Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          Ts6nGq7hNKaGRcoTG3HrkTIVOwaEGkmq5B5piQn1fx0=
Subject key identifier:   3C:84:D9:16:E3:6F:11:74:ED:39:11:37:DF:74:D3:46:D1:9E:AE:19
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019D3909BEE0264E17B4450951C0299B34F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          155D
Signing time:             Sun 29 Mar 2026 10:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:33 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: iUZuTkonrRWGdfyLf6y6uMNt0h6mku8M4JA8+5g1Wnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:be:e0:26:4e:17:b4:45:09:51:c0:29:9b:34:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Mar 29 10:00:33 2026 GMT
            Not After : Mar 30 10:00:33 2026 GMT
        Subject: CN=3c84d916e36f1174ed391137df74d346d19eae19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:b8:9c:06:46:25:5e:9b:28:4e:7c:63:cc:5a:
                    47:85:b0:09:1c:20:39:be:d6:5f:14:22:df:57:9b:
                    3e:ae:92:d6:fc:04:0b:7a:1f:bf:d5:f7:5c:3f:01:
                    7e:40:d0:6a:ed:ab:46:78:f6:0e:29:24:f5:77:e0:
                    fa:31:78:ab:8d:8b:b2:26:67:47:9b:b8:37:4f:5e:
                    79:04:fc:1d:93:81:97:f7:5c:f3:3e:8a:bb:cb:7b:
                    d7:e2:ec:b3:1c:b4:08:c6:e4:d0:27:cb:f2:75:70:
                    24:45:ee:07:33:61:97:e3:29:43:20:6b:21:81:e4:
                    c9:c7:2d:8b:1d:fd:44:58:73:07:8c:e2:dd:98:1a:
                    f1:15:ab:12:a7:70:b9:f2:f1:57:55:2e:1b:e7:af:
                    93:62:c2:a1:73:8e:f1:5b:c4:58:87:49:40:fe:c6:
                    5f:b9:7b:7e:e5:b1:f7:d8:b0:c0:95:87:76:0e:8a:
                    73:8d:a3:98:8e:8b:16:98:96:57:e2:3d:09:9e:6c:
                    32:3b:4d:0c:ca:c5:ef:8e:1d:9a:87:7c:97:e2:03:
                    9d:26:17:12:33:9a:14:72:bc:c2:9b:95:57:1b:bc:
                    7b:5b:e4:3a:7e:7e:18:2b:31:be:ac:94:77:61:86:
                    c0:92:18:70:43:e6:b4:2a:8b:3a:fb:e1:c3:21:b9:
                    36:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:84:D9:16:E3:6F:11:74:ED:39:11:37:DF:74:D3:46:D1:9E:AE:19
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:8e:c8:57:08:60:a6:46:5f:44:1d:6f:31:86:3c:ba:c0:2b:
         ea:8d:02:6d:27:d3:de:c8:9a:44:9e:fd:e0:ee:1d:e3:9b:38:
         41:b6:66:f7:81:b1:da:22:21:33:52:b7:a8:af:71:a2:47:bf:
         cf:42:1e:76:b0:3b:44:c8:49:cc:4f:be:11:e1:cd:77:98:11:
         c7:6d:2a:8d:d6:6b:de:67:ff:46:ff:2b:73:92:ce:af:57:cb:
         8c:8d:54:49:82:19:84:e1:7a:af:48:d6:27:72:ed:f3:4b:87:
         af:d4:0c:b8:d5:a2:f2:70:9a:8d:c3:d8:b3:32:17:2f:e4:41:
         bc:c6:72:7a:74:72:64:08:0d:0b:37:3c:18:e2:b9:44:ad:c3:
         b2:03:bb:ac:72:40:d1:89:73:c9:55:2b:3a:f3:17:57:bd:b0:
         f8:b4:0e:c1:0d:93:1f:0a:7a:9d:20:f8:34:56:56:ec:6a:92:
         bd:39:e4:38:64:34:25:c7:78:b2:21:4f:74:db:58:86:d5:14:
         29:2b:58:5f:2f:57:a9:a1:07:a6:1d:67:db:01:f3:f2:70:c6:
         7c:07:da:74:da:77:8b:e0:36:87:8b:f7:0d:48:0b:81:87:86:
         24:5f:69:ed:76:a6:88:10:80:40:e6:93:ed:ae:57:c4:c0:90:
         d4:a5:02:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cb7gJk4XtEUJUcApmzT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjYwMzI5MTAwMDMzWhcNMjYwMzMwMTAwMDMzWjAzMTEwLwYDVQQD
EygzYzg0ZDkxNmUzNmYxMTc0ZWQzOTExMzdkZjc0ZDM0NmQxOWVhZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bicBkYlXpsoTnxjzFpHhbAJHCA5
vtZfFCLfV5s+rpLW/AQLeh+/1fdcPwF+QNBq7atGePYOKST1d+D6MXirjYuyJmdH
m7g3T155BPwdk4GX91zzPoq7y3vX4uyzHLQIxuTQJ8vydXAkRe4HM2GX4ylDIGsh
geTJxy2LHf1EWHMHjOLdmBrxFasSp3C58vFXVS4b56+TYsKhc47xW8RYh0lA/sZf
uXt+5bH32LDAlYd2DopzjaOYjosWmJZX4j0JnmwyO00MysXvjh2ah3yX4gOdJhcS
M5oUcrzCm5VXG7x7W+Q6fn4YKzG+rJR3YYbAkhhwQ+a0Kos6++HDIbk2fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyE2RbjbxF07TkRN99000bRnq4ZMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGY7IVwhg
pkZfRB1vMYY8usAr6o0CbSfT3siaRJ794O4d45s4QbZm94Gx2iIhM1K3qK9xoke/
z0IedrA7RMhJzE++EeHNd5gRx20qjdZr3mf/Rv8rc5LOr1fLjI1USYIZhOF6r0jW
J3Lt80uHr9QMuNWi8nCajcPYszIXL+RBvMZyenRyZAgNCzc8GOK5RK3DsgO7rHJA
0YlzyVUrOvMXV72w+LQOwQ2THwp6nSD4NFZW7GqSvTnkOGQ0Jcd4siFPdNtYhtUU
KStYXy9XqaEHph1n2wHz8nDGfAfadNp3i+A2h4v3DUgLgYeGJF9p7XamiBCAQOaT
7a5XxMCQ1KUCGA==
-----END CERTIFICATE-----