Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          arYdT3PiM2n8TMnKGMWmUiziSHFYVf3FIfNc3+SdZOo=
Subject key identifier:   93:67:7E:11:13:53:3E:1D:6E:98:B3:5B:03:C1:D1:50:EA:3E:2B:CB
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       019D3A8AB9FA3AD20369DF201F975460C061
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          0B17
Signing time:             Sun 29 Mar 2026 17:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 17:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 17:01:03 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: Hhj5G0svKJxTqJSZA4tVGIZrV5Y/p1AlkA1FocYDVcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:b9:fa:3a:d2:03:69:df:20:1f:97:54:60:c0:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Mar 29 17:01:03 2026 GMT
            Not After : Mar 30 17:01:03 2026 GMT
        Subject: CN=93677e1113533e1d6e98b35b03c1d150ea3e2bcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cb:86:6d:e2:33:03:bd:53:07:10:cd:13:b6:
                    6e:d5:fe:08:07:55:6d:9a:9f:f6:b6:00:9c:82:c3:
                    90:cb:ec:86:7f:40:4f:38:ec:6b:1e:6a:a4:42:11:
                    0e:90:9f:ba:23:35:c1:e5:04:9e:e6:6c:78:8d:19:
                    36:fa:17:ca:13:87:18:14:e5:04:71:00:2a:0a:d9:
                    9c:4c:e7:c8:7c:e0:c5:fb:80:64:14:33:39:75:e7:
                    bd:de:6b:80:bb:a5:81:de:53:f9:bb:69:bb:f0:8b:
                    cd:96:e1:7b:22:d4:09:c2:e5:4a:87:5a:8d:dc:f2:
                    38:12:a5:4f:a0:60:ae:3e:7a:92:c8:3a:d9:86:b4:
                    5c:36:76:22:b5:35:ba:47:ca:fa:e8:36:84:4f:4d:
                    88:ef:53:c3:f8:ac:21:93:be:72:c4:e7:2d:38:08:
                    97:d4:41:27:c5:49:ab:91:2e:7a:8f:a6:a6:03:87:
                    36:99:a8:58:2f:e9:2a:60:5a:c6:e1:9e:51:8a:90:
                    30:2c:cb:67:c1:74:47:68:8a:dd:3f:cb:c3:51:bc:
                    89:50:84:cf:7f:b6:98:36:8c:95:e0:60:42:b1:c2:
                    27:bf:28:a5:69:71:83:c4:af:1d:45:66:08:4b:28:
                    f8:f5:59:bb:3a:b0:b8:08:c3:45:73:2c:93:35:41:
                    cc:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:67:7E:11:13:53:3E:1D:6E:98:B3:5B:03:C1:D1:50:EA:3E:2B:CB
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:ef:20:46:48:47:67:d9:5c:ae:c5:18:36:5b:98:53:83:fb:
         4a:58:c2:6d:ce:10:ca:bc:02:24:bd:4f:0e:d2:56:3f:d6:97:
         22:2f:71:70:6c:5c:ac:89:00:b3:f8:e5:77:90:98:32:da:34:
         20:c7:10:35:ef:a4:eb:9e:fc:06:39:af:a2:22:97:30:c4:6b:
         f8:2f:e1:b1:0c:3d:23:86:90:6e:b1:87:fc:15:99:33:0a:b3:
         9c:00:8b:3b:97:27:cd:35:72:f9:4c:43:08:a0:b2:a8:a6:9d:
         30:0f:83:50:c3:ca:60:6e:ad:b4:4a:8d:1f:49:9e:6a:f2:eb:
         72:8d:52:df:bc:2a:2c:58:7c:15:c1:09:55:2c:0a:19:fc:49:
         d0:94:64:9e:6e:d7:65:ec:2f:f4:69:91:cc:f1:4a:1a:96:0f:
         e2:d9:da:50:17:8c:d8:5a:8e:d2:49:7f:96:f0:35:66:b2:41:
         b2:0b:4c:b3:bc:c3:e5:30:e5:52:4f:34:90:56:3c:32:e0:dc:
         d7:7f:38:97:25:e0:34:f2:9e:c8:16:d0:0b:37:f8:f7:65:e1:
         98:bc:7b:83:35:47:c9:ec:03:6f:39:ce:d4:11:1b:cd:31:89:
         8c:e0:e5:66:d0:ca:c0:fd:f8:a3:22:de:7c:6e:e6:86:a8:1f:
         0f:c4:3f:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06irn6OtIDad8gH5dUYMBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjYwMzI5MTcwMTAzWhcNMjYwMzMwMTcwMTAzWjAzMTEwLwYDVQQD
Eyg5MzY3N2UxMTEzNTMzZTFkNmU5OGIzNWIwM2MxZDE1MGVhM2UyYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysuGbeIzA71TBxDNE7Zu1f4IB1Vt
mp/2tgCcgsOQy+yGf0BPOOxrHmqkQhEOkJ+6IzXB5QSe5mx4jRk2+hfKE4cYFOUE
cQAqCtmcTOfIfODF+4BkFDM5dee93muAu6WB3lP5u2m78IvNluF7ItQJwuVKh1qN
3PI4EqVPoGCuPnqSyDrZhrRcNnYitTW6R8r66DaET02I71PD+Kwhk75yxOctOAiX
1EEnxUmrkS56j6amA4c2mahYL+kqYFrG4Z5RipAwLMtnwXRHaIrdP8vDUbyJUITP
f7aYNoyV4GBCscInvyilaXGDxK8dRWYISyj49Vm7OrC4CMNFcyyTNUHMpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNnfhETUz4dbpizWwPB0VDqPivLMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKe8gRkhH
Z9lcrsUYNluYU4P7SljCbc4QyrwCJL1PDtJWP9aXIi9xcGxcrIkAs/jld5CYMto0
IMcQNe+k6578BjmvoiKXMMRr+C/hsQw9I4aQbrGH/BWZMwqznACLO5cnzTVy+UxD
CKCyqKadMA+DUMPKYG6ttEqNH0meavLrco1S37wqLFh8FcEJVSwKGfxJ0JRknm7X
Zewv9GmRzPFKGpYP4tnaUBeM2FqO0kl/lvA1ZrJBsgtMs7zD5TDlUk80kFY8MuDc
1384lyXgNPKeyBbQCzf492XhmLx7gzVHyewDbznO1BEbzTGJjODlZtDKwP34oyLe
fG7mhqgfD8Q/WA==
-----END CERTIFICATE-----