Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
File:                     TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json)
Hash identifier:          Nc+jgcAxcHOCSUXJdfmQT3GYgTiZrt7lrxEwY3tNsrQ=
Subject key identifier:   93:A4:F5:E3:4E:B7:44:F9:80:67:AE:56:B7:DD:04:FF:66:A3:E1:AD
Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F
Certificate issuer:       /CN=4d2855de3714672e7eab071e161d11a030d3d38f
Certificate serial:       019CE47ECA87C773D13C53DA379B75C35BB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
Manifest number:          051D
Signing time:             Fri 13 Mar 2026 00:00:40 +0000
Manifest this update:     Fri 13 Mar 2026 00:00:40 +0000
Manifest next update:     Sat 14 Mar 2026 00:00:40 +0000
Files and hashes:         1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: jZuEm2oxcqjFdNe6pErCVo/4nsMqr4Hpmd0OWY6egag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Mar 2026 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:e4:7e:ca:87:c7:73:d1:3c:53:da:37:9b:75:c3:5b:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f
        Validity
            Not Before: Mar 13 00:00:40 2026 GMT
            Not After : Mar 14 00:00:40 2026 GMT
        Subject: CN=93a4f5e34eb744f98067ae56b7dd04ff66a3e1ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:55:a5:65:a6:91:33:3c:d6:04:62:c6:ce:4b:
                    50:01:44:28:4c:91:4d:1a:c9:e4:dc:e5:dd:10:58:
                    07:64:80:9b:eb:12:5b:ad:6c:32:ea:10:dd:91:8c:
                    49:e4:bf:cc:b6:b4:9f:93:e3:4d:48:fb:a8:15:74:
                    9e:34:71:8a:e7:1d:6d:bb:2a:ef:29:04:42:32:2c:
                    bd:d2:b3:02:dc:f7:4a:17:56:87:cd:c8:cf:64:1d:
                    73:c3:91:81:b6:f1:66:85:87:15:a7:9f:81:e6:df:
                    20:1b:f4:1f:30:72:89:af:0f:68:6f:90:2c:fc:6b:
                    96:09:4f:57:34:26:1f:20:0d:f3:d2:98:b0:df:fa:
                    95:33:17:ed:e7:f9:d2:d0:fe:7e:4f:6f:31:85:96:
                    59:f9:ec:54:6b:08:06:d8:5e:50:2a:d8:8b:38:a0:
                    b5:77:43:77:a3:dd:4c:e8:ac:cc:29:40:f6:b4:76:
                    7d:a5:97:94:8c:b7:7d:cb:63:27:ce:45:c0:30:9d:
                    7d:7e:84:40:0e:24:fd:02:86:27:6a:9b:31:08:bd:
                    e8:8c:96:74:56:b9:2a:49:7b:94:6c:a3:db:82:b5:
                    89:86:85:2b:a4:65:b4:68:bb:5f:82:eb:de:14:a9:
                    f2:29:16:11:5f:51:5e:18:b8:23:90:c3:03:52:4c:
                    6e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:A4:F5:E3:4E:B7:44:F9:80:67:AE:56:B7:DD:04:FF:66:A3:E1:AD
            X509v3 Authority Key Identifier:
                keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:6c:e4:a3:bd:62:6e:36:e7:eb:f5:06:19:86:e3:2d:a4:2d:
         90:8a:39:f0:a7:1d:92:70:0d:11:a9:ce:70:0b:ff:0a:67:19:
         8f:5b:b7:65:ea:36:97:6e:46:03:49:25:8f:07:ac:1a:21:16:
         1f:f7:a6:13:59:de:4d:8a:82:17:96:80:60:0f:07:3f:a3:9a:
         d5:3f:f9:40:74:01:00:1f:46:7a:7c:7c:9a:02:e4:c2:9b:27:
         84:6d:f5:85:7c:86:38:12:d1:ec:87:fb:ca:0b:8f:73:32:4d:
         e4:f8:fd:0e:f0:73:0f:6c:85:b5:da:91:32:70:cc:e6:53:c8:
         e5:fd:1d:18:78:90:49:f5:5f:45:94:17:5e:de:21:97:09:09:
         13:c6:f8:e6:4d:50:ab:80:70:2d:42:e5:e3:fe:04:5d:92:20:
         1f:90:c9:db:c9:19:eb:85:b5:4e:5a:62:53:83:b1:27:43:a4:
         17:e1:39:b8:c6:d4:df:9c:59:d3:c0:79:a2:64:07:9e:15:e1:
         81:ac:15:d4:54:a0:05:a2:04:75:9d:5d:ac:37:a7:a3:b4:cd:
         a4:e6:84:41:23:04:32:05:1e:d9:38:41:e0:9b:3d:fc:07:9c:
         f4:99:75:68:5b:79:d7:ab:db:dd:c2:1c:bc:18:3e:18:ac:82:
         59:66:5c:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzkfsqHx3PRPFPaN5t1w1u1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk
M2QzOGYwHhcNMjYwMzEzMDAwMDQwWhcNMjYwMzE0MDAwMDQwWjAzMTEwLwYDVQQD
Eyg5M2E0ZjVlMzRlYjc0NGY5ODA2N2FlNTZiN2RkMDRmZjY2YTNlMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1WlZaaRMzzWBGLGzktQAUQoTJFN
Gsnk3OXdEFgHZICb6xJbrWwy6hDdkYxJ5L/MtrSfk+NNSPuoFXSeNHGK5x1tuyrv
KQRCMiy90rMC3PdKF1aHzcjPZB1zw5GBtvFmhYcVp5+B5t8gG/QfMHKJrw9ob5As
/GuWCU9XNCYfIA3z0piw3/qVMxft5/nS0P5+T28xhZZZ+exUawgG2F5QKtiLOKC1
d0N3o91M6KzMKUD2tHZ9pZeUjLd9y2MnzkXAMJ19foRADiT9AoYnapsxCL3ojJZ0
VrkqSXuUbKPbgrWJhoUrpGW0aLtfguveFKnyKRYRX1FeGLgjkMMDUkxuswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOk9eNOt0T5gGeuVrfdBP9mo+GtMB8GA1UdIwQY
MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt
MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx
LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATWzko71i
bjbn6/UGGYbjLaQtkIo58KcdknANEanOcAv/CmcZj1u3Zeo2l25GA0kljwesGiEW
H/emE1neTYqCF5aAYA8HP6Oa1T/5QHQBAB9Genx8mgLkwpsnhG31hXyGOBLR7If7
yguPczJN5Pj9DvBzD2yFtdqRMnDM5lPI5f0dGHiQSfVfRZQXXt4hlwkJE8b45k1Q
q4BwLULl4/4EXZIgH5DJ28kZ64W1TlpiU4OxJ0OkF+E5uMbU35xZ08B5omQHnhXh
gawV1FSgBaIEdZ1drDeno7TNpOaEQSMEMgUe2ThB4Js9/Aec9Jl1aFt516vb3cIc
vBg+GKyCWWZcFw==
-----END CERTIFICATE-----