Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft
File:                     TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft (raw, json)
Hash identifier:          gYwmaHmgTTUmWaK34Xdxz3CaplLeKOr5D71b0W+jkC0=
Subject key identifier:   70:38:BA:BF:21:27:56:DE:99:64:D3:63:E8:39:62:CC:69:D7:45:26
Authority key identifier: 4F:01:33:3F:86:CA:97:07:1A:0F:96:12:6B:A3:8E:22:52:E7:0A:34
Certificate issuer:       /CN=4f01333f86ca97071a0f96126ba38e2252e70a34
Certificate serial:       019D382EACB915C2BC1C36138407D49CDAEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft
Manifest number:          0B7D
Signing time:             Sun 29 Mar 2026 06:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:16 +0000
Files and hashes:         1: TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl (hash: wxbYOJj/2Low1nHvuFy4oIEezJvpBhCUOgpQuEh0f+0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:ac:b9:15:c2:bc:1c:36:13:84:07:d4:9c:da:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f01333f86ca97071a0f96126ba38e2252e70a34
        Validity
            Not Before: Mar 29 06:01:16 2026 GMT
            Not After : Mar 30 06:01:16 2026 GMT
        Subject: CN=7038babf212756de9964d363e83962cc69d74526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e7:1a:42:ad:56:e1:a2:7e:93:70:c2:3c:58:
                    0d:96:30:c6:cd:9d:0c:49:f0:00:62:c4:ff:1d:e0:
                    9d:79:62:58:38:99:a5:22:8c:2a:c5:2b:9b:0c:b7:
                    68:a8:21:de:65:a2:08:db:2f:43:ae:b7:1a:51:a4:
                    58:f0:3c:5b:ab:19:9a:49:43:25:1b:56:95:0e:0b:
                    41:95:7c:01:2a:4d:a3:8f:d1:8b:e1:20:99:f7:a3:
                    09:7d:87:55:de:5d:1c:d1:b4:49:88:2d:f1:f0:55:
                    4b:b3:48:e1:f5:d0:dd:9f:2b:a3:8d:38:62:c2:65:
                    e0:4d:68:fc:10:c5:c4:8b:76:35:a3:63:44:0d:c0:
                    0f:15:f3:58:97:5d:04:56:dd:09:f7:17:7e:23:71:
                    f8:c8:e8:31:d3:27:58:16:ae:11:ac:98:ec:b6:a2:
                    79:88:30:e2:79:a1:b6:dc:95:43:f3:f1:d7:df:3d:
                    a0:e8:05:f8:b4:ff:ac:93:42:27:64:3b:e8:8e:2c:
                    c9:09:ae:dc:9c:92:96:42:73:66:a5:48:1d:26:56:
                    c1:64:8b:03:8e:8e:d9:8e:63:7d:44:b7:e3:a6:35:
                    ca:70:c7:c0:cf:17:08:d5:b6:66:96:3f:2e:ef:e2:
                    0d:a0:b5:24:66:7a:e0:a3:c0:ee:1a:eb:25:e3:c9:
                    66:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:38:BA:BF:21:27:56:DE:99:64:D3:63:E8:39:62:CC:69:D7:45:26
            X509v3 Authority Key Identifier:
                keyid:4F:01:33:3F:86:CA:97:07:1A:0F:96:12:6B:A3:8E:22:52:E7:0A:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:84:5c:81:c0:82:b0:29:db:b2:e4:b7:dc:44:31:c1:78:a8:
         4f:f7:f6:d0:a5:69:0f:c1:64:01:f7:18:30:93:d2:9b:d9:46:
         20:06:dd:0b:13:7c:df:6b:02:7d:50:55:4e:00:05:ea:f0:51:
         3c:2e:45:fc:b6:c2:23:ae:4d:e2:18:3a:85:3b:a1:41:0d:b9:
         32:d1:3c:30:0b:5d:ce:e2:2b:5c:4d:07:34:98:4d:63:47:41:
         1d:e9:b0:c5:12:8e:dd:86:8e:51:09:bd:bc:b9:c0:0e:17:81:
         bb:13:a3:54:c4:51:62:3f:bc:51:12:ca:35:9f:d5:80:84:d4:
         6c:ea:93:df:35:76:e4:53:dc:59:af:bb:f6:a4:80:eb:85:23:
         7b:cc:24:58:eb:19:41:39:7c:f3:18:57:5b:51:d8:7c:85:ac:
         3b:0c:08:61:c3:e2:ac:bb:9e:69:98:18:a6:88:7e:42:cd:6d:
         2a:10:2f:fb:9e:47:ef:23:24:ab:d7:1b:84:ca:b5:1a:a0:cf:
         f8:33:c2:c1:e2:50:04:8f:4d:f5:60:5e:8b:1f:1c:43:50:52:
         c3:1a:b9:ba:9d:0e:aa:78:9a:61:d8:12:34:53:d2:bb:7b:99:
         e2:06:21:a1:a2:46:76:3b:ff:35:58:65:b0:75:a8:de:7c:51:
         ff:6f:5c:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lqy5FcK8HDYThAfUnNrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMDEzMzNmODZjYTk3MDcxYTBmOTYxMjZiYTM4ZTIyNTJl
NzBhMzQwHhcNMjYwMzI5MDYwMTE2WhcNMjYwMzMwMDYwMTE2WjAzMTEwLwYDVQQD
Eyg3MDM4YmFiZjIxMjc1NmRlOTk2NGQzNjNlODM5NjJjYzY5ZDc0NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOcaQq1W4aJ+k3DCPFgNljDGzZ0M
SfAAYsT/HeCdeWJYOJmlIowqxSubDLdoqCHeZaII2y9DrrcaUaRY8DxbqxmaSUMl
G1aVDgtBlXwBKk2jj9GL4SCZ96MJfYdV3l0c0bRJiC3x8FVLs0jh9dDdnyujjThi
wmXgTWj8EMXEi3Y1o2NEDcAPFfNYl10EVt0J9xd+I3H4yOgx0ydYFq4RrJjstqJ5
iDDieaG23JVD8/HX3z2g6AX4tP+sk0InZDvojizJCa7cnJKWQnNmpUgdJlbBZIsD
jo7ZjmN9RLfjpjXKcMfAzxcI1bZmlj8u7+INoLUkZnrgo8DuGusl48lm/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHA4ur8hJ1bemWTTY+g5Ysxp10UmMB8GA1UdIwQY
MBaAFE8BMz+GypcHGg+WEmujjiJS5wo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NGVjZDktYTJmOC00Njg1LWE4NzIt
YjQwNTY5MTZiMThiLzEvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NGVjZDktYTJmOC00Njg1LWE4NzItYjQwNTY5MTZiMThi
LzEvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL4RcgcCC
sCnbsuS33EQxwXioT/f20KVpD8FkAfcYMJPSm9lGIAbdCxN832sCfVBVTgAF6vBR
PC5F/LbCI65N4hg6hTuhQQ25MtE8MAtdzuIrXE0HNJhNY0dBHemwxRKO3YaOUQm9
vLnADheBuxOjVMRRYj+8URLKNZ/VgITUbOqT3zV25FPcWa+79qSA64Uje8wkWOsZ
QTl88xhXW1HYfIWsOwwIYcPirLueaZgYpoh+Qs1tKhAv+55H7yMkq9cbhMq1GqDP
+DPCweJQBI9N9WBeix8cQ1BSwxq5up0OqniaYdgSNFPSu3uZ4gYhoaJGdjv/NVhl
sHWo3nxR/29cLg==
-----END CERTIFICATE-----