Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
File:                     TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft (raw, json)
Hash identifier:          +vx1kQqpEaAeOcZDozh95HZXL5lp/XrteeCYGhew7O8=
Subject key identifier:   C7:7B:9D:98:40:35:D3:B6:8B:38:3F:85:78:E8:AA:EF:1B:DF:77:82
Authority key identifier: 4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D
Certificate issuer:       /CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
Certificate serial:       019D37525EF293AA27C9A4C02CE48DE2EB70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
Manifest number:          047D
Signing time:             Sun 29 Mar 2026 02:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:38 +0000
Files and hashes:         1: TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl (hash: V208ScyMESMFFInEFHrabZqvZ48OMqENhDGPt9ZHmV8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:5e:f2:93:aa:27:c9:a4:c0:2c:e4:8d:e2:eb:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d
        Validity
            Not Before: Mar 29 02:00:38 2026 GMT
            Not After : Mar 30 02:00:38 2026 GMT
        Subject: CN=c77b9d984035d3b68b383f8578e8aaef1bdf7782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2d:89:59:91:a8:36:80:47:0d:a7:07:c3:38:
                    93:1b:b8:54:91:29:90:ff:ae:da:b8:51:ac:fb:14:
                    e8:6e:73:6c:8f:01:bb:9c:6e:37:97:2d:05:21:f6:
                    fc:21:cc:a3:a2:23:30:b3:aa:3c:62:e6:2b:ac:c0:
                    23:d6:be:94:14:2a:00:f8:8a:b9:99:84:73:d8:0f:
                    37:ab:8a:fe:11:db:45:ab:14:99:75:2f:af:5f:74:
                    79:fa:69:65:e5:1d:c9:7f:c5:d2:aa:9f:d0:e3:0f:
                    70:76:0f:af:21:78:b2:cb:12:ab:cb:3c:42:6c:28:
                    55:38:a2:ae:ef:54:0e:43:79:b4:33:6d:a8:cb:8b:
                    25:89:73:7f:bf:00:aa:c7:3a:69:96:c0:29:f8:94:
                    44:a0:77:e8:33:be:f9:7d:39:d6:a6:04:ed:8a:99:
                    5c:5a:d4:71:85:4d:e8:60:b7:a0:d0:98:3b:aa:48:
                    d5:a5:40:1b:06:da:98:9a:fc:b1:93:2e:a7:31:3c:
                    72:17:6a:29:49:c1:8b:27:bf:de:fd:87:d4:66:34:
                    94:47:79:0a:a6:d5:2a:6f:14:04:75:ce:19:7b:c1:
                    4e:6f:33:63:5a:44:27:55:49:4d:72:ac:12:35:8c:
                    4c:28:c5:f0:87:a6:d2:6b:1c:70:a2:e6:03:9b:aa:
                    0b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:7B:9D:98:40:35:D3:B6:8B:38:3F:85:78:E8:AA:EF:1B:DF:77:82
            X509v3 Authority Key Identifier:
                keyid:4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:99:e9:de:fa:e2:a5:22:b2:f9:86:58:0b:67:73:ec:56:1f:
         1b:14:83:f3:b4:52:02:b4:42:03:6e:26:76:3f:ca:94:1e:a2:
         8e:ed:1c:8c:74:b3:58:7a:49:fe:3b:64:2d:84:6c:e2:70:cc:
         78:bd:09:5e:43:5e:71:83:9c:26:9f:6f:fb:9e:ba:d5:99:22:
         46:d6:9a:4d:b6:fb:b6:19:54:10:e3:d7:7d:06:6c:b7:58:89:
         f6:48:aa:39:e2:55:8e:5c:d2:46:14:9b:96:44:61:31:9d:0f:
         ce:c2:3b:bb:ce:e2:3a:92:33:4e:f7:5b:54:18:7d:fe:a9:39:
         0a:9d:c0:08:a8:c5:72:ec:46:f6:27:4b:78:86:2c:93:9a:34:
         16:64:5f:8d:60:07:6c:62:85:60:7b:7a:c8:c0:02:2e:94:bf:
         9d:2c:49:2d:f1:5f:95:5d:d1:08:ab:9e:33:68:9c:ce:08:6b:
         5a:33:ea:8b:d9:6b:03:60:d5:48:52:03:b1:a6:31:75:91:60:
         55:fd:79:1d:c6:5a:0d:8c:79:13:57:c2:b8:c6:17:fa:25:00:
         f6:0d:3b:fe:89:37:57:03:23:3f:25:bd:a2:9e:59:65:48:ee:
         2a:28:1b:91:21:36:be:6e:8a:4c:fd:c0:cb:4f:a4:17:4d:1e:
         39:e2:44:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ul7yk6onyaTALOSN4utwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTgwNWFlYTg2MDMwYmFjZGQwYmEzZTRlNDI0ZTFiYWVm
MDgyNGQwHhcNMjYwMzI5MDIwMDM4WhcNMjYwMzMwMDIwMDM4WjAzMTEwLwYDVQQD
EyhjNzdiOWQ5ODQwMzVkM2I2OGIzODNmODU3OGU4YWFlZjFiZGY3NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy2JWZGoNoBHDacHwziTG7hUkSmQ
/67auFGs+xTobnNsjwG7nG43ly0FIfb8IcyjoiMws6o8YuYrrMAj1r6UFCoA+Iq5
mYRz2A83q4r+EdtFqxSZdS+vX3R5+mll5R3Jf8XSqp/Q4w9wdg+vIXiyyxKryzxC
bChVOKKu71QOQ3m0M22oy4sliXN/vwCqxzpplsAp+JREoHfoM775fTnWpgTtiplc
WtRxhU3oYLeg0Jg7qkjVpUAbBtqYmvyxky6nMTxyF2opScGLJ7/e/YfUZjSUR3kK
ptUqbxQEdc4Ze8FObzNjWkQnVUlNcqwSNYxMKMXwh6bSaxxwouYDm6oLFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMd7nZhANdO2izg/hXjoqu8b33eCMB8GA1UdIwQY
MBaAFE6oBa6oYDC6zdC6Pk5CThuu8IJNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzct
Nzc4ODczYTI3MjZjLzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzctNzc4ODczYTI3MjZj
LzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqJnp3vri
pSKy+YZYC2dz7FYfGxSD87RSArRCA24mdj/KlB6iju0cjHSzWHpJ/jtkLYRs4nDM
eL0JXkNecYOcJp9v+5661ZkiRtaaTbb7thlUEOPXfQZst1iJ9kiqOeJVjlzSRhSb
lkRhMZ0PzsI7u87iOpIzTvdbVBh9/qk5Cp3ACKjFcuxG9idLeIYsk5o0FmRfjWAH
bGKFYHt6yMACLpS/nSxJLfFflV3RCKueM2iczghrWjPqi9lrA2DVSFIDsaYxdZFg
Vf15HcZaDYx5E1fCuMYX+iUA9g07/ok3VwMjPyW9op5ZZUjuKigbkSE2vm6KTP3A
y0+kF00eOeJEtg==
-----END CERTIFICATE-----