Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
File:                     Tle6dst9bSrsBSA89BuOZxbufqA.mft (raw, json)
Hash identifier:          J3jmJ3t6nd8JtsODbWGg7IovxmYqRxd+8HKKaMHLMkM=
Subject key identifier:   60:6D:89:6B:9B:95:64:B5:DA:A7:00:40:39:1D:D0:7E:16:42:DD:AE
Authority key identifier: 4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0
Certificate issuer:       /CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
Certificate serial:       019D38657DBDB99D7F6989C51EF2E20797BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
Manifest number:          11B4
Signing time:             Sun 29 Mar 2026 07:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:08 +0000
Files and hashes:         1: Tle6dst9bSrsBSA89BuOZxbufqA.crl (hash: 4BE1f8uJ3BJTkUg3VAuXbKN/Fe+epU0zLSwc3syK6QY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:7d:bd:b9:9d:7f:69:89:c5:1e:f2:e2:07:97:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e57ba76cb7d6d2aec05203cf41b8e6716ee7ea0
        Validity
            Not Before: Mar 29 07:01:08 2026 GMT
            Not After : Mar 30 07:01:08 2026 GMT
        Subject: CN=606d896b9b9564b5daa70040391dd07e1642ddae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8f:2e:f4:65:05:08:fe:75:42:53:65:82:af:
                    51:db:59:5f:a6:b7:e0:7c:ea:f5:32:59:50:a2:fc:
                    78:a1:19:98:79:a5:a9:27:dd:b2:26:2d:c6:99:a3:
                    e3:24:ac:3e:3b:7c:0b:53:39:0d:c3:af:cb:62:1f:
                    f4:bb:6a:83:0a:52:cc:67:15:20:25:f8:56:7b:49:
                    90:1b:93:42:2f:8d:dd:85:4e:e9:95:e4:8f:f6:ed:
                    e2:7f:c2:54:30:46:19:b2:01:15:49:66:77:81:dc:
                    8c:7b:86:4e:fc:97:b7:42:78:9a:63:91:74:76:24:
                    45:1e:3a:b7:6f:93:73:71:91:28:58:49:0a:97:2f:
                    e8:bd:37:5f:10:6d:ad:df:4e:a9:42:8a:05:85:74:
                    41:0a:06:a4:42:5e:7e:73:e2:2f:f1:58:d2:74:51:
                    b6:36:8f:e4:0b:f4:d1:95:a4:c3:f9:d2:56:45:24:
                    79:31:be:a7:bf:7c:2c:bd:a5:fb:ae:13:86:27:8f:
                    87:01:02:41:c8:b5:cb:8a:d9:be:4c:44:7e:af:93:
                    60:c6:31:07:29:15:53:f0:6e:82:7a:d8:44:49:50:
                    0f:48:2a:ea:a6:46:dd:36:1d:0f:45:b8:28:31:b3:
                    8b:8b:55:2b:bf:46:0c:18:7f:4b:89:72:4e:b4:54:
                    96:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:6D:89:6B:9B:95:64:B5:DA:A7:00:40:39:1D:D0:7E:16:42:DD:AE
            X509v3 Authority Key Identifier:
                keyid:4E:57:BA:76:CB:7D:6D:2A:EC:05:20:3C:F4:1B:8E:67:16:EE:7E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tle6dst9bSrsBSA89BuOZxbufqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/69e7fe-40c0-45c2-b2b1-b72d7adbfb96/1/Tle6dst9bSrsBSA89BuOZxbufqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:1e:04:6f:62:99:7a:0f:bd:b6:02:a9:2c:42:7d:88:30:c9:
         b3:c9:03:c0:1a:19:62:12:1a:9c:aa:41:1c:15:db:68:d7:74:
         e0:d9:a0:1a:59:74:4b:84:22:1e:bd:3e:47:86:27:82:ef:27:
         6d:a5:6b:d9:e3:8f:ea:ff:11:c0:ee:cf:aa:9c:c7:76:b9:b2:
         4e:78:c7:96:d6:ff:0f:74:af:75:c6:8c:d6:5b:dc:e5:47:ee:
         fe:46:ad:fc:6f:3b:44:59:ad:3e:67:13:28:fc:d6:3c:5c:60:
         8f:79:28:cd:c7:68:44:34:3b:fe:86:8f:52:be:d0:3e:c0:59:
         da:00:03:da:a4:52:cc:44:6f:a6:14:69:da:76:53:9e:6f:09:
         3e:af:66:39:ad:1c:ad:ea:e3:34:24:fb:51:fa:67:c0:3e:d9:
         ae:6a:4f:56:56:af:7c:b1:ee:de:6e:25:87:12:bc:96:b6:ef:
         dc:08:6c:f6:05:f4:0f:f3:ea:7d:95:b5:87:23:72:1b:25:08:
         e8:58:62:04:0d:ff:52:d6:2a:06:a3:a5:39:7c:8b:24:41:52:
         e6:d4:8d:d5:6b:e3:71:2f:5f:ae:d5:66:43:db:85:7b:3d:dc:
         f8:99:5a:e6:76:54:73:c9:da:b0:fb:12:52:ee:ac:03:ea:63:
         cf:7e:12:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZX29uZ1/aYnFHvLiB5e/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTdiYTc2Y2I3ZDZkMmFlYzA1MjAzY2Y0MWI4ZTY3MTZl
ZTdlYTAwHhcNMjYwMzI5MDcwMTA4WhcNMjYwMzMwMDcwMTA4WjAzMTEwLwYDVQQD
Eyg2MDZkODk2YjliOTU2NGI1ZGFhNzAwNDAzOTFkZDA3ZTE2NDJkZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY8u9GUFCP51QlNlgq9R21lfprfg
fOr1MllQovx4oRmYeaWpJ92yJi3GmaPjJKw+O3wLUzkNw6/LYh/0u2qDClLMZxUg
JfhWe0mQG5NCL43dhU7pleSP9u3if8JUMEYZsgEVSWZ3gdyMe4ZO/Je3QniaY5F0
diRFHjq3b5NzcZEoWEkKly/ovTdfEG2t306pQooFhXRBCgakQl5+c+Iv8VjSdFG2
No/kC/TRlaTD+dJWRSR5Mb6nv3wsvaX7rhOGJ4+HAQJByLXLitm+TER+r5NgxjEH
KRVT8G6CethESVAPSCrqpkbdNh0PRbgoMbOLi1Urv0YMGH9LiXJOtFSWFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBtiWublWS12qcAQDkd0H4WQt2uMB8GA1UdIwQY
MBaAFE5XunbLfW0q7AUgPPQbjmcW7n6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEt
YjcyZDdhZGJmYjk2LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82OWU3ZmUtNDBjMC00NWMyLWIyYjEtYjcyZDdhZGJmYjk2
LzEvVGxlNmRzdDliU3JzQlNBODlCdU9aeGJ1ZnFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZh4Eb2KZ
eg+9tgKpLEJ9iDDJs8kDwBoZYhIanKpBHBXbaNd04NmgGll0S4QiHr0+R4Yngu8n
baVr2eOP6v8RwO7PqpzHdrmyTnjHltb/D3SvdcaM1lvc5Ufu/kat/G87RFmtPmcT
KPzWPFxgj3kozcdoRDQ7/oaPUr7QPsBZ2gAD2qRSzERvphRp2nZTnm8JPq9mOa0c
rerjNCT7UfpnwD7ZrmpPVlavfLHu3m4lhxK8lrbv3Ahs9gX0D/PqfZW1hyNyGyUI
6FhiBA3/UtYqBqOlOXyLJEFS5tSN1WvjcS9frtVmQ9uFez3c+Jla5nZUc8nasPsS
Uu6sA+pjz34SfA==
-----END CERTIFICATE-----