4c:c2:6f:ae:
         80:20:98:5b:2f:e1:f3:f5:e6:73:ee:c6:24:ec:bc:7f:22:10:
         d1:5a:64:47:fd:f5:26:4c:9e:2e:00:bd:38:ef:26:fe:01:d3:
         37:31:c6:5e:e5:c8:f9:43:28:33:37:fb:aa:ae:6d:18:ce:0d:
         06:52:18:1a:ec:35:46:64:26:d5:89:58:67:6d:ec:ef:e3:ae:
         d3:e6:a8:32:90:01:6c:f0:90:21:f4:2a:aa:62:cc:ab:c4:02:
         66:3e:fb:63:c2:9c:64:e4:03:6d:f5:5e:34:3a:8e:68:fa:8e:
         71:7b:fb:19:71:c1:af:3a:3d:93:1b:e8:8e:7d:69:be:22:b5:
         d6:a9:0a:89:a8:13:48:e4:cb:cf:08:5d:0f:67:fa:5c:be:94:
         d5:9c:41:a8:14:72:97:60:03:03:f9:f6:d0:1c:48:8b:ba:f7:
         17:34:e8:ca:56:48:14:04:d8:62:24:3a:fa:5a:b6:2c:89:ff:
         49:7d:3e:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8WKjTVH1z/hN6t9OzGwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh
Njc3ZjQwHhcNMjYwMzI1MTcwMTA5WhcNMjYwMzI2MTcwMTA5WjAzMTEwLwYDVQQD
EygwYWE5Y2FiZDgwNTdlM2UzYTU3YTlhZDc0MDY1MzdiMTE0ZWMzMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvfmTpqOhJUUUSwQ9s1HMqPr/Odj
eHExfSkJYQEqUkdk2UI0RL4Su4t9hlOsjXwz2HsV4oM5TPgwSZbuA50N4KoNkmR7
BcEKamHP0/9HvrwzjQ8dUOTgxZBjTAuZl/Wnhi+3CIyt6EFvRGhJh+oiCt7akkdM
qd4QWvs/F7bkYbSelO7sGNlw+A32qiuSw8P9Wvu14/DvwvwAiMDY0k8SqzKuwjUD
Pj2SGsGLOu5On32inIv/ZdNvFRQivwtxbOawl6p61eq73vovhRnr5ElNVoKcClJI
jCpRh1jW94HsVTPmmTjF/pB+6c8//6dFgbjnndrbvDiGD4cStbUdAfbdhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqpyr2AV+PjpXqa10BlN7EU7DJLMB8GA1UdIwQY
MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt
NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk
LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANGwYEbOM
fC96x/Rn0D31fX23WcRLaZarKJwvWj0VZnz6/szQU8Pp9B4klLDCymf2esa8jhJg
LuYkFXnYB1FqHLF2rKJMwm+ugCCYWy/h8/Xmc+7GJOy8fyIQ0VpkR/31JkyeLgC9
OO8m/gHTNzHGXuXI+UMoMzf7qq5tGM4NBlIYGuw1RmQm1YlYZ23s7+Ou0+aoMpAB
bPCQIfQqqmLMq8QCZj77Y8KcZOQDbfVeNDqOaPqOcXv7GXHBrzo9kxvojn1pviK1
1qkKiagTSOTLzwhdD2f6XL6U1ZxBqBRyl2ADA/n20BxIi7r3FzToylZIFATYYiQ6
+lq2LIn/SX0+5w==
-----END CERTIFICATE-----