Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          AxJGPWR3q5M8hTcg/Yn7iEu6D0Y5xKpSfAOnVqTbLwQ=
Subject key identifier:   B0:2E:CC:BA:15:42:25:AA:E6:8B:61:9B:8B:7D:95:D7:80:A0:C8:4B
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       019D38D3A85BC221AA910DCE958D7ACBD73E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          181D
Signing time:             Sun 29 Mar 2026 09:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:28 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: Yt+UG/hXmV7XsLB3Vya7IrCFdyldcq+qTNGPwf6Pmqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 09:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a8:5b:c2:21:aa:91:0d:ce:95:8d:7a:cb:d7:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Mar 29 09:01:28 2026 GMT
            Not After : Mar 30 09:01:28 2026 GMT
        Subject: CN=b02eccba154225aae68b619b8b7d95d780a0c84b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:10:ff:cb:64:4f:d8:a6:39:c2:e2:25:8d:7a:
                    bd:e2:54:6c:b2:a6:77:76:4a:88:45:5b:c3:e2:52:
                    d1:74:b9:db:29:ce:a2:1b:13:1a:bb:cf:e6:17:5d:
                    32:ea:e5:13:0c:88:8d:f4:01:15:84:2d:ee:df:8c:
                    9a:59:5d:06:3d:51:eb:24:b2:ca:d4:d0:67:62:97:
                    54:62:43:5a:54:01:2b:b2:c1:47:d5:98:c7:10:68:
                    06:ff:ad:1b:31:a4:ad:a4:74:ae:a7:38:c4:b5:44:
                    a5:7b:ad:6b:94:04:a5:c3:31:7c:1c:04:f8:fb:5f:
                    14:a9:88:2e:27:1b:d4:f9:ed:2e:bf:0a:90:d6:a9:
                    82:09:5d:6f:01:67:67:f6:1b:53:fb:5a:e0:e7:be:
                    9a:d9:94:23:31:29:d5:ee:15:89:c1:47:ab:38:d7:
                    85:df:6b:87:eb:1a:66:09:39:2b:95:6e:81:97:6e:
                    c2:c7:7b:89:92:8f:8f:b0:3f:d6:f1:9b:64:c2:c5:
                    27:ad:e8:2f:d4:5c:d1:4d:43:76:b8:bd:92:37:de:
                    05:3b:8c:d9:8f:b5:ec:db:3e:aa:b2:9d:98:50:54:
                    ef:85:3d:fc:16:62:70:d1:0d:af:b5:0e:8e:c9:80:
                    28:b2:c7:bc:93:44:cc:7d:cc:54:5f:1d:e0:16:95:
                    35:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:2E:CC:BA:15:42:25:AA:E6:8B:61:9B:8B:7D:95:D7:80:A0:C8:4B
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:ac:a3:91:d5:8a:d2:77:f1:a4:4c:8b:23:68:54:9d:f4:77:
         e3:01:e3:24:13:bb:c4:02:bd:9d:34:0d:c7:a9:a6:3d:53:1a:
         ae:03:e4:8f:a4:fd:a5:f4:a9:8c:e2:da:a6:36:2a:72:e6:6d:
         12:e3:05:08:9b:c6:9b:6f:5f:70:8c:97:1c:8b:5f:70:9c:8f:
         fd:5e:0c:38:75:ee:98:a7:ce:2e:2a:1b:f3:a8:fd:9a:14:0c:
         79:fd:95:c1:11:b3:2c:54:8e:e8:28:6f:e1:60:e7:2a:fb:3a:
         76:9d:30:93:4d:3a:18:c7:0c:33:e1:13:be:2d:85:27:e9:8f:
         68:9e:1c:3e:38:4f:49:ae:c0:a6:eb:87:7a:65:7c:81:39:12:
         14:85:50:0d:19:5a:d8:0f:5e:d7:0b:c9:32:3e:4f:15:01:86:
         09:0a:ad:b6:ba:2f:0b:59:e7:ef:39:76:6c:75:97:84:5c:41:
         80:82:88:18:4b:9d:e7:70:df:22:1b:4d:12:46:a3:bc:4a:46:
         e6:15:9c:cc:7f:56:d5:07:8b:a2:0c:5b:73:c9:be:9b:d9:d0:
         61:5f:48:6b:7c:1a:ad:cf:76:e3:0d:3d:71:fb:97:01:15:44:
         6d:48:d7:d1:f5:e1:f1:f1:5e:05:58:d0:27:ce:8f:92:b3:52:
         d2:1f:6d:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406hbwiGqkQ3OlY16y9c+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjYwMzI5MDkwMTI4WhcNMjYwMzMwMDkwMTI4WjAzMTEwLwYDVQQD
EyhiMDJlY2NiYTE1NDIyNWFhZTY4YjYxOWI4YjdkOTVkNzgwYTBjODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhD/y2RP2KY5wuIljXq94lRssqZ3
dkqIRVvD4lLRdLnbKc6iGxMau8/mF10y6uUTDIiN9AEVhC3u34yaWV0GPVHrJLLK
1NBnYpdUYkNaVAErssFH1ZjHEGgG/60bMaStpHSupzjEtUSle61rlASlwzF8HAT4
+18UqYguJxvU+e0uvwqQ1qmCCV1vAWdn9htT+1rg576a2ZQjMSnV7hWJwUerONeF
32uH6xpmCTkrlW6Bl27Cx3uJko+PsD/W8ZtkwsUnregv1FzRTUN2uL2SN94FO4zZ
j7Xs2z6qsp2YUFTvhT38FmJw0Q2vtQ6OyYAosse8k0TMfcxUXx3gFpU1PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAuzLoVQiWq5othm4t9ldeAoMhLMB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKyjkdWK
0nfxpEyLI2hUnfR34wHjJBO7xAK9nTQNx6mmPVMargPkj6T9pfSpjOLapjYqcuZt
EuMFCJvGm29fcIyXHItfcJyP/V4MOHXumKfOLiob86j9mhQMef2VwRGzLFSO6Chv
4WDnKvs6dp0wk006GMcMM+ETvi2FJ+mPaJ4cPjhPSa7ApuuHemV8gTkSFIVQDRla
2A9e1wvJMj5PFQGGCQqttrovC1nn7zl2bHWXhFxBgIKIGEud53DfIhtNEkajvEpG
5hWczH9W1QeLogxbc8m+m9nQYV9Ia3warc924w09cfuXARVEbUjX0fXh8fFeBVjQ
J86PkrNS0h9tMg==
-----END CERTIFICATE-----