Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          8XhWJXSKzEKhT/qjIcaXwqi230Fznh+BZjFGo0bTCBs=
Subject key identifier:   C2:FF:6E:AF:63:20:5D:87:D6:33:CA:3A:65:2B:74:F2:B1:3E:84:2E
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       019D37C07DF2F9A631377DD507C9934EF840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          07C4
Signing time:             Sun 29 Mar 2026 04:00:55 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:55 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:55 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: z/Vt8GRAtivpJD2el3RsFDHKw6Jd5nNTxI+YcQ8hQek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:7d:f2:f9:a6:31:37:7d:d5:07:c9:93:4e:f8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Mar 29 04:00:55 2026 GMT
            Not After : Mar 30 04:00:55 2026 GMT
        Subject: CN=c2ff6eaf63205d87d633ca3a652b74f2b13e842e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:34:5e:09:af:69:f4:4b:e2:cb:52:f8:f7:09:
                    83:71:0c:4f:70:e3:c4:1c:14:ad:63:08:68:9a:6e:
                    ef:ef:76:ce:47:ef:bc:fa:53:ae:b0:26:3e:41:ec:
                    cc:85:37:a2:47:6d:f2:05:73:a7:09:e6:4b:c6:3f:
                    c8:3d:81:13:27:ac:ab:ff:80:dc:c2:cb:8a:44:7a:
                    51:45:b0:3e:6d:54:2a:71:f4:5d:c8:e1:d8:b4:e6:
                    e3:0f:27:00:ed:0c:90:15:92:41:a2:2a:2d:99:ed:
                    f9:9b:69:bb:f6:a3:81:cf:73:53:b0:25:ab:79:d1:
                    2c:1b:48:1d:13:71:36:d5:00:f4:01:b1:6a:11:40:
                    c8:c2:54:92:16:c5:f8:f9:0d:a6:d9:13:aa:cc:28:
                    c1:0d:5b:f1:95:50:5f:46:8a:8e:5d:54:17:79:85:
                    1f:68:c2:e7:b9:fb:f3:21:47:57:34:73:1d:92:b8:
                    0f:21:2e:a5:f4:ff:1d:ab:52:3b:fc:3d:45:a1:17:
                    d5:67:30:60:b5:f5:08:73:5d:05:6c:9b:4c:2b:a3:
                    6a:2f:90:58:29:f6:13:a6:90:e9:9d:6d:d1:80:01:
                    5d:6d:40:85:bd:18:4e:f0:7c:3d:df:98:c6:d0:b5:
                    40:3a:16:54:27:1e:2d:cc:3b:c1:de:84:d3:e4:75:
                    a6:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:FF:6E:AF:63:20:5D:87:D6:33:CA:3A:65:2B:74:F2:B1:3E:84:2E
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:0a:52:65:de:cb:02:c9:67:0d:20:af:79:65:28:34:65:bc:
         93:d6:a0:d7:18:de:b6:c3:02:c9:4d:41:37:01:8f:06:dd:2a:
         cb:9c:0b:ad:44:b7:de:93:ae:30:63:f3:40:e7:ed:a0:9e:71:
         2a:ef:09:71:81:35:7d:12:c9:7a:f1:d8:47:70:e2:98:5e:93:
         63:a3:c0:15:37:46:5e:ed:61:8c:fc:11:7b:fc:ba:7a:c9:cb:
         27:1b:ff:67:75:1f:a5:4b:6a:db:ce:c3:ce:43:ca:11:a8:17:
         70:78:44:fb:8d:ae:c1:55:57:52:28:0c:2c:44:95:da:0e:14:
         8f:c9:cb:0b:69:c1:0e:a0:37:f8:f3:9e:0b:7a:14:1d:b8:6d:
         07:ae:12:3d:61:f4:d3:a8:8e:36:e0:fd:8e:ff:fa:0f:ba:d8:
         b5:46:b8:a6:a6:de:8e:b6:7f:75:ea:df:2c:8e:c6:77:c4:92:
         50:c5:9b:86:5e:e0:5c:12:a3:69:a8:f2:19:17:6e:d8:73:11:
         ca:c7:69:c9:13:a2:5a:25:cd:29:f5:14:57:1b:af:eb:d9:ed:
         72:6d:73:4b:e9:3a:72:d4:54:bb:bb:7b:d9:83:40:9c:29:25:
         d9:47:7c:4a:b4:a3:2e:ce:37:27:f0:67:0a:19:08:8e:98:25:
         da:c5:1d:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wH3y+aYxN33VB8mTTvhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjYwMzI5MDQwMDU1WhcNMjYwMzMwMDQwMDU1WjAzMTEwLwYDVQQD
EyhjMmZmNmVhZjYzMjA1ZDg3ZDYzM2NhM2E2NTJiNzRmMmIxM2U4NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzReCa9p9Eviy1L49wmDcQxPcOPE
HBStYwhomm7v73bOR++8+lOusCY+QezMhTeiR23yBXOnCeZLxj/IPYETJ6yr/4Dc
wsuKRHpRRbA+bVQqcfRdyOHYtObjDycA7QyQFZJBoiotme35m2m79qOBz3NTsCWr
edEsG0gdE3E21QD0AbFqEUDIwlSSFsX4+Q2m2ROqzCjBDVvxlVBfRoqOXVQXeYUf
aMLnufvzIUdXNHMdkrgPIS6l9P8dq1I7/D1FoRfVZzBgtfUIc10FbJtMK6NqL5BY
KfYTppDpnW3RgAFdbUCFvRhO8Hw935jG0LVAOhZUJx4tzDvB3oTT5HWmfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFML/bq9jIF2H1jPKOmUrdPKxPoQuMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQpSZd7L
AslnDSCveWUoNGW8k9ag1xjetsMCyU1BNwGPBt0qy5wLrUS33pOuMGPzQOftoJ5x
Ku8JcYE1fRLJevHYR3DimF6TY6PAFTdGXu1hjPwRe/y6esnLJxv/Z3UfpUtq287D
zkPKEagXcHhE+42uwVVXUigMLESV2g4Uj8nLC2nBDqA3+POeC3oUHbhtB64SPWH0
06iONuD9jv/6D7rYtUa4pqbejrZ/derfLI7Gd8SSUMWbhl7gXBKjaajyGRdu2HMR
ysdpyROiWiXNKfUUVxuv69ntcm1zS+k6ctRUu7t72YNAnCkl2Ud8SrSjLs43J/Bn
ChkIjpgl2sUd+A==
-----END CERTIFICATE-----