Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft
File:                     tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft (raw, json)
Hash identifier:          Iir4XQmLJnAKHO7T5o/sb7a4mCzPucWGctLFwopovFE=
Subject key identifier:   13:15:33:8D:9A:FA:DC:59:BF:EF:CF:6D:AA:64:B1:18:7F:83:74:C9
Authority key identifier: B6:91:9F:E8:CB:EF:9A:B3:20:AC:7E:0E:34:68:79:D4:9D:18:57:D6
Certificate issuer:       /CN=b6919fe8cbef9ab320ac7e0e346879d49d1857d6
Certificate serial:       019CAD22AB663F4394E7F70511BAAAFBA039
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tpGf6MvvmrMgrH4ONGh51J0YV9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft
Manifest number:          08FE
Signing time:             Mon 02 Mar 2026 06:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 06:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 06:00:56 +0000
Files and hashes:         1: tpGf6MvvmrMgrH4ONGh51J0YV9Y.crl (hash: Fr+6zuE2BjtLO9lsnlcSDbiKdqIhokFgDFJH0ymzqxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tpGf6MvvmrMgrH4ONGh51J0YV9Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 06:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:ab:66:3f:43:94:e7:f7:05:11:ba:aa:fb:a0:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6919fe8cbef9ab320ac7e0e346879d49d1857d6
        Validity
            Not Before: Mar  2 06:00:56 2026 GMT
            Not After : Mar  3 06:00:56 2026 GMT
        Subject: CN=1315338d9afadc59bfefcf6daa64b1187f8374c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:14:74:34:24:92:cd:94:24:be:6f:3c:89:b0:
                    6f:c2:40:ca:ae:5d:2e:83:75:cb:99:1c:74:fd:4e:
                    08:8e:4b:9a:d7:e8:78:ef:a5:f3:7c:9b:ef:05:45:
                    be:77:3a:3b:4b:da:5b:41:59:89:d7:c6:ec:db:f3:
                    d3:53:12:d5:36:17:f5:d2:45:fe:af:55:36:3b:90:
                    a8:3b:e9:7c:8d:4e:f2:52:a2:2a:8e:70:1e:ff:57:
                    b9:72:eb:97:bc:a7:da:9b:74:cf:b8:4f:0e:96:6d:
                    8c:0b:4d:38:3e:c5:48:f8:a4:75:e0:49:6e:9f:c3:
                    8e:76:6c:db:fe:88:1c:12:fb:30:67:3f:8d:0f:8f:
                    96:53:4f:2f:42:2c:9b:93:11:62:64:d7:81:54:fb:
                    e9:42:34:b2:00:1e:8f:6d:e3:98:bf:a9:79:f4:90:
                    5b:de:c3:27:8f:5d:9b:42:e9:74:e1:fb:b8:5c:6a:
                    8d:22:1c:75:54:3e:c7:bc:5f:b2:09:37:1f:88:60:
                    0e:44:6e:ad:26:d7:25:92:07:b2:98:eb:85:27:c0:
                    08:19:5c:0a:88:ac:e6:a1:55:1d:fb:0f:5b:aa:92:
                    c3:95:33:78:29:a5:61:80:3c:a7:d0:45:1c:51:87:
                    0f:5a:be:65:11:23:fb:47:aa:b5:81:e5:79:6f:d8:
                    68:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:15:33:8D:9A:FA:DC:59:BF:EF:CF:6D:AA:64:B1:18:7F:83:74:C9
            X509v3 Authority Key Identifier:
                keyid:B6:91:9F:E8:CB:EF:9A:B3:20:AC:7E:0E:34:68:79:D4:9D:18:57:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpGf6MvvmrMgrH4ONGh51J0YV9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:ec:75:ea:ec:4f:63:83:d3:de:03:13:14:23:e1:43:b1:8b:
         e1:cb:17:61:ff:39:30:a2:b5:a3:a2:a1:41:0d:e3:47:b9:50:
         be:9f:8d:f1:52:5e:f1:28:1b:77:1b:fe:9b:4d:12:f8:62:72:
         07:6d:0f:33:00:f4:0a:80:3f:8e:95:60:43:f9:7e:bd:9b:23:
         ed:62:94:28:4b:3b:37:07:a9:c0:1d:8e:0f:e5:eb:42:e7:ce:
         b3:51:11:d3:6e:50:ce:14:5a:f0:35:a1:87:bd:51:03:50:b9:
         de:d8:3b:90:a1:0c:ee:58:0b:2e:97:d6:e9:d3:d8:55:3c:b4:
         a1:2e:7d:f0:df:f9:ad:41:cf:91:52:74:01:83:b4:a2:e4:ec:
         7c:cb:ad:34:c8:51:6f:4f:21:8e:2d:19:77:94:84:3c:73:19:
         97:bf:f0:7e:6e:58:b8:22:c0:12:74:0a:86:5e:0d:3c:28:93:
         6c:ff:c1:5c:9d:b0:66:2d:34:e2:42:97:d3:0d:6a:e5:02:5e:
         c2:81:94:0b:b8:d0:df:ab:98:8c:d2:63:39:30:bb:ad:80:1e:
         ce:96:e8:7f:50:c7:68:96:f7:4e:75:0e:6b:9a:54:25:83:8a:
         fd:4d:59:65:dc:8e:c1:e4:a0:ff:6b:a5:f3:50:3c:01:13:fd:
         1a:a0:45:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIqtmP0OU5/cFEbqq+6A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OTE5ZmU4Y2JlZjlhYjMyMGFjN2UwZTM0Njg3OWQ0OWQx
ODU3ZDYwHhcNMjYwMzAyMDYwMDU2WhcNMjYwMzAzMDYwMDU2WjAzMTEwLwYDVQQD
EygxMzE1MzM4ZDlhZmFkYzU5YmZlZmNmNmRhYTY0YjExODdmODM3NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhR0NCSSzZQkvm88ibBvwkDKrl0u
g3XLmRx0/U4Ijkua1+h476XzfJvvBUW+dzo7S9pbQVmJ18bs2/PTUxLVNhf10kX+
r1U2O5CoO+l8jU7yUqIqjnAe/1e5cuuXvKfam3TPuE8Olm2MC004PsVI+KR14Elu
n8OOdmzb/ogcEvswZz+ND4+WU08vQiybkxFiZNeBVPvpQjSyAB6PbeOYv6l59JBb
3sMnj12bQul04fu4XGqNIhx1VD7HvF+yCTcfiGAORG6tJtclkgeymOuFJ8AIGVwK
iKzmoVUd+w9bqpLDlTN4KaVhgDyn0EUcUYcPWr5lESP7R6q1geV5b9hoxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMVM42a+txZv+/PbapksRh/g3TJMB8GA1UdIwQY
MBaAFLaRn+jL75qzIKx+DjRoedSdGFfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBHZjZNdnZtck1nckg0T05HaDUxSjBZVjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjk5NGMtYThjMC00N2UwLWEwMDYt
YjA4NjY2NmUyYWRhLzEvdHBHZjZNdnZtck1nckg0T05HaDUxSjBZVjlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjk5NGMtYThjMC00N2UwLWEwMDYtYjA4NjY2NmUyYWRh
LzEvdHBHZjZNdnZtck1nckg0T05HaDUxSjBZVjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOex16uxP
Y4PT3gMTFCPhQ7GL4csXYf85MKK1o6KhQQ3jR7lQvp+N8VJe8Sgbdxv+m00S+GJy
B20PMwD0CoA/jpVgQ/l+vZsj7WKUKEs7NwepwB2OD+XrQufOs1ER025QzhRa8DWh
h71RA1C53tg7kKEM7lgLLpfW6dPYVTy0oS598N/5rUHPkVJ0AYO0ouTsfMutNMhR
b08hji0Zd5SEPHMZl7/wfm5YuCLAEnQKhl4NPCiTbP/BXJ2wZi004kKX0w1q5QJe
woGUC7jQ36uYjNJjOTC7rYAezpbof1DHaJb3TnUOa5pUJYOK/U1ZZdyOweSg/2ul
81A8ARP9GqBF1g==
-----END CERTIFICATE-----