Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
File:                     TkB_fq2BapVV9HrxCQPvRcgXC4I.mft (raw, json)
Hash identifier:          ZqlaS9NwOlcUM+mihQTWNjOTNmfh8jdCeFDGPsofpY8=
Subject key identifier:   8D:7F:6F:49:50:37:C9:B8:3E:AB:57:05:C6:60:FB:EE:33:CE:46:22
Authority key identifier: 4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82
Certificate issuer:       /CN=4e407f7ead816a9555f47af10903ef45c8170b82
Certificate serial:       019D3752B5CBB0D9EE1FD3A46D3AE71FAB22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
Manifest number:          0973
Signing time:             Sun 29 Mar 2026 02:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:00 +0000
Files and hashes:         1: TkB_fq2BapVV9HrxCQPvRcgXC4I.crl (hash: GkL0wRNKXIRFTSPsVXmkA48KvMc4PMvvcN1dJ3eVMn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:b5:cb:b0:d9:ee:1f:d3:a4:6d:3a:e7:1f:ab:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e407f7ead816a9555f47af10903ef45c8170b82
        Validity
            Not Before: Mar 29 02:01:00 2026 GMT
            Not After : Mar 30 02:01:00 2026 GMT
        Subject: CN=8d7f6f495037c9b83eab5705c660fbee33ce4622
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a6:80:d5:77:dc:ad:cd:69:65:60:07:68:8f:
                    a8:35:3a:5e:be:49:7d:f6:47:a5:da:d6:81:af:50:
                    a7:00:3f:ce:60:d0:af:93:f3:49:33:34:0e:c4:5c:
                    db:d1:db:29:d1:cf:9c:72:65:fd:1d:cd:29:f5:79:
                    b8:2f:b4:d4:a8:18:bf:f3:12:cb:ea:37:2a:ad:90:
                    b8:5d:84:70:3c:09:dd:26:5d:bf:f5:c6:91:86:c8:
                    58:2f:a1:ea:51:66:dd:8c:c5:ff:ca:1d:5d:ff:aa:
                    45:ac:5c:5a:7a:30:ca:1c:f4:19:82:db:bf:b5:6d:
                    00:2d:ee:c7:a0:6a:9d:01:ba:49:84:5c:1f:e3:52:
                    03:b8:a0:a1:1d:e3:33:61:5f:32:33:03:aa:c2:c4:
                    26:bb:3c:52:d8:3e:1b:cf:93:c1:90:a1:ff:c0:ff:
                    92:1f:5d:bd:b8:5b:99:3f:f3:76:8a:5f:42:7a:cc:
                    fe:36:18:fa:49:cc:55:64:ef:2c:3b:9b:db:2b:02:
                    d9:a0:d3:03:29:9d:e6:d8:11:7f:7d:be:c9:a1:cf:
                    92:a8:d8:3a:9c:fc:8b:84:37:ac:38:7a:3f:4a:eb:
                    7f:73:91:d9:9f:02:85:a4:75:e2:fd:73:a0:8f:9a:
                    a1:ef:4f:c0:a4:c9:ce:c8:12:59:59:7f:d3:3c:eb:
                    61:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:7F:6F:49:50:37:C9:B8:3E:AB:57:05:C6:60:FB:EE:33:CE:46:22
            X509v3 Authority Key Identifier:
                keyid:4E:40:7F:7E:AD:81:6A:95:55:F4:7A:F1:09:03:EF:45:C8:17:0B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkB_fq2BapVV9HrxCQPvRcgXC4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/356552-312a-44ce-8677-405505fc460e/1/TkB_fq2BapVV9HrxCQPvRcgXC4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:3d:e8:99:ae:54:c2:7d:4b:e1:40:60:43:1b:e0:60:4b:a5:
         59:b1:41:bf:f6:11:fe:d1:67:29:6d:6b:5d:bc:50:20:eb:b2:
         00:71:54:16:e1:8b:57:1a:bc:44:83:64:cf:5c:15:f8:9c:a6:
         20:e5:64:a4:4f:d4:c1:b1:bd:72:10:f2:2c:b1:3e:13:a5:e8:
         f8:54:e0:5a:72:54:81:d5:68:b5:c6:63:f7:4a:b8:83:13:a6:
         27:8c:92:f1:de:f4:27:17:fe:3a:a2:82:02:90:0b:d7:4d:11:
         74:2c:f1:b3:22:c4:98:06:25:a2:21:c6:4c:25:01:1b:7b:aa:
         d2:b8:2b:3e:96:a7:27:20:a5:e0:43:23:0e:e3:c4:7e:8f:83:
         82:18:61:8c:af:fc:37:1b:a9:e3:e4:2a:0a:be:9c:23:25:a2:
         91:f4:63:ae:60:aa:ec:34:d8:22:8b:65:66:19:eb:8b:46:f4:
         5d:29:03:d0:eb:a9:96:7c:ae:e8:0b:cb:8a:b3:2e:81:d2:d4:
         f7:4d:f8:0b:d9:95:46:01:8f:24:4f:6e:bd:71:ca:a7:4a:7a:
         d5:aa:02:a4:b9:7a:d5:f1:5f:00:d1:2b:1e:ac:e9:2b:b2:37:
         ff:d3:6f:c7:05:41:7b:6e:9d:a3:dd:3e:40:a0:56:9f:3a:c6:
         2b:a9:83:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UrXLsNnuH9OkbTrnH6siMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDA3ZjdlYWQ4MTZhOTU1NWY0N2FmMTA5MDNlZjQ1Yzgx
NzBiODIwHhcNMjYwMzI5MDIwMTAwWhcNMjYwMzMwMDIwMTAwWjAzMTEwLwYDVQQD
Eyg4ZDdmNmY0OTUwMzdjOWI4M2VhYjU3MDVjNjYwZmJlZTMzY2U0NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqaA1Xfcrc1pZWAHaI+oNTpevkl9
9kel2taBr1CnAD/OYNCvk/NJMzQOxFzb0dsp0c+ccmX9Hc0p9Xm4L7TUqBi/8xLL
6jcqrZC4XYRwPAndJl2/9caRhshYL6HqUWbdjMX/yh1d/6pFrFxaejDKHPQZgtu/
tW0ALe7HoGqdAbpJhFwf41IDuKChHeMzYV8yMwOqwsQmuzxS2D4bz5PBkKH/wP+S
H129uFuZP/N2il9Cesz+Nhj6ScxVZO8sO5vbKwLZoNMDKZ3m2BF/fb7Joc+SqNg6
nPyLhDesOHo/Sut/c5HZnwKFpHXi/XOgj5qh70/ApMnOyBJZWX/TPOthzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1/b0lQN8m4PqtXBcZg++4zzkYiMB8GA1UdIwQY
MBaAFE5Af36tgWqVVfR68QkD70XIFwuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2Nzct
NDA1NTA1ZmM0NjBlLzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zNTY1NTItMzEyYS00NGNlLTg2NzctNDA1NTA1ZmM0NjBl
LzEvVGtCX2ZxMkJhcFZWOUhyeENRUHZSY2dYQzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhT3oma5U
wn1L4UBgQxvgYEulWbFBv/YR/tFnKW1rXbxQIOuyAHFUFuGLVxq8RINkz1wV+Jym
IOVkpE/UwbG9chDyLLE+E6Xo+FTgWnJUgdVotcZj90q4gxOmJ4yS8d70Jxf+OqKC
ApAL100RdCzxsyLEmAYloiHGTCUBG3uq0rgrPpanJyCl4EMjDuPEfo+DghhhjK/8
Nxup4+QqCr6cIyWikfRjrmCq7DTYIotlZhnri0b0XSkD0Ouplnyu6AvLirMugdLU
9034C9mVRgGPJE9uvXHKp0p61aoCpLl61fFfANErHqzpK7I3/9NvxwVBe26do90+
QKBWnzrGK6mDMw==
-----END CERTIFICATE-----