Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
File:                     tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json)
Hash identifier:          tVCyWCFQvN3PdHX+Kda7MmoadYXoo78tDXWbUh71nZ4=
Subject key identifier:   25:83:50:49:5B:81:68:3E:0C:8E:68:A7:E9:04:0A:D5:B8:CC:3B:83
Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C
Certificate issuer:       /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
Certificate serial:       019D386571F144FC3E08D6A2098784C21E21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:05 +0000
Files and hashes:         1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: AIJpfsz1c9+IP9+eXASnWYLxYxBEfEsKRN9YN3EYt+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:71:f1:44:fc:3e:08:d6:a2:09:87:84:c2:1e:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
        Validity
            Not Before: Mar 29 07:01:05 2026 GMT
            Not After : Mar 30 07:01:05 2026 GMT
        Subject: CN=258350495b81683e0c8e68a7e9040ad5b8cc3b83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f5:fd:f7:cb:33:3a:5b:3e:e2:86:99:bf:b1:
                    be:f9:96:c0:23:84:3f:a6:39:2f:1c:71:d2:25:ad:
                    2c:5e:90:3f:5f:22:36:4f:5a:0c:7d:17:62:aa:60:
                    ad:67:b6:29:00:66:7b:97:a2:f1:88:13:81:6b:7e:
                    52:a7:65:54:55:2a:77:5d:aa:02:9f:f6:97:e1:60:
                    25:d8:ca:1e:81:26:b6:c1:83:4d:cb:20:36:06:77:
                    71:cd:ae:65:56:ae:9f:d3:1c:40:72:d5:38:30:43:
                    9c:71:8a:eb:61:f6:38:22:6e:91:70:cb:b4:11:c4:
                    d7:c3:5e:f7:20:f5:42:78:a4:68:62:87:2e:ad:2a:
                    55:da:57:23:4a:62:8f:1f:75:13:35:b3:bc:96:7e:
                    06:d7:c3:10:fc:d6:5c:17:a0:4b:f5:3f:f3:f5:d1:
                    d3:68:4d:80:d3:9f:00:c1:ff:6e:2a:ca:e6:e0:98:
                    f6:87:dd:07:64:30:9d:9a:7a:da:70:c6:39:48:6a:
                    69:00:71:3e:fa:0a:a6:16:e4:bb:bc:06:29:15:2d:
                    a4:94:ef:47:2c:41:47:d1:5f:36:ad:45:4c:87:db:
                    52:3b:bd:39:fd:31:a2:0c:d2:17:5a:5e:01:4e:99:
                    6b:a1:e6:5a:33:23:08:62:c7:92:2d:f1:8e:0c:5d:
                    cb:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:83:50:49:5B:81:68:3E:0C:8E:68:A7:E9:04:0A:D5:B8:CC:3B:83
            X509v3 Authority Key Identifier:
                keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:7f:0c:b6:29:e0:a1:db:95:8a:c7:1b:dd:3a:ed:b2:9f:6d:
         ae:56:09:19:9f:a9:8e:eb:fa:db:3d:53:d3:37:ba:67:34:5c:
         50:d9:20:b9:ea:e1:94:93:ef:27:a8:4c:23:02:ee:d5:b2:a5:
         4f:0b:00:da:df:fd:de:3d:12:9d:1e:07:93:4f:02:0b:ca:fa:
         43:9f:7f:4b:27:c1:e6:db:c1:03:59:9f:fe:af:dc:99:86:9b:
         89:58:c7:26:6f:88:26:fc:b4:d9:d3:20:76:c7:1c:31:04:4c:
         4a:34:14:b3:9f:9e:96:02:4c:d3:d0:9f:8d:53:7f:49:d5:74:
         a3:aa:7b:1c:8b:3f:67:e6:f5:93:01:59:44:1f:22:d6:cc:45:
         a7:4f:da:35:67:c1:32:e6:ab:20:a3:bb:ed:5b:e5:b7:1c:dd:
         68:7b:2c:62:e4:5a:f1:2a:d4:41:47:66:34:51:12:91:b2:e3:
         ab:78:96:fd:b1:45:e8:c0:fe:c0:a3:3c:63:b7:fe:2b:a6:d6:
         0c:da:d5:e6:44:9e:02:39:cb:9f:3b:14:90:d3:8c:16:bb:35:
         bc:47:cb:01:e7:7c:51:f8:51:4f:e2:af:95:a6:96:b6:6a:1d:
         51:df:19:01:29:53:06:95:a4:33:d6:82:e2:91:be:d4:eb:43:
         83:65:79:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXHxRPw+CNaiCYeEwh4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4
OTI2MmMwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
EygyNTgzNTA0OTViODE2ODNlMGM4ZTY4YTdlOTA0MGFkNWI4Y2MzYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPX998szOls+4oaZv7G++ZbAI4Q/
pjkvHHHSJa0sXpA/XyI2T1oMfRdiqmCtZ7YpAGZ7l6LxiBOBa35Sp2VUVSp3XaoC
n/aX4WAl2MoegSa2wYNNyyA2Bndxza5lVq6f0xxActU4MEOccYrrYfY4Im6RcMu0
EcTXw173IPVCeKRoYocurSpV2lcjSmKPH3UTNbO8ln4G18MQ/NZcF6BL9T/z9dHT
aE2A058Awf9uKsrm4Jj2h90HZDCdmnracMY5SGppAHE++gqmFuS7vAYpFS2klO9H
LEFH0V82rUVMh9tSO705/TGiDNIXWl4BTplroeZaMyMIYseSLfGODF3LBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWDUElbgWg+DI5op+kECtW4zDuDMB8GA1UdIwQY
MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt
ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4
LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiX8Mting
oduViscb3Trtsp9trlYJGZ+pjuv62z1T0ze6ZzRcUNkguerhlJPvJ6hMIwLu1bKl
TwsA2t/93j0SnR4Hk08CC8r6Q59/SyfB5tvBA1mf/q/cmYabiVjHJm+IJvy02dMg
dsccMQRMSjQUs5+elgJM09CfjVN/SdV0o6p7HIs/Z+b1kwFZRB8i1sxFp0/aNWfB
MuarIKO77VvltxzdaHssYuRa8SrUQUdmNFESkbLjq3iW/bFF6MD+wKM8Y7f+K6bW
DNrV5kSeAjnLnzsUkNOMFrs1vEfLAed8UfhRT+KvlaaWtmodUd8ZASlTBpWkM9aC
4pG+1OtDg2V5Qg==
-----END CERTIFICATE-----