Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/72c6f3-9913-41be-a178-5f3eb7b21e90/1/tLV4tlwYGG0eanU5kSs06QALCMw.mft
File:                     tLV4tlwYGG0eanU5kSs06QALCMw.mft (raw, json)
Hash identifier:          pLYM6pNFRUU3uBCeRBcQrh0HR4ooA3BTcJwcJLhe+X4=
Subject key identifier:   F5:21:50:BA:E1:E0:23:32:A2:57:54:E1:58:DF:C5:FE:5E:7B:9E:E0
Authority key identifier: B4:B5:78:B6:5C:18:18:6D:1E:6A:75:39:91:2B:34:E9:00:0B:08:CC
Certificate issuer:       /CN=b4b578b65c18186d1e6a7539912b34e9000b08cc
Certificate serial:       019D37F778932DECCCCE4EF0BE29C317C202
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tLV4tlwYGG0eanU5kSs06QALCMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/72c6f3-9913-41be-a178-5f3eb7b21e90/1/tLV4tlwYGG0eanU5kSs06QALCMw.mft
Manifest number:          BE
Signing time:             Sun 29 Mar 2026 05:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:58 +0000
Files and hashes:         1: tLV4tlwYGG0eanU5kSs06QALCMw.crl (hash: JDyBaM7JmrZF7gq3J0kid+PNzC+aHh62ay1vDnxBeJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/72c6f3-9913-41be-a178-5f3eb7b21e90/1/tLV4tlwYGG0eanU5kSs06QALCMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/72c6f3-9913-41be-a178-5f3eb7b21e90/1/tLV4tlwYGG0eanU5kSs06QALCMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tLV4tlwYGG0eanU5kSs06QALCMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:78:93:2d:ec:cc:ce:4e:f0:be:29:c3:17:c2:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4b578b65c18186d1e6a7539912b34e9000b08cc
        Validity
            Not Before: Mar 29 05:00:58 2026 GMT
            Not After : Mar 30 05:00:58 2026 GMT
        Subject: CN=f52150bae1e02332a25754e158dfc5fe5e7b9ee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2e:b2:5a:50:e8:0d:d1:75:8f:00:fa:ac:2e:
                    f3:7e:fb:c3:8c:be:a1:9b:cf:dd:08:29:21:94:db:
                    91:a2:be:ec:8c:b4:fd:65:38:16:e2:25:87:aa:df:
                    33:06:87:42:e9:44:6f:5e:56:44:d2:9c:5f:64:01:
                    96:f3:54:50:0e:40:fc:69:9d:07:90:d1:e2:94:70:
                    9f:b6:6d:f6:f6:4c:b7:ed:84:25:9a:5c:a5:fa:11:
                    1e:cc:b7:5e:e0:99:db:c4:61:54:18:5d:3b:b0:74:
                    28:32:aa:45:96:6b:4a:af:a2:29:40:af:32:84:68:
                    1a:f0:6e:4f:24:8a:94:b7:11:17:0f:c0:27:c3:a7:
                    e2:aa:21:4f:f3:b2:2f:7d:5c:91:52:9b:fd:87:11:
                    7a:56:50:e9:4d:79:1c:b8:9d:15:a9:0d:97:d0:77:
                    b9:64:12:d4:fd:ba:cd:4e:f4:0a:f7:f3:78:0c:4d:
                    a0:07:4a:49:56:69:ab:81:4b:6f:48:04:2d:33:fc:
                    b0:7f:27:ec:61:6f:3f:c2:71:2b:74:58:10:b5:eb:
                    16:59:bd:87:fe:cc:93:cd:e7:4f:88:21:f5:20:26:
                    b2:c6:fc:ab:90:36:e8:ef:45:8f:a5:d8:a5:ae:f2:
                    50:e1:ea:3b:30:3f:00:0b:09:16:b3:01:37:2a:08:
                    24:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:21:50:BA:E1:E0:23:32:A2:57:54:E1:58:DF:C5:FE:5E:7B:9E:E0
            X509v3 Authority Key Identifier:
                keyid:B4:B5:78:B6:5C:18:18:6D:1E:6A:75:39:91:2B:34:E9:00:0B:08:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tLV4tlwYGG0eanU5kSs06QALCMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/72c6f3-9913-41be-a178-5f3eb7b21e90/1/tLV4tlwYGG0eanU5kSs06QALCMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/72c6f3-9913-41be-a178-5f3eb7b21e90/1/tLV4tlwYGG0eanU5kSs06QALCMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:79:ee:24:58:30:a7:9e:46:a9:54:a7:c6:23:0d:e9:2a:66:
         90:40:66:b8:9e:82:d3:1a:b6:9b:2e:f9:72:ad:6b:ba:12:2e:
         43:e5:34:c8:b1:53:d5:aa:47:2a:f9:68:ea:b4:36:fa:9c:51:
         c6:dc:28:d9:9d:d2:41:f7:c2:59:f5:75:36:fb:ec:e7:2a:7f:
         b6:dc:90:9f:4e:a2:9c:92:bd:e4:72:0a:81:d1:89:d4:f0:64:
         48:1e:eb:41:c4:c9:ea:9e:2e:ac:1c:a2:49:36:6d:ec:00:30:
         bf:04:f7:d2:1d:82:67:14:4d:10:26:c2:c8:79:6d:cf:4f:22:
         72:50:9a:de:ac:68:d2:cc:9b:67:c1:03:88:d7:73:5e:27:32:
         a0:3d:33:a5:b5:33:76:41:e7:2f:82:3a:d9:34:48:ac:de:0c:
         ed:7c:52:b2:81:74:dd:d5:05:f9:95:ff:2e:67:df:1b:7a:f6:
         ed:63:30:d7:45:b6:56:2c:56:17:47:d9:30:5e:21:77:13:73:
         a8:a0:7c:bc:ff:c4:44:d2:46:90:66:55:f9:a0:73:4b:46:a4:
         4e:aa:1a:58:ab:66:49:d9:ec:3b:64:77:fc:e1:09:ea:38:48:
         05:dc:34:ae:62:c3:39:b4:85:25:d1:ce:3f:cd:1a:fb:cd:86:
         9c:a9:e4:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0393iTLezMzk7wvinDF8ICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YjU3OGI2NWMxODE4NmQxZTZhNzUzOTkxMmIzNGU5MDAw
YjA4Y2MwHhcNMjYwMzI5MDUwMDU4WhcNMjYwMzMwMDUwMDU4WjAzMTEwLwYDVQQD
EyhmNTIxNTBiYWUxZTAyMzMyYTI1NzU0ZTE1OGRmYzVmZTVlN2I5ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly6yWlDoDdF1jwD6rC7zfvvDjL6h
m8/dCCkhlNuRor7sjLT9ZTgW4iWHqt8zBodC6URvXlZE0pxfZAGW81RQDkD8aZ0H
kNHilHCftm329ky37YQlmlyl+hEezLde4JnbxGFUGF07sHQoMqpFlmtKr6IpQK8y
hGga8G5PJIqUtxEXD8Anw6fiqiFP87IvfVyRUpv9hxF6VlDpTXkcuJ0VqQ2X0He5
ZBLU/brNTvQK9/N4DE2gB0pJVmmrgUtvSAQtM/ywfyfsYW8/wnErdFgQtesWWb2H
/syTzedPiCH1ICayxvyrkDbo70WPpdilrvJQ4eo7MD8ACwkWswE3KggkowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUhULrh4CMyoldU4Vjfxf5ee57gMB8GA1UdIwQY
MBaAFLS1eLZcGBhtHmp1OZErNOkACwjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdExWNHRsd1lHRzBlYW5VNWtTczA2UUFMQ013LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83MmM2ZjMtOTkxMy00MWJlLWExNzgt
NWYzZWI3YjIxZTkwLzEvdExWNHRsd1lHRzBlYW5VNWtTczA2UUFMQ013Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83MmM2ZjMtOTkxMy00MWJlLWExNzgtNWYzZWI3YjIxZTkw
LzEvdExWNHRsd1lHRzBlYW5VNWtTczA2UUFMQ013LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnnuJFgw
p55GqVSnxiMN6SpmkEBmuJ6C0xq2my75cq1ruhIuQ+U0yLFT1apHKvlo6rQ2+pxR
xtwo2Z3SQffCWfV1Nvvs5yp/ttyQn06inJK95HIKgdGJ1PBkSB7rQcTJ6p4urByi
STZt7AAwvwT30h2CZxRNECbCyHltz08iclCa3qxo0sybZ8EDiNdzXicyoD0zpbUz
dkHnL4I62TRIrN4M7XxSsoF03dUF+ZX/LmffG3r27WMw10W2VixWF0fZMF4hdxNz
qKB8vP/ERNJGkGZV+aBzS0akTqoaWKtmSdnsO2R3/OEJ6jhIBdw0rmLDObSFJdHO
P80a+82GnKnkNQ==
-----END CERTIFICATE-----