Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          XoaTOzPclU+vZlI9B4nPZDPQd/W9HAPygY79RgE7BLE=
Subject key identifier:   AD:F7:D6:BD:CB:AE:F0:C6:C7:F7:79:70:C0:AF:09:50:20:E9:77:6C
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       019D2A729386FC79E3B330C6E2C1065AF44B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          0521
Signing time:             Thu 26 Mar 2026 14:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 14:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 14:00:45 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: cnH2avgzxhCUJWK6DCSmvaUeRryt3l2BNmMobiOAflo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 14:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:72:93:86:fc:79:e3:b3:30:c6:e2:c1:06:5a:f4:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: Mar 26 14:00:45 2026 GMT
            Not After : Mar 27 14:00:45 2026 GMT
        Subject: CN=adf7d6bdcbaef0c6c7f77970c0af095020e9776c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:16:21:19:e2:ad:60:09:e8:15:66:71:0f:f4:
                    52:b5:3d:0d:09:e8:30:4f:b6:06:0e:01:25:14:65:
                    dd:3e:c3:9b:e6:e5:df:5f:85:4c:57:79:df:5b:c1:
                    fb:02:35:69:2e:6a:b6:0b:4c:ab:70:34:8b:5f:91:
                    b6:85:98:b5:fe:07:9b:71:b4:5f:3c:a4:6a:83:0b:
                    4e:2f:88:90:27:cc:cb:bd:3d:a3:98:3e:39:2b:39:
                    bc:39:e5:af:98:1f:c1:fc:67:2e:d9:12:b2:24:be:
                    9b:72:1d:3c:67:62:b1:e7:1d:22:14:5d:d4:d7:d1:
                    e4:d3:40:24:0e:92:36:44:8c:6d:bc:e7:d6:8e:d6:
                    99:29:9f:4d:c0:5f:e2:b7:d1:81:ed:9d:c7:ba:70:
                    93:c3:c8:65:a4:03:ce:94:84:75:b3:02:a1:a9:8b:
                    c4:74:6f:63:13:23:c9:7d:b3:c4:5c:53:f0:fe:b0:
                    39:b0:6b:86:15:fb:6c:d6:20:10:64:d6:f1:3b:0c:
                    83:ab:a2:c4:49:3e:99:81:d8:83:a5:15:db:7d:6b:
                    17:16:3a:e8:36:ee:a7:99:eb:53:38:ac:15:db:d9:
                    11:e1:8f:a7:05:9f:b7:4c:13:3e:d7:42:1e:d5:b6:
                    89:62:a5:3c:35:9a:af:29:d5:f7:3d:f9:46:ee:60:
                    6b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F7:D6:BD:CB:AE:F0:C6:C7:F7:79:70:C0:AF:09:50:20:E9:77:6C
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:27:76:1f:43:38:f1:92:bf:95:19:33:dd:fd:d8:b6:08:a2:
         e5:01:b5:9b:b9:de:2b:7e:6a:41:9b:36:a4:11:66:25:ae:7e:
         e8:a5:4e:19:fa:63:20:8f:97:59:26:31:8c:79:86:43:23:b2:
         72:43:78:cb:5e:8c:d6:40:52:b3:7b:68:85:4e:f3:4d:12:f4:
         8e:c1:26:e6:4d:9b:63:f3:e2:ac:e8:0b:aa:ff:d6:06:2e:2a:
         0b:07:43:21:e6:3a:92:d0:4b:e0:47:89:31:61:b2:90:41:a7:
         40:43:72:56:2b:a0:83:f8:50:ba:dd:eb:a7:c5:9c:f8:03:81:
         1f:7e:b0:5f:ab:49:d0:d1:19:7a:93:a8:bc:f9:e1:ac:7c:0a:
         e9:90:c7:1f:c0:86:7c:08:96:a8:06:3d:eb:8d:bf:81:c8:5c:
         24:93:d5:28:7b:3c:13:3d:ba:59:1e:ba:87:f9:16:a0:42:2e:
         9d:34:e9:b9:0d:a6:4e:03:43:82:07:70:3b:23:6d:8d:bb:22:
         1c:ae:d2:a2:bc:f0:43:e3:f8:f0:98:9f:ae:ab:45:1c:ee:9c:
         7d:84:f6:41:4f:3c:23:27:87:82:0c:73:d3:63:3c:6b:25:12:
         84:cb:f6:e5:67:9a:9c:4f:80:da:b6:45:78:9f:b0:40:70:48:
         1d:5f:61:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcpOG/HnjszDG4sEGWvRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjYwMzI2MTQwMDQ1WhcNMjYwMzI3MTQwMDQ1WjAzMTEwLwYDVQQD
EyhhZGY3ZDZiZGNiYWVmMGM2YzdmNzc5NzBjMGFmMDk1MDIwZTk3NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhYhGeKtYAnoFWZxD/RStT0NCegw
T7YGDgElFGXdPsOb5uXfX4VMV3nfW8H7AjVpLmq2C0yrcDSLX5G2hZi1/gebcbRf
PKRqgwtOL4iQJ8zLvT2jmD45Kzm8OeWvmB/B/Gcu2RKyJL6bch08Z2Kx5x0iFF3U
19Hk00AkDpI2RIxtvOfWjtaZKZ9NwF/it9GB7Z3HunCTw8hlpAPOlIR1swKhqYvE
dG9jEyPJfbPEXFPw/rA5sGuGFfts1iAQZNbxOwyDq6LEST6ZgdiDpRXbfWsXFjro
Nu6nmetTOKwV29kR4Y+nBZ+3TBM+10Ie1baJYqU8NZqvKdX3PflG7mBr2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK331r3LrvDGx/d5cMCvCVAg6XdsMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCd2H0M4
8ZK/lRkz3f3Ytgii5QG1m7neK35qQZs2pBFmJa5+6KVOGfpjII+XWSYxjHmGQyOy
ckN4y16M1kBSs3tohU7zTRL0jsEm5k2bY/PirOgLqv/WBi4qCwdDIeY6ktBL4EeJ
MWGykEGnQENyViugg/hQut3rp8Wc+AOBH36wX6tJ0NEZepOovPnhrHwK6ZDHH8CG
fAiWqAY9642/gchcJJPVKHs8Ez26WR66h/kWoEIunTTpuQ2mTgNDggdwOyNtjbsi
HK7SorzwQ+P48JifrqtFHO6cfYT2QU88IyeHggxz02M8ayUShMv25WeanE+A2rZF
eJ+wQHBIHV9hbg==
-----END CERTIFICATE-----