Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          dL1wmQ09F+7wGSKGTG/w7+n5Ma4OjSuk3eqtaWtkEdA=
Subject key identifier:   B0:EB:34:70:C6:9F:2A:40:C2:9D:C7:D1:05:27:EC:E1:4A:DA:DD:53
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       019D2771C8CE085FC2CBA031BCDA65414715
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          16BF
Signing time:             Thu 26 Mar 2026 00:01:01 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:01 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:01 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: nLKLTvMQP7m3IrjpkysMcubqL0v7MmL/i0tRfzFBbKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:c8:ce:08:5f:c2:cb:a0:31:bc:da:65:41:47:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Mar 26 00:01:01 2026 GMT
            Not After : Mar 27 00:01:01 2026 GMT
        Subject: CN=b0eb3470c69f2a40c29dc7d10527ece14adadd53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:da:42:d1:6e:16:89:f2:8e:35:0f:bc:c4:24:
                    d2:43:1e:73:62:b5:3b:b8:5e:a9:03:e9:02:28:96:
                    23:1f:f0:11:14:41:2c:09:d2:74:64:b2:9c:c8:e6:
                    7e:30:0e:8b:ff:a2:c9:c4:fc:55:b1:b3:0e:4b:0b:
                    14:19:32:a3:26:3d:6c:38:73:47:d4:cb:b7:b3:94:
                    18:1d:92:42:74:91:77:12:55:e4:b1:fb:76:c4:29:
                    95:1a:f3:24:59:8e:a2:cf:52:9b:63:16:10:40:98:
                    fc:77:c3:c6:89:00:d7:c3:c2:e6:30:1b:93:f1:18:
                    23:2e:6f:21:38:b3:0b:b7:27:2f:e6:c4:55:49:88:
                    cb:4e:a4:bb:c9:01:4d:c5:a9:b3:73:d2:4b:fa:dc:
                    88:7a:4d:bc:53:ad:75:fb:54:7d:96:ed:ea:fe:26:
                    9e:79:b6:02:e8:24:c4:93:9c:fa:17:29:84:ec:fc:
                    70:71:5f:7a:12:e8:d7:6d:d5:ac:57:0e:1e:7f:9e:
                    53:4e:ad:86:5b:4b:5f:dc:1e:b0:84:a7:ce:cd:fb:
                    ae:f1:d8:d1:17:c7:6b:5d:09:6e:a1:3b:e3:0b:03:
                    e4:61:05:13:a9:a2:66:d4:16:98:b8:5c:a0:83:df:
                    1d:67:86:01:79:56:5d:26:18:db:81:26:3f:8f:8e:
                    57:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:EB:34:70:C6:9F:2A:40:C2:9D:C7:D1:05:27:EC:E1:4A:DA:DD:53
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:93:f0:47:40:90:b4:44:93:25:2f:6e:f7:e2:8b:2b:3e:5e:
         6f:40:4c:d0:3b:30:7e:ec:73:3f:75:36:4a:c5:8e:89:5e:18:
         9c:a5:6a:91:12:0b:27:00:3b:e3:63:43:49:8e:b0:56:10:d3:
         af:5b:f6:b5:18:a3:f2:ed:3e:da:ac:05:05:52:ee:03:59:84:
         21:ba:cc:87:05:0a:a5:15:2e:98:a1:e5:6a:53:db:92:54:85:
         bd:c0:46:60:ec:83:68:83:a9:c2:72:33:83:9b:5c:f4:da:84:
         19:32:51:97:70:34:c4:2e:15:db:b9:c0:c0:12:bc:1c:a5:62:
         3e:63:c6:aa:39:97:6e:73:73:7e:6f:bc:1f:f3:ee:53:40:c1:
         f1:08:cb:2c:c2:47:b0:d2:49:83:2d:2c:0c:f6:b3:36:ab:f5:
         05:69:65:73:ca:41:d9:d2:ac:04:07:7c:d0:c5:81:0f:9f:ac:
         7e:f0:95:0d:50:d9:c3:72:f7:5e:8a:39:26:8e:86:b9:cc:ba:
         d7:60:fd:26:3e:c0:82:7c:7c:00:bc:ff:47:a0:4f:a9:8b:c4:
         d1:3d:c1:e8:b8:8c:58:8b:0a:ac:38:fa:95:9d:a7:f6:68:2c:
         ba:69:a7:0a:fe:8b:9c:60:37:32:3a:24:d6:b4:48:a9:a5:bf:
         23:eb:fe:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nccjOCF/Cy6AxvNplQUcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjYwMzI2MDAwMTAxWhcNMjYwMzI3MDAwMTAxWjAzMTEwLwYDVQQD
EyhiMGViMzQ3MGM2OWYyYTQwYzI5ZGM3ZDEwNTI3ZWNlMTRhZGFkZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotpC0W4WifKONQ+8xCTSQx5zYrU7
uF6pA+kCKJYjH/ARFEEsCdJ0ZLKcyOZ+MA6L/6LJxPxVsbMOSwsUGTKjJj1sOHNH
1Mu3s5QYHZJCdJF3ElXksft2xCmVGvMkWY6iz1KbYxYQQJj8d8PGiQDXw8LmMBuT
8RgjLm8hOLMLtycv5sRVSYjLTqS7yQFNxamzc9JL+tyIek28U611+1R9lu3q/iae
ebYC6CTEk5z6FymE7PxwcV96EujXbdWsVw4ef55TTq2GW0tf3B6whKfOzfuu8djR
F8drXQluoTvjCwPkYQUTqaJm1BaYuFygg98dZ4YBeVZdJhjbgSY/j45XhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDrNHDGnypAwp3H0QUn7OFK2t1TMB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp5PwR0CQ
tESTJS9u9+KLKz5eb0BM0DswfuxzP3U2SsWOiV4YnKVqkRILJwA742NDSY6wVhDT
r1v2tRij8u0+2qwFBVLuA1mEIbrMhwUKpRUumKHlalPbklSFvcBGYOyDaIOpwnIz
g5tc9NqEGTJRl3A0xC4V27nAwBK8HKViPmPGqjmXbnNzfm+8H/PuU0DB8QjLLMJH
sNJJgy0sDPazNqv1BWllc8pB2dKsBAd80MWBD5+sfvCVDVDZw3L3Xoo5Jo6Gucy6
12D9Jj7Agnx8ALz/R6BPqYvE0T3B6LiMWIsKrDj6lZ2n9mgsummnCv6LnGA3Mjok
1rRIqaW/I+v+9w==
-----END CERTIFICATE-----