Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          LFZZpr4hNJXTQwUCsIfahcQ9u4H2oCnnqt5nCn8IUXw=
Subject key identifier:   4F:FF:12:E5:75:5A:DA:80:7F:7D:6E:14:38:80:FE:74:61:50:E0:30
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       019D371B313FC137DC1B57B3AE1A27222F95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          1311
Signing time:             Sun 29 Mar 2026 01:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:22 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: NdUpV4711YubOW4kKjqF4t/N1XBe2Rry8rllVnBGjw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:31:3f:c1:37:dc:1b:57:b3:ae:1a:27:22:2f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Mar 29 01:00:22 2026 GMT
            Not After : Mar 30 01:00:22 2026 GMT
        Subject: CN=4fff12e5755ada807f7d6e143880fe746150e030
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:61:46:11:a5:f3:df:ee:ac:f7:29:38:34:dc:
                    ef:f5:e6:1e:2f:51:26:d2:8f:f4:e6:b9:ae:ce:02:
                    95:34:2a:ee:8b:fb:77:59:77:6e:70:25:5c:5c:b6:
                    d6:3d:d5:1b:b6:d6:87:3b:3d:8a:20:a0:33:91:3f:
                    8b:d0:49:8c:67:21:0b:55:33:f5:65:ee:f1:ad:69:
                    8d:26:82:2b:35:ec:32:b0:03:c0:85:56:8e:50:b0:
                    cd:e2:68:d1:5a:e3:e4:78:fa:3e:0f:c8:18:f9:be:
                    46:7a:03:b4:6b:3b:cd:39:97:8b:7d:aa:66:06:b7:
                    60:a9:bb:06:7b:37:45:4c:91:7e:3b:e0:4d:d5:ca:
                    3e:4d:4f:2a:15:f5:bc:5e:ae:eb:b3:07:f9:93:1d:
                    c2:00:ff:48:0e:39:aa:4f:34:ef:db:1b:28:09:2b:
                    a8:f1:0c:5c:05:64:03:65:4b:d3:44:a6:85:2f:7a:
                    3e:24:67:2d:4a:bc:4a:c1:3d:8b:11:41:75:b7:88:
                    e7:ab:28:f2:ec:d7:eb:4e:8a:d1:2d:b8:91:c2:e2:
                    a1:3c:ca:f6:32:90:2f:d4:1e:4d:bb:39:16:72:c8:
                    48:c7:a4:8c:34:78:0c:53:62:61:e4:38:bd:2b:d9:
                    a2:17:29:c1:61:f1:b6:5a:76:78:0f:74:88:52:3c:
                    55:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:FF:12:E5:75:5A:DA:80:7F:7D:6E:14:38:80:FE:74:61:50:E0:30
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:50:15:be:c7:88:18:f3:36:8a:ae:7d:a9:24:0b:b4:3c:6f:
         1c:32:b8:e0:74:5e:6b:35:02:be:3f:d2:07:8c:13:25:e8:f9:
         8b:df:af:fe:48:0f:d6:03:6e:c0:1b:cf:72:3e:8a:e4:c5:88:
         c7:02:44:1c:88:eb:e0:8d:44:d1:0d:8e:b4:35:ab:da:42:95:
         cd:5d:0d:05:cd:ab:12:ec:2d:ab:61:93:58:e3:d2:49:5c:d2:
         d3:6b:4a:ba:12:00:d4:7a:6c:df:b1:13:fe:25:47:94:68:89:
         da:36:8f:86:1e:f3:a8:e5:a0:02:b8:95:71:1f:89:f9:1f:09:
         08:11:1a:67:2b:72:a1:fb:2a:52:9f:fb:82:30:2b:86:51:34:
         6d:63:3d:d1:c5:36:7b:e9:8f:40:79:16:94:83:0c:20:1e:d4:
         84:41:0c:1a:c6:be:17:d1:73:24:f6:91:1d:cd:2a:3e:68:91:
         3b:c0:ad:5e:5a:96:08:93:29:73:94:69:2f:2e:1a:46:ac:05:
         8f:63:d4:af:78:84:bd:32:72:b9:56:53:a6:fb:83:e6:34:3b:
         78:c9:49:2c:cb:95:47:bf:cc:50:3d:a9:bc:8c:73:bc:c3:a4:
         e0:09:c6:9c:e2:20:4d:4b:38:b9:1e:ed:8d:a4:db:aa:b1:e6:
         f3:48:29:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03GzE/wTfcG1ezrhonIi+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjYwMzI5MDEwMDIyWhcNMjYwMzMwMDEwMDIyWjAzMTEwLwYDVQQD
Eyg0ZmZmMTJlNTc1NWFkYTgwN2Y3ZDZlMTQzODgwZmU3NDYxNTBlMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2FGEaXz3+6s9yk4NNzv9eYeL1Em
0o/05rmuzgKVNCrui/t3WXducCVcXLbWPdUbttaHOz2KIKAzkT+L0EmMZyELVTP1
Ze7xrWmNJoIrNewysAPAhVaOULDN4mjRWuPkePo+D8gY+b5GegO0azvNOZeLfapm
BrdgqbsGezdFTJF+O+BN1co+TU8qFfW8Xq7rswf5kx3CAP9IDjmqTzTv2xsoCSuo
8QxcBWQDZUvTRKaFL3o+JGctSrxKwT2LEUF1t4jnqyjy7NfrTorRLbiRwuKhPMr2
MpAv1B5NuzkWcshIx6SMNHgMU2Jh5Di9K9miFynBYfG2WnZ4D3SIUjxVlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE//EuV1WtqAf31uFDiA/nRhUOAwMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqVAVvseI
GPM2iq59qSQLtDxvHDK44HReazUCvj/SB4wTJej5i9+v/kgP1gNuwBvPcj6K5MWI
xwJEHIjr4I1E0Q2OtDWr2kKVzV0NBc2rEuwtq2GTWOPSSVzS02tKuhIA1Hps37ET
/iVHlGiJ2jaPhh7zqOWgAriVcR+J+R8JCBEaZytyofsqUp/7gjArhlE0bWM90cU2
e+mPQHkWlIMMIB7UhEEMGsa+F9FzJPaRHc0qPmiRO8CtXlqWCJMpc5RpLy4aRqwF
j2PUr3iEvTJyuVZTpvuD5jQ7eMlJLMuVR7/MUD2pvIxzvMOk4AnGnOIgTUs4uR7t
jaTbqrHm80gp+A==
-----END CERTIFICATE-----