Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
File:                     THHp8j7qymjHIcvkKAYQC3XhV3A.mft (raw, json)
Hash identifier:          7MK4rHiFsIn4fBw+MWL2BnRRl+t56tbbwGlD9PkMTDQ=
Subject key identifier:   0B:23:AF:91:DF:BB:FC:86:54:BD:C3:FB:F7:4C:62:D8:F8:F6:5F:5A
Authority key identifier: 4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70
Certificate issuer:       /CN=4c71e9f23eeaca68c721cbe42806100b75e15770
Certificate serial:       019D39AE97AABC5794810D5954D6A2B50C46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
Manifest number:          074D
Signing time:             Sun 29 Mar 2026 13:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:36 +0000
Files and hashes:         1: THHp8j7qymjHIcvkKAYQC3XhV3A.crl (hash: dEQrqPvIzzuCUfFz7Wy4YNXlitc9QqrAfoOEwS+Y5gQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:97:aa:bc:57:94:81:0d:59:54:d6:a2:b5:0c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c71e9f23eeaca68c721cbe42806100b75e15770
        Validity
            Not Before: Mar 29 13:00:36 2026 GMT
            Not After : Mar 30 13:00:36 2026 GMT
        Subject: CN=0b23af91dfbbfc8654bdc3fbf74c62d8f8f65f5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:2c:13:95:41:dc:be:32:e1:24:68:22:6e:e9:
                    ad:fd:c0:98:ee:96:a8:d0:c2:a0:94:ba:f5:59:23:
                    12:07:f4:fe:af:f3:ec:6a:10:97:2b:a3:1f:01:aa:
                    79:b2:2b:98:de:f5:b4:86:69:a3:b5:3c:f1:d1:c6:
                    ed:b2:99:85:d6:4d:b3:95:71:74:1e:03:33:0d:7c:
                    67:5c:04:d2:2d:5d:5f:79:26:04:e6:08:7c:0c:d1:
                    41:2a:26:e2:01:38:10:56:fb:22:14:aa:e1:44:f2:
                    db:8c:55:29:45:3c:37:ac:cb:76:76:74:6c:85:dd:
                    56:56:ac:30:78:e1:0e:09:58:1f:18:84:25:d1:9a:
                    f7:0c:d9:56:d2:43:7f:4b:4d:c1:7e:fd:fb:42:c8:
                    d4:8e:1f:c4:46:2b:b7:88:a5:1f:c5:37:64:66:ab:
                    ab:42:ef:c9:0e:9b:cd:22:40:11:f0:c6:ac:d0:5a:
                    3b:4e:44:c7:6a:f7:4a:7f:c6:96:dc:8c:cc:27:a0:
                    c0:ab:fe:28:97:b7:6a:30:05:b8:85:95:56:36:9b:
                    ee:9c:ab:de:e1:01:2d:d6:97:ee:56:71:62:55:e6:
                    14:b4:b9:de:6b:dd:df:e1:0e:91:8f:fc:b9:76:00:
                    a8:28:5c:ae:bf:ec:5e:4a:24:cd:5a:59:fb:65:69:
                    65:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:23:AF:91:DF:BB:FC:86:54:BD:C3:FB:F7:4C:62:D8:F8:F6:5F:5A
            X509v3 Authority Key Identifier:
                keyid:4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:fa:d3:9b:cb:7c:46:e7:72:bd:20:38:f5:29:82:3d:f2:bb:
         15:4a:ac:61:66:72:09:dc:f9:45:18:13:29:01:cc:9c:d9:51:
         30:d1:10:69:b2:20:70:d1:06:c2:5e:4a:7c:ed:00:26:6f:b1:
         9c:0c:64:ba:95:cf:b3:ee:9e:0d:43:21:fa:9b:18:0a:c6:45:
         96:15:1b:fd:06:05:e9:3b:ff:65:ea:d4:63:26:d9:44:3e:ea:
         69:31:67:63:5a:29:41:94:5c:a3:bf:c1:5c:64:62:1d:c3:5a:
         62:76:c0:a2:f1:44:4d:bb:68:21:37:89:1a:db:57:21:de:55:
         25:73:52:49:5f:78:cb:f9:99:27:f6:5c:90:f1:b6:d7:0d:a8:
         bd:09:b6:20:9d:21:d8:44:d3:29:e9:8e:ae:b1:4c:40:c3:2e:
         11:30:3c:0c:76:a1:9a:03:5d:5f:65:3b:99:57:3d:9e:b2:15:
         73:db:ca:56:7c:24:75:e3:c4:a2:fa:2b:f8:b2:3a:65:10:3c:
         61:97:53:35:e3:5d:a1:a2:c9:00:7a:9d:67:7e:81:20:9c:9f:
         55:55:d9:64:87:25:e4:23:aa:41:76:7f:e8:90:8b:a0:04:2f:
         fa:12:d5:77:4b:04:15:61:89:15:52:26:ae:00:59:3f:35:2b:
         03:a9:e6:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rpeqvFeUgQ1ZVNaitQxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzFlOWYyM2VlYWNhNjhjNzIxY2JlNDI4MDYxMDBiNzVl
MTU3NzAwHhcNMjYwMzI5MTMwMDM2WhcNMjYwMzMwMTMwMDM2WjAzMTEwLwYDVQQD
EygwYjIzYWY5MWRmYmJmYzg2NTRiZGMzZmJmNzRjNjJkOGY4ZjY1ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iwTlUHcvjLhJGgibumt/cCY7pao
0MKglLr1WSMSB/T+r/PsahCXK6MfAap5siuY3vW0hmmjtTzx0cbtspmF1k2zlXF0
HgMzDXxnXATSLV1feSYE5gh8DNFBKibiATgQVvsiFKrhRPLbjFUpRTw3rMt2dnRs
hd1WVqwweOEOCVgfGIQl0Zr3DNlW0kN/S03Bfv37QsjUjh/ERiu3iKUfxTdkZqur
Qu/JDpvNIkAR8Mas0Fo7TkTHavdKf8aW3IzMJ6DAq/4ol7dqMAW4hZVWNpvunKve
4QEt1pfuVnFiVeYUtLnea93f4Q6Rj/y5dgCoKFyuv+xeSiTNWln7ZWllywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsjr5Hfu/yGVL3D+/dMYtj49l9aMB8GA1UdIwQY
MBaAFExx6fI+6spoxyHL5CgGEAt14VdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEt
YzliN2ViMmNlYTU3LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEtYzliN2ViMmNlYTU3
LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACfrTm8t8
RudyvSA49SmCPfK7FUqsYWZyCdz5RRgTKQHMnNlRMNEQabIgcNEGwl5KfO0AJm+x
nAxkupXPs+6eDUMh+psYCsZFlhUb/QYF6Tv/ZerUYybZRD7qaTFnY1opQZRco7/B
XGRiHcNaYnbAovFETbtoITeJGttXId5VJXNSSV94y/mZJ/ZckPG21w2ovQm2IJ0h
2ETTKemOrrFMQMMuETA8DHahmgNdX2U7mVc9nrIVc9vKVnwkdePEovor+LI6ZRA8
YZdTNeNdoaLJAHqdZ36BIJyfVVXZZIcl5COqQXZ/6JCLoAQv+hLVd0sEFWGJFVIm
rgBZPzUrA6nmTg==
-----END CERTIFICATE-----