Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          r3wOHu/Og9oIo3UwbvIduuC0BuWms9TAH6cVFu2dlDQ=
Subject key identifier:   F1:72:7C:19:22:29:BC:9E:70:F1:C5:27:23:EB:E0:B9:B0:97:1B:EB
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       019D39AF5E58699DAD905273B67DDC5FA36E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          151F
Signing time:             Sun 29 Mar 2026 13:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:27 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: T2zbCRctGMW63RYfM4Xg1QszjSpIO/kvB4k/9vUDqQo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:5e:58:69:9d:ad:90:52:73:b6:7d:dc:5f:a3:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: Mar 29 13:01:27 2026 GMT
            Not After : Mar 30 13:01:27 2026 GMT
        Subject: CN=f1727c192229bc9e70f1c52723ebe0b9b0971beb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f0:1a:fa:f0:9e:9a:90:98:06:50:f2:30:0e:
                    57:d0:20:f5:29:5c:9b:a1:71:3d:37:a3:dc:51:22:
                    4b:76:28:b3:82:80:84:47:ac:c2:3a:b0:c5:cb:40:
                    5d:cf:ad:0c:5e:ae:9e:f4:43:23:9b:86:4c:5a:03:
                    26:da:99:ce:4b:64:07:a9:b2:14:51:2d:6c:c3:c6:
                    05:66:bd:dc:d9:e4:1f:61:02:48:1e:d6:16:7b:da:
                    f1:e6:ed:79:c7:1b:dc:23:a7:1c:4c:37:7d:ed:b9:
                    16:32:df:e8:7c:c1:a5:29:35:e2:c1:ee:a4:85:38:
                    b2:9f:56:41:7b:55:b7:d4:37:96:6f:ec:35:c7:37:
                    82:66:a1:ce:42:7d:b3:0a:ff:3c:ae:3b:70:02:38:
                    79:c6:58:4e:4a:46:4f:c1:3e:a5:56:a8:ba:e8:f0:
                    5f:f8:48:fb:fb:e5:aa:1a:ff:64:c4:b4:29:1a:cd:
                    fb:fd:95:50:9e:4f:3a:5a:e1:c7:bf:85:b4:25:b5:
                    54:65:84:3a:bb:b1:91:4b:e0:80:9a:66:7a:b5:35:
                    63:ed:27:f1:fb:37:e4:49:9b:65:95:fe:57:39:9c:
                    02:16:14:04:2e:de:f8:43:c3:27:80:b0:1b:55:1e:
                    36:45:43:ae:58:51:93:a8:85:4e:e8:cf:14:fe:27:
                    9a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:72:7C:19:22:29:BC:9E:70:F1:C5:27:23:EB:E0:B9:B0:97:1B:EB
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:d3:e4:d9:06:c5:4f:e8:17:d3:37:fa:03:ea:97:ce:56:ac:
         c6:dc:5b:56:be:bc:34:ce:ca:9f:fd:1d:57:af:57:e8:65:8c:
         a5:8b:79:8e:65:27:eb:98:0f:6e:6d:59:e9:54:a9:e3:bb:5a:
         1b:77:77:d7:b4:77:d6:24:c8:19:51:8d:f3:75:b6:20:99:6c:
         ab:64:5b:f2:97:2a:52:f6:80:df:e5:03:eb:fc:23:1c:a2:16:
         60:f1:40:c9:04:90:06:32:3a:03:0d:58:fc:a8:e9:fe:88:57:
         65:5d:2c:ca:57:15:14:ee:47:f3:f7:f0:58:3e:58:16:15:a5:
         f5:65:47:4b:77:8e:2e:d4:f7:30:40:f3:a1:b5:59:aa:3a:ce:
         c9:81:98:92:7c:6b:27:ae:52:f8:f0:1d:64:05:20:c7:ff:33:
         06:12:ab:16:1c:74:8b:b8:e8:94:dc:b9:35:7a:1b:94:99:7d:
         7e:ea:4b:70:90:04:c5:08:3b:83:be:7f:d3:e3:fd:c7:40:f9:
         a2:5e:f6:ed:02:5f:a7:9c:d7:a2:e5:09:8f:5f:20:7b:54:09:
         40:39:53:cc:29:76:79:5e:70:65:d1:3d:00:9d:3c:1d:69:00:
         fc:8a:9f:67:0e:7b:70:44:c6:5c:dd:a6:7f:41:fb:bf:fa:ca:
         7a:a6:49:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r15YaZ2tkFJztn3cX6NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjYwMzI5MTMwMTI3WhcNMjYwMzMwMTMwMTI3WjAzMTEwLwYDVQQD
EyhmMTcyN2MxOTIyMjliYzllNzBmMWM1MjcyM2ViZTBiOWIwOTcxYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fAa+vCempCYBlDyMA5X0CD1KVyb
oXE9N6PcUSJLdiizgoCER6zCOrDFy0Bdz60MXq6e9EMjm4ZMWgMm2pnOS2QHqbIU
US1sw8YFZr3c2eQfYQJIHtYWe9rx5u15xxvcI6ccTDd97bkWMt/ofMGlKTXiwe6k
hTiyn1ZBe1W31DeWb+w1xzeCZqHOQn2zCv88rjtwAjh5xlhOSkZPwT6lVqi66PBf
+Ej7++WqGv9kxLQpGs37/ZVQnk86WuHHv4W0JbVUZYQ6u7GRS+CAmmZ6tTVj7Sfx
+zfkSZtllf5XOZwCFhQELt74Q8MngLAbVR42RUOuWFGTqIVO6M8U/iea3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFyfBkiKbyecPHFJyPr4LmwlxvrMB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9Pk2QbF
T+gX0zf6A+qXzlasxtxbVr68NM7Kn/0dV69X6GWMpYt5jmUn65gPbm1Z6VSp47ta
G3d317R31iTIGVGN83W2IJlsq2Rb8pcqUvaA3+UD6/wjHKIWYPFAyQSQBjI6Aw1Y
/Kjp/ohXZV0sylcVFO5H8/fwWD5YFhWl9WVHS3eOLtT3MEDzobVZqjrOyYGYknxr
J65S+PAdZAUgx/8zBhKrFhx0i7jolNy5NXoblJl9fupLcJAExQg7g75/0+P9x0D5
ol727QJfp5zXouUJj18ge1QJQDlTzCl2eV5wZdE9AJ08HWkA/IqfZw57cETGXN2m
f0H7v/rKeqZJNA==
-----END CERTIFICATE-----