Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
File:                     TnxZtb-73klP0T13jm8i3adJYsE.mft (raw, json)
Hash identifier:          4Tec2Pngo13M0CZujbuGVM4gOJZnut2axIZmiUsoKfg=
Subject key identifier:   73:74:F6:1C:13:A8:F3:79:68:2A:AE:43:65:F8:59:9E:6F:42:FB:54
Authority key identifier: 4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1
Certificate issuer:       /CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
Certificate serial:       019D386687B5B9355D231E886EF5DE54FBDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
Manifest number:          0BD1
Signing time:             Sun 29 Mar 2026 07:02:16 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:16 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:16 +0000
Files and hashes:         1: TnxZtb-73klP0T13jm8i3adJYsE.crl (hash: yamgY6+iqPh6Cf13M2ov+hJwZ6rLljoEvi8YFOIs5CM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:87:b5:b9:35:5d:23:1e:88:6e:f5:de:54:fb:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
        Validity
            Not Before: Mar 29 07:02:16 2026 GMT
            Not After : Mar 30 07:02:16 2026 GMT
        Subject: CN=7374f61c13a8f379682aae4365f8599e6f42fb54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d7:17:fc:52:e8:bd:b3:ac:ac:63:87:25:70:
                    a4:d8:84:0f:80:7a:47:54:33:67:83:a8:a6:25:a8:
                    82:88:87:18:12:bd:a7:91:7f:8a:73:9c:ef:70:2f:
                    d1:e1:a7:0e:e6:47:41:cd:75:3d:7d:2c:f0:84:56:
                    29:f3:f6:2c:79:95:73:37:87:10:6c:36:38:b4:09:
                    68:06:e0:e4:96:8a:a9:b3:6c:46:9f:32:7a:4c:72:
                    90:8b:1f:b6:43:9a:f0:0a:ca:e1:49:2f:5f:1e:93:
                    4c:3e:2c:e5:f1:17:5a:d5:97:60:d2:6f:42:67:50:
                    53:ce:7a:1f:92:2d:7e:9d:93:d2:28:27:e9:2f:4d:
                    57:32:52:9c:7b:75:30:1b:a4:88:f1:fa:a3:16:4d:
                    e9:db:a6:06:1a:47:55:57:98:8e:73:91:fb:88:ce:
                    5a:a8:0b:f4:1e:19:47:e4:c3:16:00:6c:01:76:14:
                    8b:9d:60:00:a3:a0:9b:28:88:97:13:30:25:9e:db:
                    34:bf:52:5b:32:22:05:14:03:7c:7c:fc:af:9c:c0:
                    e4:ee:14:43:c0:cf:74:28:ab:8b:ad:4a:ad:93:f6:
                    34:6c:42:ce:8d:37:78:21:1d:57:64:4f:89:0e:57:
                    ba:b0:27:b8:06:0a:dd:3e:c7:b9:fb:06:35:ba:bd:
                    1d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:74:F6:1C:13:A8:F3:79:68:2A:AE:43:65:F8:59:9E:6F:42:FB:54
            X509v3 Authority Key Identifier:
                keyid:4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:91:b2:3f:f6:5a:4f:79:37:23:9b:4c:b8:6d:11:6d:1f:79:
         b3:51:b3:72:02:db:ce:4e:85:f3:89:27:8c:9e:8b:8b:8f:12:
         a0:6e:aa:79:42:3a:80:34:63:97:ce:27:df:2e:a9:87:3b:f7:
         e0:2c:b7:a0:af:88:f0:91:8b:3e:37:9b:d0:02:17:79:51:ae:
         14:35:f8:d8:9d:ae:c1:ab:a5:83:19:3e:76:c1:e4:d4:b6:54:
         bf:c5:b9:ad:61:f5:3d:54:c7:29:d0:60:ed:9b:93:4d:cc:2e:
         64:1f:25:17:d0:a6:ea:7f:a7:b1:4a:10:e2:1e:8e:54:41:bb:
         62:64:5f:27:a4:d3:f9:7a:c1:d7:ae:28:fd:97:23:3c:83:f8:
         89:81:9a:ba:7d:1b:7c:4b:5e:09:81:31:c0:76:11:8d:69:2e:
         94:19:5f:12:ec:19:52:87:15:42:83:da:f9:d1:c3:e6:1f:33:
         d5:47:c8:b1:c6:3f:e6:4c:c3:2d:d9:40:40:ed:97:30:4a:6f:
         fb:c3:af:51:55:36:ef:2d:8f:70:f2:5c:20:66:5b:5d:a4:8f:
         b5:cd:54:1a:df:a2:f9:b7:8f:b1:de:93:80:a7:7b:d2:7e:ad:
         ea:69:52:d3:ce:d7:ee:0a:55:1d:3c:02:eb:7e:42:3f:0c:93:
         56:3d:f2:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zoe1uTVdIx6IbvXeVPvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2M1OWI1YmZiYmRlNDk0ZmQxM2Q3NzhlNmYyMmRkYTc0
OTYyYzEwHhcNMjYwMzI5MDcwMjE2WhcNMjYwMzMwMDcwMjE2WjAzMTEwLwYDVQQD
Eyg3Mzc0ZjYxYzEzYThmMzc5NjgyYWFlNDM2NWY4NTk5ZTZmNDJmYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9cX/FLovbOsrGOHJXCk2IQPgHpH
VDNng6imJaiCiIcYEr2nkX+Kc5zvcC/R4acO5kdBzXU9fSzwhFYp8/YseZVzN4cQ
bDY4tAloBuDkloqps2xGnzJ6THKQix+2Q5rwCsrhSS9fHpNMPizl8Rda1Zdg0m9C
Z1BTznofki1+nZPSKCfpL01XMlKce3UwG6SI8fqjFk3p26YGGkdVV5iOc5H7iM5a
qAv0HhlH5MMWAGwBdhSLnWAAo6CbKIiXEzAlnts0v1JbMiIFFAN8fPyvnMDk7hRD
wM90KKuLrUqtk/Y0bELOjTd4IR1XZE+JDle6sCe4BgrdPse5+wY1ur0d6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHN09hwTqPN5aCquQ2X4WZ5vQvtUMB8GA1UdIwQY
MBaAFE58WbW/u95JT9E9d45vIt2nSWLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTct
YzA3ZjZjNWEwYWE3LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTctYzA3ZjZjNWEwYWE3
LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIJGyP/Za
T3k3I5tMuG0RbR95s1GzcgLbzk6F84knjJ6Li48SoG6qeUI6gDRjl84n3y6phzv3
4Cy3oK+I8JGLPjeb0AIXeVGuFDX42J2uwaulgxk+dsHk1LZUv8W5rWH1PVTHKdBg
7ZuTTcwuZB8lF9Cm6n+nsUoQ4h6OVEG7YmRfJ6TT+XrB164o/ZcjPIP4iYGaun0b
fEteCYExwHYRjWkulBlfEuwZUocVQoPa+dHD5h8z1UfIscY/5kzDLdlAQO2XMEpv
+8OvUVU27y2PcPJcIGZbXaSPtc1UGt+i+bePsd6TgKd70n6t6mlS087X7gpVHTwC
635CPwyTVj3ytA==
-----END CERTIFICATE-----