Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          4NIEUXJlxRw8CUee6bo6AS06wT/0F/PqBmZQpzEy9/I=
Subject key identifier:   E8:8F:B5:79:CE:BE:9E:70:EE:49:FF:E1:9A:1A:6F:BB:66:5A:0B:7E
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       019D37C0A46FE148400EC083455E702CC435
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          0983
Signing time:             Sun 29 Mar 2026 04:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:04 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: qgMu0mWg59++JURfMQEJhbtoZzjB3f72wNMQlghSlk8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:a4:6f:e1:48:40:0e:c0:83:45:5e:70:2c:c4:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Mar 29 04:01:04 2026 GMT
            Not After : Mar 30 04:01:04 2026 GMT
        Subject: CN=e88fb579cebe9e70ee49ffe19a1a6fbb665a0b7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a6:f9:58:16:12:7d:d8:2b:e3:28:13:34:09:
                    5e:c6:03:90:fe:0d:e7:9c:7c:3b:ce:34:c6:59:5b:
                    cd:40:47:80:7d:a4:f9:3c:91:8a:0e:ad:71:ff:5b:
                    93:0f:9f:9a:25:91:b9:5e:59:9b:80:54:35:83:1d:
                    84:da:6a:2f:fa:f3:c4:56:81:b6:79:1d:ad:3d:bf:
                    cf:d0:f3:84:9b:8e:89:d5:f1:43:41:d4:29:43:4b:
                    44:63:30:d0:65:1b:4a:f4:c8:a0:4b:f0:3e:47:4d:
                    d9:1d:dc:da:7e:09:af:a2:c6:2f:05:e0:f1:df:1d:
                    c7:da:6b:17:07:81:75:78:de:f3:7a:a7:87:2c:11:
                    1d:3b:1e:31:9e:bb:61:e6:17:1c:74:8c:38:ff:b1:
                    7d:d2:81:f5:a4:8b:e7:85:22:4b:8e:56:4f:85:16:
                    34:51:d6:5b:5f:e9:f7:9f:42:28:e0:e7:cf:ab:b3:
                    78:87:0e:bb:cd:d4:90:bc:a5:d6:e0:40:25:1c:d8:
                    61:7d:16:70:23:af:e3:77:de:e4:12:03:78:86:72:
                    e7:91:5c:6a:4b:a1:5b:e6:45:0c:f6:33:69:b5:a7:
                    d8:c2:01:bb:35:da:dc:fb:55:e2:7c:05:60:01:36:
                    4e:63:f3:2a:50:55:f1:79:c6:93:5b:d5:bc:59:c9:
                    64:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:8F:B5:79:CE:BE:9E:70:EE:49:FF:E1:9A:1A:6F:BB:66:5A:0B:7E
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:9b:6f:56:56:a4:72:59:f4:0c:0a:62:54:c0:da:b6:82:58:
         59:69:2d:3a:22:b0:8f:a3:ff:a8:ee:80:90:7a:df:d9:08:d4:
         14:b9:c1:04:aa:ff:5a:da:11:72:75:a2:8e:8c:03:af:ad:7b:
         41:c4:6c:e2:52:17:97:2c:85:d6:d2:e8:27:9d:53:db:9e:c6:
         a9:08:38:49:77:ca:7f:05:4c:30:5b:27:6a:32:ec:32:a1:76:
         23:d7:7c:6f:e0:03:d9:e9:9b:ad:67:31:71:4c:8e:cf:4b:07:
         29:ab:20:4d:6c:23:7c:8a:b1:3f:f6:d8:98:27:30:b8:26:98:
         02:6d:20:82:da:a3:32:09:28:50:c8:4d:8a:ba:0e:34:33:22:
         10:cc:af:0d:90:62:cf:9f:91:7c:d1:fe:14:16:17:9c:02:74:
         1d:07:ec:50:aa:7b:89:39:f2:2e:99:d0:a6:93:e9:5b:5e:c6:
         d3:3c:eb:ab:6a:54:7e:8e:08:78:43:74:06:1d:e4:0b:a4:f1:
         3b:ac:73:00:9a:3b:77:17:71:48:89:07:9b:61:c8:1b:ab:a8:
         ec:f3:ee:06:68:eb:a6:8e:0e:b7:e8:a4:9f:56:37:84:56:c9:
         24:1e:60:66:79:e7:37:56:63:1a:e7:fc:5f:bf:3b:71:cf:c6:
         e8:aa:68:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wKRv4UhADsCDRV5wLMQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjYwMzI5MDQwMTA0WhcNMjYwMzMwMDQwMTA0WjAzMTEwLwYDVQQD
EyhlODhmYjU3OWNlYmU5ZTcwZWU0OWZmZTE5YTFhNmZiYjY2NWEwYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6b5WBYSfdgr4ygTNAlexgOQ/g3n
nHw7zjTGWVvNQEeAfaT5PJGKDq1x/1uTD5+aJZG5XlmbgFQ1gx2E2mov+vPEVoG2
eR2tPb/P0POEm46J1fFDQdQpQ0tEYzDQZRtK9MigS/A+R03ZHdzafgmvosYvBeDx
3x3H2msXB4F1eN7zeqeHLBEdOx4xnrth5hccdIw4/7F90oH1pIvnhSJLjlZPhRY0
UdZbX+n3n0Io4OfPq7N4hw67zdSQvKXW4EAlHNhhfRZwI6/jd97kEgN4hnLnkVxq
S6Fb5kUM9jNptafYwgG7Ndrc+1XifAVgATZOY/MqUFXxecaTW9W8WclkVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiPtXnOvp5w7kn/4Zoab7tmWgt+MB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgptvVlak
cln0DApiVMDatoJYWWktOiKwj6P/qO6AkHrf2QjUFLnBBKr/WtoRcnWijowDr617
QcRs4lIXlyyF1tLoJ51T257GqQg4SXfKfwVMMFsnajLsMqF2I9d8b+AD2embrWcx
cUyOz0sHKasgTWwjfIqxP/bYmCcwuCaYAm0ggtqjMgkoUMhNiroONDMiEMyvDZBi
z5+RfNH+FBYXnAJ0HQfsUKp7iTnyLpnQppPpW17G0zzrq2pUfo4IeEN0Bh3kC6Tx
O6xzAJo7dxdxSIkHm2HIG6uo7PPuBmjrpo4Ot+ikn1Y3hFbJJB5gZnnnN1ZjGuf8
X787cc/G6KpozA==
-----END CERTIFICATE-----