Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          rdzn4joNeChfrrHQ8J64JVuIfTcbHLpXbMVNW28+JKI=
Subject key identifier:   4F:48:BF:E1:A8:5C:AB:00:4B:78:54:14:B6:0E:54:77:59:61:1C:42
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       019D386642B1BE62B809F0962A2DFD7D880A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          09FF
Signing time:             Sun 29 Mar 2026 07:01:58 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:58 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:58 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: +Tp6kGdsUd8XreSNunsSPsrx+wzmfzw/l/heGwOln44=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:42:b1:be:62:b8:09:f0:96:2a:2d:fd:7d:88:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Mar 29 07:01:58 2026 GMT
            Not After : Mar 30 07:01:58 2026 GMT
        Subject: CN=4f48bfe1a85cab004b785414b60e547759611c42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a1:e0:5c:f6:eb:46:9d:29:f1:25:a4:41:2e:
                    04:e1:14:74:8b:93:8f:8d:32:2e:f4:3a:bd:20:03:
                    22:d9:b8:08:fa:9d:78:ec:35:98:95:9c:50:a5:48:
                    53:a1:26:a8:8b:6b:7c:99:69:35:ee:79:5f:24:4e:
                    69:45:47:b8:3f:99:a8:42:a8:bd:bf:b1:ce:20:ac:
                    31:43:08:9a:45:25:cc:72:12:00:58:24:93:c4:b2:
                    16:68:c5:7f:8c:b1:7b:56:92:e3:11:af:93:25:23:
                    da:cc:34:23:fc:9c:a2:74:e1:fd:62:fb:34:5d:86:
                    b8:22:42:14:48:ea:ba:a4:d2:2b:0f:6e:d4:20:7c:
                    d2:f2:d2:f2:ef:f0:92:4c:d9:84:e1:ce:8f:b1:d0:
                    9c:0a:87:6b:f1:40:ca:51:78:32:20:2f:74:a5:65:
                    4f:9b:ae:ac:4a:d1:52:e1:11:4f:77:56:1b:4c:d8:
                    8c:de:76:a5:9f:fc:8d:bc:6c:ce:37:02:66:1c:47:
                    2a:4c:63:83:1c:f2:86:13:dd:ed:6a:ec:1a:f9:49:
                    bd:0d:4f:34:54:c9:d5:e0:ae:0a:11:f8:60:ff:d7:
                    9b:99:dc:9a:53:6a:65:79:e2:ac:0c:83:4c:c0:7e:
                    b8:5a:d8:81:1f:18:97:e9:6e:13:88:64:ad:a5:a8:
                    22:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:48:BF:E1:A8:5C:AB:00:4B:78:54:14:B6:0E:54:77:59:61:1C:42
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:d7:cb:8c:60:00:ea:4a:d1:14:12:af:8c:bc:ec:cd:f3:af:
         1d:d0:ab:50:6c:65:53:ef:ef:58:7b:c1:24:ff:d4:44:c6:a7:
         03:64:b0:d3:5a:ab:bd:93:14:d4:e4:a5:60:de:85:93:67:d6:
         c9:04:ff:82:30:65:39:2c:c5:b4:2a:61:52:a7:66:e0:8e:aa:
         21:0e:75:de:9b:ba:62:23:73:04:77:d3:5b:3a:ac:c6:fe:a9:
         4e:43:3f:85:5b:2b:2d:e9:f1:2d:67:48:98:f2:fa:74:5a:70:
         02:88:d6:51:28:ce:d9:52:0e:d5:3e:98:47:85:f8:22:2a:f3:
         ef:58:ff:ab:e4:d8:f5:eb:3e:ff:31:6e:cd:25:48:63:c6:38:
         5c:5c:7a:31:11:5d:33:21:60:b4:5f:85:ed:53:5d:6f:7e:54:
         06:54:7e:e7:68:49:19:cb:e9:37:17:36:42:ae:c9:e1:e0:6a:
         d8:8f:a1:8d:76:48:40:bc:fd:03:cf:81:ee:f2:26:92:3e:4d:
         b2:61:c8:2e:2d:2a:6c:1e:75:b4:8d:18:17:31:04:cf:ca:a5:
         c4:e6:6a:8f:54:86:81:11:52:01:86:39:0d:f9:47:d2:23:a4:
         7b:f4:3c:51:d1:6a:c3:b7:23:3f:4a:a4:48:cc:fa:6b:64:69:
         a6:8f:9b:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkKxvmK4CfCWKi39fYgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjYwMzI5MDcwMTU4WhcNMjYwMzMwMDcwMTU4WjAzMTEwLwYDVQQD
Eyg0ZjQ4YmZlMWE4NWNhYjAwNGI3ODU0MTRiNjBlNTQ3NzU5NjExYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKHgXPbrRp0p8SWkQS4E4RR0i5OP
jTIu9Dq9IAMi2bgI+p147DWYlZxQpUhToSaoi2t8mWk17nlfJE5pRUe4P5moQqi9
v7HOIKwxQwiaRSXMchIAWCSTxLIWaMV/jLF7VpLjEa+TJSPazDQj/JyidOH9Yvs0
XYa4IkIUSOq6pNIrD27UIHzS8tLy7/CSTNmE4c6PsdCcCodr8UDKUXgyIC90pWVP
m66sStFS4RFPd1YbTNiM3naln/yNvGzONwJmHEcqTGODHPKGE93tauwa+Um9DU80
VMnV4K4KEfhg/9ebmdyaU2pleeKsDINMwH64WtiBHxiX6W4TiGStpagiQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9Iv+GoXKsAS3hUFLYOVHdZYRxCMB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9fLjGAA
6krRFBKvjLzszfOvHdCrUGxlU+/vWHvBJP/URManA2Sw01qrvZMU1OSlYN6Fk2fW
yQT/gjBlOSzFtCphUqdm4I6qIQ513pu6YiNzBHfTWzqsxv6pTkM/hVsrLenxLWdI
mPL6dFpwAojWUSjO2VIO1T6YR4X4Iirz71j/q+TY9es+/zFuzSVIY8Y4XFx6MRFd
MyFgtF+F7VNdb35UBlR+52hJGcvpNxc2Qq7J4eBq2I+hjXZIQLz9A8+B7vImkj5N
smHILi0qbB51tI0YFzEEz8qlxOZqj1SGgRFSAYY5DflH0iOke/Q8UdFqw7cjP0qk
SMz6a2Rppo+bZg==
-----END CERTIFICATE-----