Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
File:                     TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft (raw, json)
Hash identifier:          o0+7541q3l6wC3HQO2JZ3A3ts4bs4QAsxXnZCzdD6aA=
Subject key identifier:   4F:2D:75:50:E1:CE:50:E1:05:65:C6:2C:E4:9D:5D:80:29:A7:FB:C4
Authority key identifier: 4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34
Certificate issuer:       /CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
Certificate serial:       019D38D3B35928C56D64B86C69D0E3709356
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:31 +0000
Files and hashes:         1: TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl (hash: SM9mBYEG5XTaijth7d/9VdjU9apI/+ZZR6blrHwBeBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:b3:59:28:c5:6d:64:b8:6c:69:d0:e3:70:93:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
        Validity
            Not Before: Mar 29 09:01:31 2026 GMT
            Not After : Mar 30 09:01:31 2026 GMT
        Subject: CN=4f2d7550e1ce50e10565c62ce49d5d8029a7fbc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:52:ca:72:e2:fc:e6:81:a6:0e:db:53:94:78:
                    da:1c:4b:ae:ea:15:58:ab:4b:64:08:1c:bb:f2:27:
                    ee:83:67:39:17:32:df:8f:c8:5d:0b:e1:87:64:8c:
                    15:ba:44:28:d6:8d:35:46:64:c4:2a:fc:d4:bd:d3:
                    35:e9:bc:12:fc:b4:0f:f0:7a:00:8e:c8:8b:67:bb:
                    94:ef:49:d4:78:8e:07:6c:be:4a:b1:fc:4e:18:b7:
                    74:99:9a:14:f9:12:d1:3a:ea:ae:71:6f:e2:cc:0b:
                    51:f8:a3:30:98:9e:bf:e5:4a:ff:ec:02:65:c4:1b:
                    9b:9b:f6:98:14:22:74:04:b0:e1:95:c8:66:1e:8c:
                    2e:07:83:81:2d:7a:ff:52:c2:cf:79:51:c8:59:b6:
                    fa:e5:9c:07:a6:c5:07:bd:07:b8:11:68:89:7a:b8:
                    e5:92:74:f0:b8:2d:b5:25:c6:25:4d:2a:b7:ef:73:
                    40:36:95:2a:b5:89:04:15:71:29:28:48:85:00:02:
                    1b:16:72:d9:49:30:2b:df:af:2f:a1:ef:c0:39:65:
                    88:d4:75:40:5f:1a:ee:9e:9a:9e:0f:90:55:e7:f4:
                    ea:05:a4:0a:0f:fb:b9:0e:05:d5:1f:cd:cd:51:17:
                    1b:ad:26:60:8e:31:ec:20:25:e9:39:60:f4:2e:4d:
                    55:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:2D:75:50:E1:CE:50:E1:05:65:C6:2C:E4:9D:5D:80:29:A7:FB:C4
            X509v3 Authority Key Identifier:
                keyid:4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:8d:01:70:cc:9e:da:45:c1:3f:aa:45:c8:a5:d0:05:1f:d7:
         ea:77:29:50:51:6f:88:cb:26:0b:9a:d3:41:2d:fd:ab:54:fb:
         e9:ea:e3:e1:d1:ad:a8:9f:90:14:02:6c:c3:7b:cb:53:26:51:
         30:2c:86:e6:b3:e2:14:b1:08:b4:e7:5d:a2:cb:17:ab:62:2a:
         cf:2d:67:92:e6:ea:97:a4:f1:1c:83:5e:bd:41:c6:1c:68:2e:
         2a:27:7b:f8:d5:f9:35:37:4b:61:e8:b9:b3:ba:6c:a7:76:1c:
         14:40:6b:1f:e2:30:e5:d8:cc:23:96:62:30:f6:b5:ad:98:b2:
         d2:da:8e:c8:94:69:f2:b9:e1:3d:56:95:fb:0b:ef:6f:0f:c2:
         ef:8e:b6:61:c4:56:6a:56:9d:ce:82:37:c1:4a:93:66:db:35:
         5f:5b:e8:a9:bd:b7:36:9f:05:b1:e5:db:1b:64:ba:a7:e6:70:
         50:5d:eb:76:30:6e:e2:f0:27:e2:48:1e:08:1e:82:a4:ab:ae:
         d0:0d:2e:36:35:7a:07:31:0c:18:c5:1d:a3:55:ff:f2:46:0a:
         54:6b:cd:d8:08:bb:cd:88:d7:8b:78:4a:f6:27:87:b9:38:c9:
         8f:cd:36:14:d8:69:1b:ef:e9:cf:98:72:dd:bf:15:95:00:12:
         38:34:bf:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407NZKMVtZLhsadDjcJNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDg5ZjY2MTU5Zjc3YmI1OGQyYmJjN2U0ZmMxZGZkOWRk
Y2IwMzQwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
Eyg0ZjJkNzU1MGUxY2U1MGUxMDU2NWM2MmNlNDlkNWQ4MDI5YTdmYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVLKcuL85oGmDttTlHjaHEuu6hVY
q0tkCBy78ifug2c5FzLfj8hdC+GHZIwVukQo1o01RmTEKvzUvdM16bwS/LQP8HoA
jsiLZ7uU70nUeI4HbL5KsfxOGLd0mZoU+RLROuqucW/izAtR+KMwmJ6/5Ur/7AJl
xBubm/aYFCJ0BLDhlchmHowuB4OBLXr/UsLPeVHIWbb65ZwHpsUHvQe4EWiJerjl
knTwuC21JcYlTSq373NANpUqtYkEFXEpKEiFAAIbFnLZSTAr368voe/AOWWI1HVA
XxrunpqeD5BV5/TqBaQKD/u5DgXVH83NURcbrSZgjjHsICXpOWD0Lk1VPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8tdVDhzlDhBWXGLOSdXYApp/vEMB8GA1UdIwQY
MBaAFE5In2YVn3e7WNK7x+T8Hf2d3LA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQt
YWJkNjFhYTgyNDI2LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQtYWJkNjFhYTgyNDI2
LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAco0BcMye
2kXBP6pFyKXQBR/X6ncpUFFviMsmC5rTQS39q1T76erj4dGtqJ+QFAJsw3vLUyZR
MCyG5rPiFLEItOddossXq2Iqzy1nkubql6TxHINevUHGHGguKid7+NX5NTdLYei5
s7psp3YcFEBrH+Iw5djMI5ZiMPa1rZiy0tqOyJRp8rnhPVaV+wvvbw/C7462YcRW
aladzoI3wUqTZts1X1voqb23Np8FseXbG2S6p+ZwUF3rdjBu4vAn4kgeCB6CpKuu
0A0uNjV6BzEMGMUdo1X/8kYKVGvN2Ai7zYjXi3hK9ieHuTjJj802FNhpG+/pz5hy
3b8VlQASODS/5w==
-----END CERTIFICATE-----