Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
File:                     tkDbwv_PXWNFicBEAV1xdcuv8-0.mft (raw, json)
Hash identifier:          CrJ2kHKROOrDrfzyRelTORIjm6oMx8guuyQGLqn0lyY=
Subject key identifier:   3E:96:D0:F2:71:D3:3C:2E:87:07:7D:93:44:83:AB:B4:20:3A:B6:CE
Authority key identifier: B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED
Certificate issuer:       /CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
Certificate serial:       019D97AB2147FD8C8DA4E717C7122E16738F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
Manifest number:          135F
Signing time:             Thu 16 Apr 2026 19:01:07 +0000
Manifest this update:     Thu 16 Apr 2026 19:01:07 +0000
Manifest next update:     Fri 17 Apr 2026 19:01:07 +0000
Files and hashes:         1: tkDbwv_PXWNFicBEAV1xdcuv8-0.crl (hash: 6+xo6UHhEx+HIbnQ+IHq8bQdHoUS8lBrZasLVVD4k4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 19:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:ab:21:47:fd:8c:8d:a4:e7:17:c7:12:2e:16:73:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed
        Validity
            Not Before: Apr 16 19:01:07 2026 GMT
            Not After : Apr 17 19:01:07 2026 GMT
        Subject: CN=3e96d0f271d33c2e87077d934483abb4203ab6ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:27:a0:95:99:7e:a8:04:8b:3e:be:1e:cb:46:
                    3f:5b:b9:17:0b:10:bf:65:09:54:87:60:66:d7:83:
                    e7:b6:1a:cd:c2:d8:5b:9a:d9:2f:9a:84:79:1d:2d:
                    54:2b:71:15:89:16:57:58:78:1d:8e:4e:d6:b8:27:
                    81:ec:79:54:75:d9:d8:03:78:69:01:0f:f9:58:12:
                    7e:7b:a7:bd:06:0d:42:76:2e:e1:68:f8:35:05:99:
                    fb:1d:08:dc:15:f0:3a:6b:aa:d6:47:09:cb:4c:2e:
                    49:ba:e2:15:86:2a:fd:1c:e8:9e:d8:6c:f1:66:0d:
                    da:fd:5d:93:f3:9b:51:d6:04:a5:c7:17:2d:22:65:
                    11:db:e8:cf:6f:ba:c7:88:ad:b2:99:f1:c3:0d:42:
                    ec:e2:41:e4:43:21:2b:f1:e2:70:e8:94:a4:e7:3e:
                    9d:c1:0e:a9:c6:75:cb:03:b8:1a:c2:5e:ea:a8:d4:
                    b0:2e:d1:5c:e9:be:78:e1:1c:d5:43:e8:64:2e:d5:
                    66:42:1e:6b:92:ed:c9:4b:50:ab:6d:71:cf:30:b4:
                    0b:43:1e:93:95:1e:3a:bf:55:fd:b7:8a:b9:06:35:
                    f6:fd:4e:b5:1e:7b:48:e5:de:69:e0:77:95:b9:bc:
                    e3:c1:d5:d8:62:dc:d7:c8:5b:28:1c:df:74:c3:a9:
                    7b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:96:D0:F2:71:D3:3C:2E:87:07:7D:93:44:83:AB:B4:20:3A:B6:CE
            X509v3 Authority Key Identifier:
                keyid:B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:32:20:0f:da:89:c5:ce:c6:32:c5:17:70:11:a4:8f:80:19:
         b3:80:66:06:35:f9:b0:a9:55:d6:09:13:bd:11:4e:38:b0:b4:
         30:2c:71:f3:9b:9e:f8:79:18:7d:7f:28:fb:91:c3:56:18:5d:
         2a:b2:7f:72:0e:03:c0:5c:7d:f4:41:0d:df:81:80:b7:f3:e6:
         e1:a5:34:4e:fc:58:23:f9:64:71:e3:52:b8:f4:3d:f8:19:3f:
         a9:ac:2c:3c:a9:08:00:ce:34:f7:5f:1f:e9:a4:5e:f9:ab:bc:
         8c:d1:73:87:08:c1:32:42:4d:38:c0:25:2f:78:9f:33:37:dc:
         ab:4f:33:d2:f4:09:1a:d5:23:b3:b7:25:df:a5:d4:04:f6:db:
         d2:f1:5d:ef:09:be:d1:cf:b1:96:fa:df:76:dd:6c:e8:f1:38:
         d0:9b:f7:09:44:a3:29:8f:7d:4f:e5:c7:2f:a2:ca:9c:b6:ea:
         a2:a5:30:fe:3b:45:f5:dc:84:9c:43:a7:de:c7:c5:39:24:b0:
         24:3a:0e:8b:8d:d1:b7:f7:f6:38:51:90:e9:d6:7f:ba:df:f9:
         65:3b:17:e9:53:96:e3:3a:be:0a:97:91:35:91:91:0b:9f:a8:
         51:9c:01:9c:9b:0f:85:97:ba:f2:39:8b:eb:d4:d6:54:b9:53:
         a0:93:be:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqyFH/YyNpOcXxxIuFnOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDBkYmMyZmZjZjVkNjM0NTg5YzA0NDAxNWQ3MTc1Y2Jh
ZmYzZWQwHhcNMjYwNDE2MTkwMTA3WhcNMjYwNDE3MTkwMTA3WjAzMTEwLwYDVQQD
EygzZTk2ZDBmMjcxZDMzYzJlODcwNzdkOTM0NDgzYWJiNDIwM2FiNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyeglZl+qASLPr4ey0Y/W7kXCxC/
ZQlUh2Bm14PnthrNwthbmtkvmoR5HS1UK3EViRZXWHgdjk7WuCeB7HlUddnYA3hp
AQ/5WBJ+e6e9Bg1Cdi7haPg1BZn7HQjcFfA6a6rWRwnLTC5JuuIVhir9HOie2Gzx
Zg3a/V2T85tR1gSlxxctImUR2+jPb7rHiK2ymfHDDULs4kHkQyEr8eJw6JSk5z6d
wQ6pxnXLA7gawl7qqNSwLtFc6b544RzVQ+hkLtVmQh5rku3JS1CrbXHPMLQLQx6T
lR46v1X9t4q5BjX2/U61HntI5d5p4HeVubzjwdXYYtzXyFsoHN90w6l71wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6W0PJx0zwuhwd9k0SDq7QgOrbOMB8GA1UdIwQY
MBaAFLZA28L/z11jRYnARAFdcXXLr/PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUt
NmNiYjc3YmFhMDJkLzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUtNmNiYjc3YmFhMDJk
LzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdjIgD9qJ
xc7GMsUXcBGkj4AZs4BmBjX5sKlV1gkTvRFOOLC0MCxx85ue+HkYfX8o+5HDVhhd
KrJ/cg4DwFx99EEN34GAt/Pm4aU0TvxYI/lkceNSuPQ9+Bk/qawsPKkIAM40918f
6aRe+au8jNFzhwjBMkJNOMAlL3ifMzfcq08z0vQJGtUjs7cl36XUBPbb0vFd7wm+
0c+xlvrfdt1s6PE40Jv3CUSjKY99T+XHL6LKnLbqoqUw/jtF9dyEnEOn3sfFOSSw
JDoOi43Rt/f2OFGQ6dZ/ut/5ZTsX6VOW4zq+CpeRNZGRC5+oUZwBnJsPhZe68jmL
69TWVLlToJO+Qg==
-----END CERTIFICATE-----