Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
File:                     tkDbwv_PXWNFicBEAV1xdcuv8-0.mft (raw, json)
Hash identifier:          e8n8OWD6hfq3j891n1Srne4tbm1kQJzkJCs+5KJ34eU=
Subject key identifier:   7D:BE:B0:39:FB:D5:70:52:33:DF:04:53:22:28:DB:62:D2:75:C2:48
Authority key identifier: B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED
Certificate issuer:       /CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
Certificate serial:       019D39098D49608F4C86770A3E681C318639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
Manifest number:          132E
Signing time:             Sun 29 Mar 2026 10:00:20 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:20 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:20 +0000
Files and hashes:         1: tkDbwv_PXWNFicBEAV1xdcuv8-0.crl (hash: RQojrdbs/3HX/cf8KXE/vxGxRmkFnl9mTD6jPdFHr6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:8d:49:60:8f:4c:86:77:0a:3e:68:1c:31:86:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
        Validity
            Not Before: Mar 29 10:00:20 2026 GMT
            Not After : Mar 30 10:00:20 2026 GMT
        Subject: CN=7dbeb039fbd5705233df04532228db62d275c248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ee:10:ce:d7:56:ad:23:75:b3:f1:d7:1c:9a:
                    a8:9c:13:70:c9:ca:24:5b:14:1a:bc:74:e5:e5:4d:
                    94:45:33:22:72:83:61:b0:9e:52:0f:69:be:e6:13:
                    5e:4f:09:43:06:fc:67:3c:c2:e1:ef:83:6d:63:1e:
                    49:21:8c:5e:25:61:fb:8a:02:bc:3a:32:f8:c7:86:
                    05:d1:14:ce:67:2f:85:31:86:37:3d:4c:9c:6d:3c:
                    55:e2:89:92:4e:6c:c9:f2:3c:f1:47:ae:65:61:0a:
                    59:5c:fd:d2:40:ee:86:95:b5:8a:4c:6b:7b:9d:40:
                    65:36:20:fd:11:0e:20:8d:4f:36:2d:22:21:f7:4d:
                    36:30:1a:58:bf:34:1a:d7:e7:42:d3:fe:dd:09:4b:
                    cd:a0:64:d4:ca:4d:bf:90:25:b0:d8:a6:bc:54:9e:
                    37:65:c6:ad:4a:4c:e0:10:16:1d:50:82:ba:d6:e2:
                    52:0f:b9:a6:8a:4a:36:72:1a:8f:1a:ea:29:75:99:
                    98:f0:fb:89:94:cb:15:12:df:91:e4:e4:ab:48:2d:
                    92:db:b0:f5:9f:96:d4:e9:4c:b3:7d:09:b7:fb:5b:
                    3f:54:f5:44:bd:1b:41:ab:f9:de:50:66:f0:30:1e:
                    ce:06:4f:00:a9:a9:12:17:3a:96:a9:92:fe:47:bc:
                    b6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:BE:B0:39:FB:D5:70:52:33:DF:04:53:22:28:DB:62:D2:75:C2:48
            X509v3 Authority Key Identifier:
                keyid:B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:77:3a:d1:36:a8:41:9b:2f:f4:89:2c:6d:78:bf:07:7f:0c:
         9e:d3:a6:fc:7d:d6:63:be:c5:d7:b8:39:35:26:46:84:61:4e:
         4b:e4:e9:f9:85:94:a6:da:7b:0b:35:99:8f:d3:78:85:b4:7d:
         48:5e:af:48:1d:10:d6:bf:cc:c9:d1:04:96:60:03:76:4b:87:
         9d:de:01:84:88:cd:f2:6a:28:90:47:01:1f:b4:d4:27:03:63:
         78:21:f9:67:74:6f:76:37:48:62:58:f3:ef:15:92:f7:f5:e5:
         9d:93:1e:a8:e3:54:d1:10:85:ee:b7:7c:9b:7f:e6:85:d5:8a:
         c3:dd:02:bb:b4:e3:e0:a8:49:0f:5c:72:9b:c6:3b:6d:f8:17:
         8b:59:73:4c:fa:06:21:e3:9d:66:b0:6f:fb:13:ef:da:7a:3e:
         9d:73:8c:66:63:d8:5a:a7:54:45:8a:64:88:66:66:af:7f:0a:
         b5:5e:89:96:9a:4d:fd:e8:81:69:20:9a:dd:af:a3:2f:c5:c1:
         aa:67:c6:30:dd:9a:65:47:d7:b0:8d:36:4f:ca:71:fb:0a:b3:
         fc:84:77:b0:fe:45:c7:d2:2c:2c:1c:80:05:cb:4c:e9:5c:e7:
         4b:21:0d:ea:ca:d7:dc:56:37:fc:08:95:50:9a:56:3b:c2:bd:
         41:83:8e:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CY1JYI9MhncKPmgcMYY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDBkYmMyZmZjZjVkNjM0NTg5YzA0NDAxNWQ3MTc1Y2Jh
ZmYzZWQwHhcNMjYwMzI5MTAwMDIwWhcNMjYwMzMwMTAwMDIwWjAzMTEwLwYDVQQD
Eyg3ZGJlYjAzOWZiZDU3MDUyMzNkZjA0NTMyMjI4ZGI2MmQyNzVjMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO4QztdWrSN1s/HXHJqonBNwycok
WxQavHTl5U2URTMicoNhsJ5SD2m+5hNeTwlDBvxnPMLh74NtYx5JIYxeJWH7igK8
OjL4x4YF0RTOZy+FMYY3PUycbTxV4omSTmzJ8jzxR65lYQpZXP3SQO6GlbWKTGt7
nUBlNiD9EQ4gjU82LSIh9002MBpYvzQa1+dC0/7dCUvNoGTUyk2/kCWw2Ka8VJ43
ZcatSkzgEBYdUIK61uJSD7mmiko2chqPGuopdZmY8PuJlMsVEt+R5OSrSC2S27D1
n5bU6UyzfQm3+1s/VPVEvRtBq/neUGbwMB7OBk8AqakSFzqWqZL+R7y2zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2+sDn71XBSM98EUyIo22LSdcJIMB8GA1UdIwQY
MBaAFLZA28L/z11jRYnARAFdcXXLr/PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUt
NmNiYjc3YmFhMDJkLzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUtNmNiYjc3YmFhMDJk
LzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADHc60Tao
QZsv9IksbXi/B38MntOm/H3WY77F17g5NSZGhGFOS+Tp+YWUptp7CzWZj9N4hbR9
SF6vSB0Q1r/MydEElmADdkuHnd4BhIjN8mookEcBH7TUJwNjeCH5Z3RvdjdIYljz
7xWS9/XlnZMeqONU0RCF7rd8m3/mhdWKw90Cu7Tj4KhJD1xym8Y7bfgXi1lzTPoG
IeOdZrBv+xPv2no+nXOMZmPYWqdURYpkiGZmr38KtV6JlppN/eiBaSCa3a+jL8XB
qmfGMN2aZUfXsI02T8px+wqz/IR3sP5Fx9IsLByABctM6VznSyEN6srX3FY3/AiV
UJpWO8K9QYOObw==
-----END CERTIFICATE-----