Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
File:                     tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft (raw, json)
Hash identifier:          rOfhQ6aNDPbVEthW2UYLuvXUci9d0a2wUMbymvLOi44=
Subject key identifier:   57:5B:C0:82:EA:75:F3:A0:AC:6C:ED:E0:43:DF:DE:07:BB:B7:F1:B6
Authority key identifier: B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5
Certificate issuer:       /CN=b483bc0a71a52d0cf3989522367575959ebdcef5
Certificate serial:       019CA9EB82C29EE1C031B01B7092102884F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
Manifest number:          17D3
Signing time:             Sun 01 Mar 2026 15:01:49 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:49 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:49 +0000
Files and hashes:         1: tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl (hash: lpEElcRJB8jtuH4IoRxD3NsXJDVuO0f7i2dwaCYElpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:82:c2:9e:e1:c0:31:b0:1b:70:92:10:28:84:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b483bc0a71a52d0cf3989522367575959ebdcef5
        Validity
            Not Before: Mar  1 15:01:49 2026 GMT
            Not After : Mar  2 15:01:49 2026 GMT
        Subject: CN=575bc082ea75f3a0ac6cede043dfde07bbb7f1b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:1c:50:e4:fb:99:55:31:94:60:68:c9:fc:37:
                    03:d3:ea:ff:4d:dc:96:8f:26:62:9f:52:76:fd:90:
                    df:da:09:a6:f6:70:5f:21:02:29:8c:fe:8e:ad:2f:
                    f1:a5:a4:e7:40:40:c9:c5:f0:f9:95:7a:5a:90:47:
                    f4:b7:5b:4b:ab:ed:1a:4d:09:05:85:4f:fa:bf:83:
                    78:a1:e9:44:ac:f3:20:8e:9a:ce:67:84:7d:24:a4:
                    29:ff:e9:77:ff:df:91:18:df:5b:85:36:02:12:cf:
                    0b:e3:f6:37:b2:ab:25:20:25:5b:4f:7f:d8:10:3b:
                    9d:e3:3d:7f:3c:e5:8a:00:83:9c:9b:c0:fc:9d:9d:
                    b6:8b:5b:43:b1:89:6e:e2:e7:ce:84:62:d2:a3:ba:
                    da:d8:13:f5:1a:53:53:a8:a4:47:fc:38:8f:66:f9:
                    84:94:63:ea:ec:25:3d:87:01:34:5f:34:2f:bb:0a:
                    f0:f8:c3:d3:b5:0a:7f:63:80:a5:74:b4:7a:f9:6e:
                    fb:e8:b8:b9:a0:cd:83:8e:40:80:da:d7:c7:48:42:
                    0f:89:58:91:3b:3a:a9:94:ef:19:76:09:6a:e4:95:
                    1b:a0:e3:d7:ac:b0:f7:87:62:cc:6f:46:10:f8:89:
                    59:be:f8:5a:81:cc:ba:4d:7e:64:9c:ea:97:16:2f:
                    1e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5B:C0:82:EA:75:F3:A0:AC:6C:ED:E0:43:DF:DE:07:BB:B7:F1:B6
            X509v3 Authority Key Identifier:
                keyid:B4:83:BC:0A:71:A5:2D:0C:F3:98:95:22:36:75:75:95:9E:BD:CE:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIO8CnGlLQzzmJUiNnV1lZ69zvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f89fbd-5142-4bcc-bab1-994ef87db3a3/1/tIO8CnGlLQzzmJUiNnV1lZ69zvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:92:d1:cf:8e:7f:f8:ed:3a:6a:3a:eb:97:b5:cb:49:6b:c7:
         59:8a:fd:83:4b:49:ee:b3:8e:57:73:91:c7:81:9a:1b:ec:08:
         60:c0:12:ac:01:ba:af:33:10:17:cc:c5:61:d9:e5:47:2f:a9:
         31:4e:fe:2b:23:52:35:3d:ec:0c:59:a8:98:0a:a5:51:a5:b4:
         90:2d:f9:81:7e:60:94:cf:22:01:49:bf:4f:8a:db:0a:6d:fa:
         53:a1:e0:b1:61:ef:94:17:74:22:9a:d5:df:4e:bc:9f:f4:a9:
         c2:15:0b:05:62:92:9c:80:b3:00:28:4e:4c:73:8c:d3:70:92:
         4c:d5:60:57:49:f7:02:0c:26:27:9f:67:4b:d3:4f:d1:22:bf:
         63:80:89:1b:c0:83:73:ef:ca:69:0c:37:27:ba:4b:3a:9b:f9:
         b8:f1:59:63:0f:49:1b:00:f6:20:40:22:2f:02:13:de:d0:bc:
         62:cd:b5:2d:ed:bb:26:50:6a:b3:73:ca:3b:4c:a8:78:4e:94:
         79:9a:4a:d9:93:9d:d5:a0:8d:b5:e7:0d:f6:a8:e2:8a:c8:1f:
         2a:e7:67:0d:00:c8:7a:da:ec:28:0e:78:bf:e2:c8:5b:c1:04:
         2a:44:ae:05:7d:93:25:54:1c:db:73:58:2a:98:0b:7b:47:94:
         af:65:ea:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp64LCnuHAMbAbcJIQKIT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODNiYzBhNzFhNTJkMGNmMzk4OTUyMjM2NzU3NTk1OWVi
ZGNlZjUwHhcNMjYwMzAxMTUwMTQ5WhcNMjYwMzAyMTUwMTQ5WjAzMTEwLwYDVQQD
Eyg1NzViYzA4MmVhNzVmM2EwYWM2Y2VkZTA0M2RmZGUwN2JiYjdmMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRxQ5PuZVTGUYGjJ/DcD0+r/TdyW
jyZin1J2/ZDf2gmm9nBfIQIpjP6OrS/xpaTnQEDJxfD5lXpakEf0t1tLq+0aTQkF
hU/6v4N4oelErPMgjprOZ4R9JKQp/+l3/9+RGN9bhTYCEs8L4/Y3sqslICVbT3/Y
EDud4z1/POWKAIOcm8D8nZ22i1tDsYlu4ufOhGLSo7ra2BP1GlNTqKRH/DiPZvmE
lGPq7CU9hwE0XzQvuwrw+MPTtQp/Y4CldLR6+W776Li5oM2DjkCA2tfHSEIPiViR
OzqplO8Zdglq5JUboOPXrLD3h2LMb0YQ+IlZvvhagcy6TX5knOqXFi8ejQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdbwILqdfOgrGzt4EPf3ge7t/G2MB8GA1UdIwQY
MBaAFLSDvApxpS0M85iVIjZ1dZWevc71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEt
OTk0ZWY4N2RiM2EzLzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mODlmYmQtNTE0Mi00YmNjLWJhYjEtOTk0ZWY4N2RiM2Ez
LzEvdElPOENuR2xMUXp6bUpVaU5uVjFsWjY5enZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5LRz45/
+O06ajrrl7XLSWvHWYr9g0tJ7rOOV3ORx4GaG+wIYMASrAG6rzMQF8zFYdnlRy+p
MU7+KyNSNT3sDFmomAqlUaW0kC35gX5glM8iAUm/T4rbCm36U6HgsWHvlBd0IprV
3068n/SpwhULBWKSnICzAChOTHOM03CSTNVgV0n3AgwmJ59nS9NP0SK/Y4CJG8CD
c+/KaQw3J7pLOpv5uPFZYw9JGwD2IEAiLwIT3tC8Ys21Le27JlBqs3PKO0yoeE6U
eZpK2ZOd1aCNtecN9qjiisgfKudnDQDIetrsKA54v+LIW8EEKkSuBX2TJVQc23NY
KpgLe0eUr2Xq5Q==
-----END CERTIFICATE-----