Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          CP3sNMENgKVx0qG9qss91th8s33jiiMEpmNuZ1b21TU=
Subject key identifier:   92:09:04:80:15:AF:B3:9F:6E:B8:B1:34:2D:45:91:91:E2:8E:45:FB
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       019D2627F0365E3E4BECCB75A0121206F797
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          1024
Signing time:             Wed 25 Mar 2026 18:00:44 +0000
Manifest this update:     Wed 25 Mar 2026 18:00:44 +0000
Manifest next update:     Thu 26 Mar 2026 18:00:44 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: O7SNxevSWcr8OZ3rmLWFJsOsY/3XIX1tJcG4ioSslOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 18:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:27:f0:36:5e:3e:4b:ec:cb:75:a0:12:12:06:f7:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Mar 25 18:00:44 2026 GMT
            Not After : Mar 26 18:00:44 2026 GMT
        Subject: CN=9209048015afb39f6eb8b1342d459191e28e45fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c0:66:4f:28:58:c7:1c:48:41:1c:84:96:cc:
                    77:cb:87:aa:63:69:42:82:f6:cb:04:f8:1c:77:87:
                    8c:7f:75:00:c8:f4:ec:cb:93:d1:1c:60:32:b1:bc:
                    61:39:d7:0f:cf:be:e1:03:51:08:d1:43:37:a3:fc:
                    22:02:0d:77:b1:80:dc:a3:76:49:04:c6:9d:60:d7:
                    de:b0:a8:c2:e8:cc:26:66:77:15:9c:91:79:7a:a0:
                    49:21:1c:5c:47:d7:9d:0d:aa:3c:ff:29:aa:33:7c:
                    5b:c2:d0:6c:49:a5:42:15:c0:81:f4:6e:ff:b4:aa:
                    f1:5b:c8:43:da:13:3b:62:6d:be:8b:76:bf:91:df:
                    68:c6:90:25:5c:60:32:72:74:7a:39:70:9d:35:62:
                    c7:2b:e9:16:8f:04:29:8f:f7:e1:99:50:ad:f8:17:
                    c7:ac:9d:77:84:6e:7e:a2:a4:6c:e2:a4:03:44:bd:
                    d0:d8:7d:2a:ee:14:52:29:65:9e:9f:ab:d3:c7:76:
                    59:93:43:c1:d2:d7:16:14:ca:7c:a0:9c:24:2f:d0:
                    48:21:37:d8:56:b7:9f:ff:e2:25:85:1e:87:7a:e7:
                    f8:b0:0b:38:eb:54:39:a0:d7:7b:e7:64:0d:fd:88:
                    79:83:28:5b:97:c6:7f:ae:48:98:e7:e7:43:41:ee:
                    37:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:09:04:80:15:AF:B3:9F:6E:B8:B1:34:2D:45:91:91:E2:8E:45:FB
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:89:cc:a9:d4:7f:97:7a:56:21:91:e4:d0:47:a2:b2:ba:89:
         4d:c6:f8:58:ed:10:d1:1b:2b:7b:01:5b:85:c0:75:e7:e1:ea:
         8a:59:16:84:2e:d4:86:fb:ab:0c:fc:29:6c:8e:75:7e:c8:e3:
         45:56:79:95:36:3f:a3:b0:6a:40:80:6e:a6:39:81:62:32:59:
         54:ae:df:6b:7e:78:31:4a:44:17:4c:fe:28:80:05:32:08:20:
         1f:f5:06:16:49:3a:44:bd:1b:37:00:18:d0:0e:d9:22:c5:c4:
         93:d0:45:9b:e0:e2:bf:b4:95:92:15:5c:f4:71:15:1f:e7:c1:
         b8:d6:40:ef:dc:1f:af:87:f3:90:22:f1:9e:11:50:fa:40:38:
         2e:af:1a:e1:af:74:4b:2d:3c:06:16:29:cd:84:ee:f8:80:c0:
         e5:1f:b5:a1:e8:87:95:93:d2:af:93:00:1f:9a:a8:db:22:41:
         32:a1:e4:2a:38:7e:2e:12:57:53:bd:09:80:f1:87:a3:8a:fa:
         bc:f9:f1:a4:03:59:62:d1:c6:39:b4:a2:91:cf:51:01:f1:ea:
         b8:7b:e5:41:df:7e:56:f8:9e:42:03:8d:16:03:3e:5f:cb:22:
         1d:0e:90:b7:59:1e:a2:f8:01:8b:05:07:3f:8b:7c:f6:00:80:
         e8:6f:7b:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mJ/A2Xj5L7Mt1oBISBveXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjYwMzI1MTgwMDQ0WhcNMjYwMzI2MTgwMDQ0WjAzMTEwLwYDVQQD
Eyg5MjA5MDQ4MDE1YWZiMzlmNmViOGIxMzQyZDQ1OTE5MWUyOGU0NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18BmTyhYxxxIQRyElsx3y4eqY2lC
gvbLBPgcd4eMf3UAyPTsy5PRHGAysbxhOdcPz77hA1EI0UM3o/wiAg13sYDco3ZJ
BMadYNfesKjC6MwmZncVnJF5eqBJIRxcR9edDao8/ymqM3xbwtBsSaVCFcCB9G7/
tKrxW8hD2hM7Ym2+i3a/kd9oxpAlXGAycnR6OXCdNWLHK+kWjwQpj/fhmVCt+BfH
rJ13hG5+oqRs4qQDRL3Q2H0q7hRSKWWen6vTx3ZZk0PB0tcWFMp8oJwkL9BIITfY
Vref/+IlhR6Heuf4sAs461Q5oNd752QN/Yh5gyhbl8Z/rkiY5+dDQe43CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIJBIAVr7OfbrixNC1FkZHijkX7MB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4nMqdR/
l3pWIZHk0EeisrqJTcb4WO0Q0RsrewFbhcB15+HqilkWhC7UhvurDPwpbI51fsjj
RVZ5lTY/o7BqQIBupjmBYjJZVK7fa354MUpEF0z+KIAFMgggH/UGFkk6RL0bNwAY
0A7ZIsXEk9BFm+Div7SVkhVc9HEVH+fBuNZA79wfr4fzkCLxnhFQ+kA4Lq8a4a90
Sy08BhYpzYTu+IDA5R+1oeiHlZPSr5MAH5qo2yJBMqHkKjh+LhJXU70JgPGHo4r6
vPnxpANZYtHGObSikc9RAfHquHvlQd9+VvieQgONFgM+X8siHQ6Qt1keovgBiwUH
P4t89gCA6G97rw==
-----END CERTIFICATE-----