Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
File:                     tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json)
Hash identifier:          gsU7FwntOo39SmMQlR1r8Of4DVzM/GdK7XwajYPa10c=
Subject key identifier:   F0:53:7E:29:A5:96:66:09:E6:2B:2F:76:48:36:97:E1:22:D0:12:DE
Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC
Certificate issuer:       /CN=b53aca36846d2d3023648eac581c7d9b6317eedc
Certificate serial:       019D27DFCAAD1463E159761C1091DFD5B997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
Manifest number:          0485
Signing time:             Thu 26 Mar 2026 02:01:10 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:10 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:10 +0000
Files and hashes:         1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: OymgXQJ5xvNQSOaKOXHyA9RyImyv3ZmCKmG5Jpvnk1s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:ca:ad:14:63:e1:59:76:1c:10:91:df:d5:b9:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc
        Validity
            Not Before: Mar 26 02:01:10 2026 GMT
            Not After : Mar 27 02:01:10 2026 GMT
        Subject: CN=f0537e29a5966609e62b2f76483697e122d012de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5d:1f:76:6f:c1:d2:c0:65:52:71:f9:88:32:
                    1d:04:1e:52:70:97:6f:bb:4d:58:a4:13:4f:6e:eb:
                    42:6a:d8:da:34:ad:a7:7b:fc:bf:46:44:4d:cc:bf:
                    64:9a:51:7f:e2:e9:3f:f2:35:1b:84:29:b8:26:9a:
                    d9:36:2e:3e:db:55:2e:ea:76:b0:f2:cb:ec:37:d9:
                    2e:99:86:56:0e:77:c9:55:16:c4:f3:86:d0:76:56:
                    62:d5:7c:0e:34:f4:02:6d:7e:44:47:b4:f7:7c:7b:
                    ab:fd:64:e2:e1:39:31:d7:46:fc:99:b1:c5:8c:35:
                    2e:ab:e5:9c:4b:83:97:57:da:b1:8f:33:a8:77:62:
                    c5:13:a3:c2:07:14:48:ae:8b:fa:82:09:fe:5c:28:
                    90:d9:af:ec:46:80:36:f9:3a:3b:92:03:f2:e5:9c:
                    75:76:11:8a:f0:84:4a:cf:c9:80:95:03:a1:4b:44:
                    d1:2d:42:00:f8:ff:6e:2d:68:6a:89:09:35:98:24:
                    02:44:3f:03:e1:e5:91:2c:11:cf:90:a6:5d:ab:9d:
                    a9:cc:aa:8e:56:1c:bf:21:68:fe:98:64:7e:a9:4d:
                    71:88:cd:1c:4b:8f:f7:a3:79:d9:f7:b2:bf:f8:26:
                    db:5a:8e:99:65:35:e8:be:56:b0:7d:e2:ad:45:16:
                    7d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:53:7E:29:A5:96:66:09:E6:2B:2F:76:48:36:97:E1:22:D0:12:DE
            X509v3 Authority Key Identifier:
                keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:4e:b9:17:97:17:d2:61:15:8b:9b:9d:a9:f9:a6:0f:cd:17:
         e4:71:0d:35:e2:d5:0d:cf:7f:1f:1d:66:cb:4a:4f:bd:5e:3e:
         1d:d1:0d:10:e3:83:be:55:16:b4:e9:f9:f6:59:41:cf:b6:d7:
         3f:da:e3:46:8e:85:c0:3e:c0:82:db:60:29:0b:42:24:e3:a2:
         ea:9f:87:45:2a:22:d0:20:f1:d8:c0:d8:01:9f:a9:d9:7d:69:
         24:45:d6:03:52:d8:ae:cb:b4:91:dc:a4:ee:05:da:1b:dc:3a:
         b0:0c:4b:6b:3c:ae:cf:e5:7f:bc:8d:be:22:3a:51:4f:c0:27:
         fa:c2:b7:81:cd:9e:90:94:71:ce:8f:a5:db:e8:5f:3b:c7:3e:
         dc:65:25:84:ef:23:fe:3d:ec:56:cb:65:4b:b1:de:b2:25:ba:
         b1:ae:f6:1f:9f:8d:5d:50:3a:3c:a1:4c:7c:3b:45:4f:d1:ed:
         5f:cf:81:17:2c:6a:67:a6:7a:fe:e1:e8:37:f3:08:17:d9:b6:
         eb:a1:8b:dc:4e:6a:b9:2f:1c:fa:8b:e6:97:2f:54:2d:bf:04:
         ca:d5:89:d1:61:93:ca:b0:85:8d:7d:d7:8c:2a:b5:f7:2e:68:
         4a:7b:af:1d:82:76:94:89:ba:4e:71:c8:c7:b8:7f:ee:ad:5e:
         90:88:73:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n38qtFGPhWXYcEJHf1bmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx
N2VlZGMwHhcNMjYwMzI2MDIwMTEwWhcNMjYwMzI3MDIwMTEwWjAzMTEwLwYDVQQD
EyhmMDUzN2UyOWE1OTY2NjA5ZTYyYjJmNzY0ODM2OTdlMTIyZDAxMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl10fdm/B0sBlUnH5iDIdBB5ScJdv
u01YpBNPbutCatjaNK2ne/y/RkRNzL9kmlF/4uk/8jUbhCm4JprZNi4+21Uu6naw
8svsN9kumYZWDnfJVRbE84bQdlZi1XwONPQCbX5ER7T3fHur/WTi4Tkx10b8mbHF
jDUuq+WcS4OXV9qxjzOod2LFE6PCBxRIrov6ggn+XCiQ2a/sRoA2+To7kgPy5Zx1
dhGK8IRKz8mAlQOhS0TRLUIA+P9uLWhqiQk1mCQCRD8D4eWRLBHPkKZdq52pzKqO
Vhy/IWj+mGR+qU1xiM0cS4/3o3nZ97K/+CbbWo6ZZTXovlawfeKtRRZ9nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBTfimllmYJ5isvdkg2l+Ei0BLeMB8GA1UdIwQY
MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt
NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl
LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEE65F5cX
0mEVi5udqfmmD80X5HENNeLVDc9/Hx1my0pPvV4+HdENEOODvlUWtOn59llBz7bX
P9rjRo6FwD7AgttgKQtCJOOi6p+HRSoi0CDx2MDYAZ+p2X1pJEXWA1LYrsu0kdyk
7gXaG9w6sAxLazyuz+V/vI2+IjpRT8An+sK3gc2ekJRxzo+l2+hfO8c+3GUlhO8j
/j3sVstlS7HesiW6sa72H5+NXVA6PKFMfDtFT9HtX8+BFyxqZ6Z6/uHoN/MIF9m2
66GL3E5quS8c+ovmly9ULb8EytWJ0WGTyrCFjX3XjCq19y5oSnuvHYJ2lIm6TnHI
x7h/7q1ekIhzpg==
-----END CERTIFICATE-----