Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft
File:                     ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft (raw, json)
Hash identifier:          Ygnb6NisJ0a+yH+y1C9UZAOGdSX5qUFqBpODpa9Igic=
Subject key identifier:   32:41:EB:3C:5D:4F:8B:67:5F:FC:BA:08:5E:AC:AE:00:67:37:23:94
Authority key identifier: B5:AD:09:67:CA:00:02:DD:9C:E4:5B:C4:3B:B7:01:B4:17:3D:79:BD
Certificate issuer:       /CN=b5ad0967ca0002dd9ce45bc43bb701b4173d79bd
Certificate serial:       019D985081A480BF8DCCE6F08780F2AE3C85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft
Manifest number:          0EE5
Signing time:             Thu 16 Apr 2026 22:01:46 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:46 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:46 +0000
Files and hashes:         1: ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl (hash: MTP3jDYQKARW1HmKPAsZi0jqkRgZgzSNQxCl/wIU6xY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:81:a4:80:bf:8d:cc:e6:f0:87:80:f2:ae:3c:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5ad0967ca0002dd9ce45bc43bb701b4173d79bd
        Validity
            Not Before: Apr 16 22:01:46 2026 GMT
            Not After : Apr 17 22:01:46 2026 GMT
        Subject: CN=3241eb3c5d4f8b675ffcba085eacae0067372394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:3f:54:57:82:96:9a:ca:da:a6:70:db:80:46:
                    bd:04:3e:a6:47:b5:8d:74:17:3a:1c:7e:77:3c:a6:
                    fc:ab:ff:80:18:ac:b4:85:b8:22:27:29:5f:54:44:
                    80:5f:57:3e:b9:e5:01:59:3f:39:c4:bc:d1:1e:0b:
                    55:31:33:24:61:28:a3:66:9c:cc:e7:4e:62:9d:e2:
                    45:9b:9a:e3:19:e1:55:80:d0:f3:4d:41:dd:ae:32:
                    b5:7f:63:53:56:4d:0e:84:e1:2e:4a:7a:b3:b5:de:
                    a6:a1:43:7d:d3:9e:8f:3e:7b:8e:64:f3:70:19:a3:
                    e2:a6:6f:c7:f8:9b:c8:34:bc:e7:c4:c1:c1:1a:a5:
                    64:d2:79:26:8b:71:20:60:c2:a5:34:05:1b:ae:75:
                    3f:2c:7c:a0:f2:70:9a:6e:2e:30:c6:a4:38:d6:20:
                    d1:84:7d:7e:26:53:21:41:e3:e5:ac:ad:8e:ee:d5:
                    5b:44:d5:27:8f:4e:8f:db:86:a5:cf:d0:0f:d8:38:
                    a2:02:bf:e3:bc:a2:d2:6c:ae:35:4c:83:84:67:3e:
                    3f:a6:55:b8:df:24:ae:31:8c:44:82:1c:a3:1c:58:
                    20:b2:6d:3d:80:4e:24:5a:60:df:73:b8:f2:3e:fb:
                    9b:54:5a:11:54:74:f4:70:ca:01:b5:64:49:70:76:
                    24:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:41:EB:3C:5D:4F:8B:67:5F:FC:BA:08:5E:AC:AE:00:67:37:23:94
            X509v3 Authority Key Identifier:
                keyid:B5:AD:09:67:CA:00:02:DD:9C:E4:5B:C4:3B:B7:01:B4:17:3D:79:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ee:29:bc:54:46:db:53:68:0f:67:75:59:f0:9a:4e:f1:ca:9d:
         52:fc:b2:81:0f:de:bb:91:32:ec:0f:21:ac:ba:81:b9:82:b4:
         38:59:81:cb:8d:fb:0a:2b:fe:1f:1d:d1:8a:45:05:9e:ee:88:
         fc:b3:25:93:25:93:f3:ca:9a:83:51:34:59:f2:d5:0a:81:40:
         3a:85:36:70:18:2d:07:2d:e7:13:c7:8a:c8:bc:28:98:7d:0c:
         3a:7e:e4:90:f2:2a:6a:70:aa:fd:71:3a:79:6f:fb:48:aa:71:
         c0:d9:2a:5e:8b:19:87:3c:4b:fe:8a:cb:03:8b:5e:dc:b8:40:
         0c:21:d8:19:fd:7b:c3:57:61:ff:39:07:51:46:c2:b5:cc:12:
         6a:4a:a2:3c:4a:2f:5d:e7:ac:85:c9:76:be:b8:4f:20:46:f8:
         ac:68:09:11:69:82:41:5d:c5:43:af:d8:65:85:d4:d5:59:ec:
         a2:3d:c6:56:61:06:69:8f:d0:1d:3e:af:33:74:3a:24:58:e7:
         03:51:3e:28:ad:07:ff:01:12:41:98:2e:4b:b7:7e:ee:03:d9:
         ee:6b:fd:f5:2f:9a:ed:75:01:71:2c:5a:e9:fe:c3:9c:fd:76:
         29:10:8d:66:ef:bb:d8:b5:bf:0f:5e:f6:8a:b8:af:a8:3f:79:
         5b:c2:4b:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUIGkgL+NzObwh4DyrjyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWQwOTY3Y2EwMDAyZGQ5Y2U0NWJjNDNiYjcwMWI0MTcz
ZDc5YmQwHhcNMjYwNDE2MjIwMTQ2WhcNMjYwNDE3MjIwMTQ2WjAzMTEwLwYDVQQD
EygzMjQxZWIzYzVkNGY4YjY3NWZmY2JhMDg1ZWFjYWUwMDY3MzcyMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT9UV4KWmsrapnDbgEa9BD6mR7WN
dBc6HH53PKb8q/+AGKy0hbgiJylfVESAX1c+ueUBWT85xLzRHgtVMTMkYSijZpzM
505ineJFm5rjGeFVgNDzTUHdrjK1f2NTVk0OhOEuSnqztd6moUN9056PPnuOZPNw
GaPipm/H+JvINLznxMHBGqVk0nkmi3EgYMKlNAUbrnU/LHyg8nCabi4wxqQ41iDR
hH1+JlMhQePlrK2O7tVbRNUnj06P24alz9AP2DiiAr/jvKLSbK41TIOEZz4/plW4
3ySuMYxEghyjHFggsm09gE4kWmDfc7jyPvubVFoRVHT0cMoBtWRJcHYktQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJB6zxdT4tnX/y6CF6srgBnNyOUMB8GA1UdIwQY
MBaAFLWtCWfKAALdnORbxDu3AbQXPXm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDgxOWQtZTIzMS00MDYwLTlmMTIt
N2MzNmVmNjEzYThmLzEvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zNDgxOWQtZTIzMS00MDYwLTlmMTItN2MzNmVmNjEzYThm
LzEvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7im8VEbb
U2gPZ3VZ8JpO8cqdUvyygQ/eu5Ey7A8hrLqBuYK0OFmBy437Civ+Hx3RikUFnu6I
/LMlkyWT88qag1E0WfLVCoFAOoU2cBgtBy3nE8eKyLwomH0MOn7kkPIqanCq/XE6
eW/7SKpxwNkqXosZhzxL/orLA4te3LhADCHYGf17w1dh/zkHUUbCtcwSakqiPEov
Xeeshcl2vrhPIEb4rGgJEWmCQV3FQ6/YZYXU1Vnsoj3GVmEGaY/QHT6vM3Q6JFjn
A1E+KK0H/wESQZguS7d+7gPZ7mv99S+a7XUBcSxa6f7DnP12KRCNZu+72LW/D172
irivqD95W8JLxw==
-----END CERTIFICATE-----