Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
File:                     tkDbwv_PXWNFicBEAV1xdcuv8-0.mft (raw, json)
Hash identifier:          oe4JCbq1Ohxev3uvVGqlUQRaQH6gf4e9OgEcj7067hI=
Subject key identifier:   15:C5:65:7A:1E:66:55:2D:76:FD:9D:A2:C4:95:5C:F3:9B:41:D3:20
Authority key identifier: B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED
Certificate issuer:       /CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
Certificate serial:       019CAA215EA296B0969B9AEB885522847EFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
Manifest number:          12E4
Signing time:             Sun 01 Mar 2026 16:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:39 +0000
Files and hashes:         1: tkDbwv_PXWNFicBEAV1xdcuv8-0.crl (hash: cVYcj6t2zeM9aK0hmzvhLrijoVKe6IYC/zGR6unrmoo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 16:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:5e:a2:96:b0:96:9b:9a:eb:88:55:22:84:7e:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
        Validity
            Not Before: Mar  1 16:00:39 2026 GMT
            Not After : Mar  2 16:00:39 2026 GMT
        Subject: CN=15c5657a1e66552d76fd9da2c4955cf39b41d320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ee:cb:97:bd:05:12:58:34:fd:39:47:d9:be:
                    c3:22:ce:62:6b:aa:90:5a:c3:c8:e1:30:3d:31:a4:
                    7a:ee:2d:cc:e8:10:5e:df:ed:9a:66:f0:a7:26:31:
                    46:39:f3:b6:ca:91:53:e0:5b:96:f3:d9:56:db:6f:
                    51:6d:f5:e0:de:36:09:d1:ce:75:88:e0:cc:1e:f1:
                    81:fd:38:d6:67:2d:5a:72:65:82:72:3a:63:ae:20:
                    84:c0:2e:68:ba:85:8d:2d:5c:29:c0:01:3a:fd:e1:
                    db:79:86:1d:0b:8b:12:0d:28:5e:e9:2f:86:1d:c3:
                    27:2d:51:a5:f8:74:51:4e:5b:2e:d8:19:b3:e5:82:
                    43:45:ed:95:07:95:b1:e7:94:b1:06:83:a2:05:cb:
                    5d:f4:25:08:c7:47:de:47:2e:b0:9d:26:9a:30:26:
                    cd:d1:83:fa:42:36:7e:8b:78:fa:ad:67:46:81:3c:
                    21:f0:25:22:ad:98:5c:27:6a:e0:13:a7:75:bb:28:
                    01:65:c8:a8:8d:63:39:52:56:a7:50:d4:a0:2a:9a:
                    09:15:37:60:08:0c:7a:88:7e:0e:02:5f:c6:11:3b:
                    55:c4:21:dd:49:40:89:8a:e9:62:42:65:1e:03:21:
                    b3:80:ff:24:16:de:8e:b6:89:6e:a4:7f:a8:b2:84:
                    46:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:C5:65:7A:1E:66:55:2D:76:FD:9D:A2:C4:95:5C:F3:9B:41:D3:20
            X509v3 Authority Key Identifier:
                keyid:B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:91:b5:76:ce:87:32:25:5e:84:e5:6f:e5:48:e0:73:20:0e:
         8b:77:c0:3e:26:49:11:78:7f:49:0f:fa:45:df:62:d2:f7:40:
         8a:2e:ee:c1:c9:85:ea:c3:71:ee:df:1f:25:a2:06:ad:24:da:
         17:f1:1e:c3:fb:f3:e0:19:78:51:12:ff:33:e8:7e:54:11:fb:
         88:ff:63:e6:12:e2:56:0c:6a:08:55:99:83:d8:55:57:d9:ea:
         44:b1:f0:72:13:16:e3:d2:2a:39:58:6a:4c:d0:07:0e:e7:12:
         a8:3a:3f:9b:52:cc:5a:c1:b0:7f:83:56:94:08:ca:94:ab:e8:
         bc:b2:21:97:26:72:a5:89:56:e9:1e:46:8b:e1:ce:e0:fb:32:
         ac:05:77:af:0e:97:78:a8:dd:ff:26:59:1c:db:ca:2d:7c:20:
         bc:74:91:96:2f:c2:be:16:7a:db:1d:8f:33:94:94:c8:d5:91:
         ba:7b:86:b4:08:f2:88:85:a5:45:d1:8c:02:b2:06:c4:1c:48:
         8f:5f:fd:0f:34:f5:fe:5f:44:0c:4f:33:68:9a:31:5e:fa:1e:
         94:de:a6:d6:9f:ee:fa:28:7d:22:fc:05:cc:66:1a:09:d7:f0:
         5a:3a:f8:1a:dc:90:2b:d9:c4:e0:96:73:1f:94:ca:94:0e:5a:
         07:aa:7b:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIV6ilrCWm5rriFUihH77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDBkYmMyZmZjZjVkNjM0NTg5YzA0NDAxNWQ3MTc1Y2Jh
ZmYzZWQwHhcNMjYwMzAxMTYwMDM5WhcNMjYwMzAyMTYwMDM5WjAzMTEwLwYDVQQD
EygxNWM1NjU3YTFlNjY1NTJkNzZmZDlkYTJjNDk1NWNmMzliNDFkMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu7Ll70FElg0/TlH2b7DIs5ia6qQ
WsPI4TA9MaR67i3M6BBe3+2aZvCnJjFGOfO2ypFT4FuW89lW229RbfXg3jYJ0c51
iODMHvGB/TjWZy1acmWCcjpjriCEwC5ouoWNLVwpwAE6/eHbeYYdC4sSDShe6S+G
HcMnLVGl+HRRTlsu2Bmz5YJDRe2VB5Wx55SxBoOiBctd9CUIx0feRy6wnSaaMCbN
0YP6QjZ+i3j6rWdGgTwh8CUirZhcJ2rgE6d1uygBZciojWM5UlanUNSgKpoJFTdg
CAx6iH4OAl/GETtVxCHdSUCJiuliQmUeAyGzgP8kFt6OtolupH+osoRGTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXFZXoeZlUtdv2dosSVXPObQdMgMB8GA1UdIwQY
MBaAFLZA28L/z11jRYnARAFdcXXLr/PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUt
NmNiYjc3YmFhMDJkLzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUtNmNiYjc3YmFhMDJk
LzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZG1ds6H
MiVehOVv5UjgcyAOi3fAPiZJEXh/SQ/6Rd9i0vdAii7uwcmF6sNx7t8fJaIGrSTa
F/Eew/vz4Bl4URL/M+h+VBH7iP9j5hLiVgxqCFWZg9hVV9nqRLHwchMW49IqOVhq
TNAHDucSqDo/m1LMWsGwf4NWlAjKlKvovLIhlyZypYlW6R5Gi+HO4PsyrAV3rw6X
eKjd/yZZHNvKLXwgvHSRli/CvhZ62x2PM5SUyNWRunuGtAjyiIWlRdGMArIGxBxI
j1/9DzT1/l9EDE8zaJoxXvoelN6m1p/u+ih9IvwFzGYaCdfwWjr4GtyQK9nE4JZz
H5TKlA5aB6p7tA==
-----END CERTIFICATE-----