Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
File:                     TNN3vorxFHipq-Jx-L3i3j0zNAg.mft (raw, json)
Hash identifier:          /U52ceinD4FUOjsijKioxcD8NVhydeQ9TbR9NjnrHn0=
Subject key identifier:   86:B1:CB:A1:95:6E:4D:46:31:3A:32:74:37:F9:A5:8D:6E:2A:C4:D8
Authority key identifier: 4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08
Certificate issuer:       /CN=4cd377be8af11478a9abe271f8bde2de3d333408
Certificate serial:       019D38D3BECC66A961DAFABC62950CAD8097
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
Manifest number:          0ADF
Signing time:             Sun 29 Mar 2026 09:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:34 +0000
Files and hashes:         1: TNN3vorxFHipq-Jx-L3i3j0zNAg.crl (hash: CaDW/mOuDU+tyn+hStMtjIJ+b2QfDVUm+Id79xG83tw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:be:cc:66:a9:61:da:fa:bc:62:95:0c:ad:80:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cd377be8af11478a9abe271f8bde2de3d333408
        Validity
            Not Before: Mar 29 09:01:34 2026 GMT
            Not After : Mar 30 09:01:34 2026 GMT
        Subject: CN=86b1cba1956e4d46313a327437f9a58d6e2ac4d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:df:be:9b:eb:d1:10:06:fa:97:01:e6:b5:11:
                    2c:7d:cd:81:42:0a:49:77:3d:70:19:c7:36:38:00:
                    80:d1:62:93:0f:41:5d:0f:22:30:7c:80:8d:0f:da:
                    a2:dd:09:cb:9c:93:bf:b2:ea:bb:88:7a:cf:29:d2:
                    4e:b8:69:f8:2c:4a:bb:3f:99:e2:51:76:8a:7b:ec:
                    bc:b9:7c:7d:5f:a6:14:82:47:03:2b:63:ca:de:08:
                    dc:7c:3d:5d:08:71:f2:d4:40:10:86:70:6e:22:75:
                    98:c9:78:56:36:d9:af:81:79:24:67:37:be:2c:e6:
                    e2:82:b1:b2:35:16:e6:17:e2:10:ff:70:b8:e1:29:
                    1d:c9:67:ed:71:65:07:9e:0c:fe:5c:ae:cf:08:0c:
                    f2:4a:9c:dc:ea:a7:35:9d:86:42:e5:cc:0d:24:3f:
                    2d:8d:1a:76:21:42:f4:84:30:a3:be:3f:6a:89:1c:
                    39:55:4e:ff:8d:be:2f:da:93:d2:0e:40:e5:17:d3:
                    b9:37:29:7f:6f:97:db:21:70:1f:e2:e0:a5:fd:25:
                    63:ca:6c:d9:a9:1b:82:00:22:fd:80:ba:c6:e6:f9:
                    84:a4:79:3f:7b:5c:80:2e:6c:b5:f2:8e:92:8a:6d:
                    ae:ff:bd:e6:93:cf:d1:be:a6:d4:6f:d0:8e:94:e6:
                    97:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:B1:CB:A1:95:6E:4D:46:31:3A:32:74:37:F9:A5:8D:6E:2A:C4:D8
            X509v3 Authority Key Identifier:
                keyid:4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:df:cf:80:22:9f:f0:b1:49:73:98:56:d7:7b:78:1e:cd:ff:
         c6:3e:07:85:f9:b0:cc:20:2e:72:ef:2e:5f:dc:12:3f:1c:20:
         a8:41:d0:38:ea:96:00:01:50:13:81:7f:da:d6:4f:9e:f5:a4:
         8a:8f:a7:92:99:a8:11:b8:6e:d3:dd:65:79:81:a7:b6:3f:ab:
         39:2d:f9:44:d9:4f:a0:07:47:59:42:09:0b:be:d7:e3:c8:86:
         ed:c8:90:20:8e:b6:59:6f:7c:8a:f8:a4:ad:f4:d4:2b:c8:23:
         1d:d8:f9:97:61:9a:21:dd:b5:fb:41:51:8b:ba:55:51:f0:e6:
         26:05:73:b6:4d:b7:8d:4e:65:fc:81:e8:a0:27:f4:6d:f6:dc:
         bd:8e:d8:e8:32:0d:02:73:f9:cd:39:f1:35:b1:21:8f:ff:84:
         74:fd:a0:c3:36:21:c2:18:29:3c:87:63:5c:1a:d9:2f:92:68:
         2b:1f:40:9d:01:90:50:d5:b7:f6:66:b4:8e:ef:dd:bc:22:32:
         b7:79:37:41:a3:ef:53:96:f7:fa:c2:25:29:f1:7f:19:5c:0e:
         7b:5a:e0:32:cf:7f:eb:b2:3c:98:15:3f:9d:06:7d:67:be:fd:
         39:57:a4:d5:0d:19:40:8b:18:36:bb:76:9f:fc:ab:f1:91:e4:
         ca:19:cd:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04077MZqlh2vq8YpUMrYCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDM3N2JlOGFmMTE0NzhhOWFiZTI3MWY4YmRlMmRlM2Qz
MzM0MDgwHhcNMjYwMzI5MDkwMTM0WhcNMjYwMzMwMDkwMTM0WjAzMTEwLwYDVQQD
Eyg4NmIxY2JhMTk1NmU0ZDQ2MzEzYTMyNzQzN2Y5YTU4ZDZlMmFjNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9N++m+vREAb6lwHmtREsfc2BQgpJ
dz1wGcc2OACA0WKTD0FdDyIwfICND9qi3QnLnJO/suq7iHrPKdJOuGn4LEq7P5ni
UXaKe+y8uXx9X6YUgkcDK2PK3gjcfD1dCHHy1EAQhnBuInWYyXhWNtmvgXkkZze+
LObigrGyNRbmF+IQ/3C44SkdyWftcWUHngz+XK7PCAzySpzc6qc1nYZC5cwNJD8t
jRp2IUL0hDCjvj9qiRw5VU7/jb4v2pPSDkDlF9O5Nyl/b5fbIXAf4uCl/SVjymzZ
qRuCACL9gLrG5vmEpHk/e1yALmy18o6Sim2u/73mk8/RvqbUb9COlOaXDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIaxy6GVbk1GMToydDf5pY1uKsTYMB8GA1UdIwQY
MBaAFEzTd76K8RR4qavicfi94t49MzQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMt
YjEyZWIxY2VhYTE0LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMtYjEyZWIxY2VhYTE0
LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASN/PgCKf
8LFJc5hW13t4Hs3/xj4HhfmwzCAucu8uX9wSPxwgqEHQOOqWAAFQE4F/2tZPnvWk
io+nkpmoEbhu091leYGntj+rOS35RNlPoAdHWUIJC77X48iG7ciQII62WW98ivik
rfTUK8gjHdj5l2GaId21+0FRi7pVUfDmJgVztk23jU5l/IHooCf0bfbcvY7Y6DIN
AnP5zTnxNbEhj/+EdP2gwzYhwhgpPIdjXBrZL5JoKx9AnQGQUNW39ma0ju/dvCIy
t3k3QaPvU5b3+sIlKfF/GVwOe1rgMs9/67I8mBU/nQZ9Z779OVek1Q0ZQIsYNrt2
n/yr8ZHkyhnNdw==
-----END CERTIFICATE-----