Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          1G300Pdqdt6T+E2+DxQjs+uLlQZH+2hhHNVVPMebRi0=
Subject key identifier:   0F:23:57:AB:2F:6D:B9:90:0B:3B:A7:62:70:CD:AC:B1:11:A6:2F:57
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       019D37F78A32F75C17F3592A7355FC3E1F20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          0528
Signing time:             Sun 29 Mar 2026 05:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 05:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 05:01:02 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: AD2YZwaJ1A2Okc+w0ImYMNCGuXgwVD2UEnf4qH2f/T0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:8a:32:f7:5c:17:f3:59:2a:73:55:fc:3e:1f:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: Mar 29 05:01:02 2026 GMT
            Not After : Mar 30 05:01:02 2026 GMT
        Subject: CN=0f2357ab2f6db9900b3ba76270cdacb111a62f57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:d1:56:c8:d2:29:5d:df:c9:e1:df:60:63:f3:
                    b6:4f:e5:ef:b6:47:63:2f:23:74:bc:d7:98:0e:f8:
                    ba:c1:bf:f2:e6:37:02:e7:63:19:2f:58:14:bd:86:
                    df:f3:57:85:4e:d9:05:cb:a5:b1:0c:7f:ac:1f:be:
                    41:65:57:4b:55:d0:b6:d1:44:c5:34:79:32:b8:53:
                    8e:5a:92:47:f0:65:7a:93:15:15:8b:83:ac:68:fd:
                    55:fc:08:5a:c3:f8:9a:14:f4:e5:98:ff:d6:f2:db:
                    d1:26:d6:25:04:25:0d:f7:0d:20:96:6a:78:08:f1:
                    85:61:cf:dc:c5:61:c7:56:0d:67:eb:88:f8:f2:4d:
                    0d:f6:72:0b:3b:72:e8:56:9e:d3:31:2b:dc:c7:87:
                    61:16:15:70:4d:93:32:4f:45:bc:80:54:fd:57:79:
                    83:5a:98:14:98:65:54:e3:7a:79:31:91:be:59:09:
                    7a:da:09:6a:7a:f7:a8:3f:fa:b0:6a:45:02:4b:da:
                    ee:67:d3:c3:90:df:83:5e:16:9c:7c:c4:26:84:14:
                    4c:51:cf:71:44:52:05:04:28:f7:89:3d:a7:b7:cc:
                    ff:e1:67:6c:77:ef:a5:3e:52:8d:65:bd:2e:05:17:
                    49:fb:5c:4f:2e:ef:ac:34:cd:9d:00:af:a5:06:12:
                    56:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:23:57:AB:2F:6D:B9:90:0B:3B:A7:62:70:CD:AC:B1:11:A6:2F:57
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:36:a1:40:d9:ae:ec:3c:ba:f6:a4:67:48:f6:20:e7:68:07:
         2c:76:fc:44:dd:2c:90:64:6e:f8:b4:4f:d3:b6:53:a7:57:d2:
         90:03:b6:17:c7:82:77:d5:be:dd:f0:b5:cc:f7:37:25:87:04:
         1d:bf:be:b3:73:8b:7e:38:70:55:b4:51:e6:22:1f:42:f8:ac:
         40:55:bc:70:64:8f:82:ad:33:04:f8:3d:a7:04:4e:38:8c:a4:
         d9:6e:50:42:f1:e1:46:75:13:c5:8f:2a:4f:58:de:bb:8a:1c:
         9b:60:43:72:37:a3:f6:27:76:2e:03:0a:3b:4e:3e:f0:3f:9c:
         8f:76:94:3f:09:8e:8a:9d:9f:82:85:87:dc:96:90:31:58:de:
         66:c4:3a:18:c3:14:09:35:e2:00:e0:ca:37:33:fe:cb:57:1f:
         d5:0f:0f:a9:9c:de:f0:66:02:d6:6b:d4:54:25:da:c7:70:f9:
         38:87:0b:58:55:e2:b0:1c:ca:ca:a5:cf:69:dc:e1:d5:84:6f:
         0f:41:ab:2a:ea:a1:31:47:7e:90:e7:15:f5:d4:0a:58:32:65:
         cc:3a:52:65:96:b7:aa:d7:30:08:c0:9b:44:79:8a:6f:af:67:
         b2:e8:b2:d6:07:18:48:ba:9e:c3:1c:62:ae:09:05:f6:27:47:
         b0:c7:cd:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0394oy91wX81kqc1X8Ph8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjYwMzI5MDUwMTAyWhcNMjYwMzMwMDUwMTAyWjAzMTEwLwYDVQQD
EygwZjIzNTdhYjJmNmRiOTkwMGIzYmE3NjI3MGNkYWNiMTExYTYyZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitFWyNIpXd/J4d9gY/O2T+Xvtkdj
LyN0vNeYDvi6wb/y5jcC52MZL1gUvYbf81eFTtkFy6WxDH+sH75BZVdLVdC20UTF
NHkyuFOOWpJH8GV6kxUVi4OsaP1V/Ahaw/iaFPTlmP/W8tvRJtYlBCUN9w0glmp4
CPGFYc/cxWHHVg1n64j48k0N9nILO3LoVp7TMSvcx4dhFhVwTZMyT0W8gFT9V3mD
WpgUmGVU43p5MZG+WQl62glqeveoP/qwakUCS9ruZ9PDkN+DXhacfMQmhBRMUc9x
RFIFBCj3iT2nt8z/4Wdsd++lPlKNZb0uBRdJ+1xPLu+sNM2dAK+lBhJWhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8jV6svbbmQCzunYnDNrLERpi9XMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjjahQNmu
7Dy69qRnSPYg52gHLHb8RN0skGRu+LRP07ZTp1fSkAO2F8eCd9W+3fC1zPc3JYcE
Hb++s3OLfjhwVbRR5iIfQvisQFW8cGSPgq0zBPg9pwROOIyk2W5QQvHhRnUTxY8q
T1jeu4ocm2BDcjej9id2LgMKO04+8D+cj3aUPwmOip2fgoWH3JaQMVjeZsQ6GMMU
CTXiAODKNzP+y1cf1Q8PqZze8GYC1mvUVCXax3D5OIcLWFXisBzKyqXPadzh1YRv
D0GrKuqhMUd+kOcV9dQKWDJlzDpSZZa3qtcwCMCbRHmKb69nsuiy1gcYSLqewxxi
rgkF9idHsMfNqg==
-----END CERTIFICATE-----