Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          NTB0Ila029G5wCuwHVMON6LMt138W+1bl53fpKm8LrU=
Subject key identifier:   10:03:3A:4F:3F:15:E9:0E:71:5C:61:8A:4B:B9:7E:8F:E9:9A:59:C9
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       019DA4C1BA9ED8287EB9F6A236B51644AC8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          0B4E
Signing time:             Sun 19 Apr 2026 08:00:52 +0000
Manifest this update:     Sun 19 Apr 2026 08:00:52 +0000
Manifest next update:     Mon 20 Apr 2026 08:00:52 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: 1YSZkpM3iqqRVU5Uui73WoRw2YDCsQJT66RS9FzrrNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:c1:ba:9e:d8:28:7e:b9:f6:a2:36:b5:16:44:ac:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Apr 19 08:00:52 2026 GMT
            Not After : Apr 20 08:00:52 2026 GMT
        Subject: CN=10033a4f3f15e90e715c618a4bb97e8fe99a59c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:60:f3:e7:12:81:82:55:64:13:b5:0b:3e:03:
                    e1:52:8e:2a:b0:62:60:46:52:14:01:71:a0:03:05:
                    4a:17:a9:75:11:c6:2d:65:6e:ed:0e:6c:64:c5:de:
                    da:91:c6:f3:00:05:3a:4b:52:9c:04:66:3b:7e:e0:
                    a6:ec:f7:4f:16:fa:95:89:bc:89:ea:76:40:30:82:
                    44:4d:ef:37:6a:9e:0c:d1:1f:02:1f:49:64:60:59:
                    18:c8:9c:a1:33:97:d1:6f:44:a0:7d:ef:f2:16:b1:
                    c5:98:4b:22:ae:bf:b0:c3:00:33:84:06:0b:f5:7d:
                    2f:4a:f5:5c:df:02:36:1c:1a:f3:bb:11:a0:63:21:
                    1b:36:15:c3:2c:9e:88:df:c8:23:65:1f:4a:46:c0:
                    0f:7d:d9:e8:5e:e5:2d:6c:4a:4f:1e:ab:4b:fd:42:
                    b7:c1:ae:a3:0d:b4:ea:72:1a:00:97:b6:aa:6b:ff:
                    0c:32:66:11:41:5b:56:63:b0:5a:7c:e5:d3:10:42:
                    3c:f4:2f:1d:34:92:2c:7d:17:cf:ed:f4:a1:0a:29:
                    38:2d:42:95:e4:63:a7:26:e1:64:eb:9d:a8:e4:b6:
                    4e:63:b4:2e:d2:44:f5:a2:fc:b3:05:f0:8a:a0:4a:
                    22:fd:37:1f:b7:71:12:56:37:bb:9c:14:9c:cc:d7:
                    4c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:03:3A:4F:3F:15:E9:0E:71:5C:61:8A:4B:B9:7E:8F:E9:9A:59:C9
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:3e:00:52:48:06:af:e9:d3:b3:8a:b4:5e:ac:2a:dd:4e:ed:
         50:3a:bb:da:04:ef:b1:0f:af:2d:a0:f4:10:5f:c1:c8:c6:86:
         5d:b7:e2:61:29:84:d8:55:cb:83:29:7a:f6:f1:fe:cc:cc:cf:
         af:e2:49:9c:de:14:b3:94:5b:42:3e:4f:33:f7:8f:6d:4c:00:
         e8:ac:be:b1:87:28:de:31:4c:d4:5c:2a:a3:04:40:9c:7e:22:
         80:ff:2c:a7:de:bf:04:3e:3f:da:2c:bd:2b:26:68:4a:ad:b6:
         fa:be:38:db:8d:f2:ca:d9:ac:4f:22:e5:aa:50:68:40:38:a0:
         f9:fe:8b:30:4d:26:7e:5d:38:23:76:02:0e:07:04:33:72:3d:
         33:7e:4a:7f:55:fe:3c:60:29:bc:f3:6d:fc:fa:93:21:fe:f7:
         12:ab:31:bc:c7:1e:75:dc:52:4b:ca:6a:19:a8:2d:00:8b:40:
         50:f2:a9:7e:d2:be:27:dc:75:04:f8:e5:14:2d:fb:13:9d:1e:
         a9:7f:88:a2:d7:a6:51:48:9f:7a:43:bf:ed:72:15:9a:05:2f:
         24:9e:90:c8:0f:5e:30:a8:bd:c0:a1:96:12:d9:fe:24:63:d7:
         6e:67:d5:6b:d3:09:bc:d0:15:d6:ff:1d:c9:47:9e:a9:50:b6:
         e3:40:a2:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kwbqe2Ch+ufaiNrUWRKyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjYwNDE5MDgwMDUyWhcNMjYwNDIwMDgwMDUyWjAzMTEwLwYDVQQD
EygxMDAzM2E0ZjNmMTVlOTBlNzE1YzYxOGE0YmI5N2U4ZmU5OWE1OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomDz5xKBglVkE7ULPgPhUo4qsGJg
RlIUAXGgAwVKF6l1EcYtZW7tDmxkxd7akcbzAAU6S1KcBGY7fuCm7PdPFvqVibyJ
6nZAMIJETe83ap4M0R8CH0lkYFkYyJyhM5fRb0Sgfe/yFrHFmEsirr+wwwAzhAYL
9X0vSvVc3wI2HBrzuxGgYyEbNhXDLJ6I38gjZR9KRsAPfdnoXuUtbEpPHqtL/UK3
wa6jDbTqchoAl7aqa/8MMmYRQVtWY7BafOXTEEI89C8dNJIsfRfP7fShCik4LUKV
5GOnJuFk652o5LZOY7Qu0kT1ovyzBfCKoEoi/Tcft3ESVje7nBSczNdMwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBADOk8/FekOcVxhiku5fo/pmlnJMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfT4AUkgG
r+nTs4q0Xqwq3U7tUDq72gTvsQ+vLaD0EF/ByMaGXbfiYSmE2FXLgyl69vH+zMzP
r+JJnN4Us5RbQj5PM/ePbUwA6Ky+sYco3jFM1FwqowRAnH4igP8sp96/BD4/2iy9
KyZoSq22+r44243yytmsTyLlqlBoQDig+f6LME0mfl04I3YCDgcEM3I9M35Kf1X+
PGApvPNt/PqTIf73EqsxvMceddxSS8pqGagtAItAUPKpftK+J9x1BPjlFC37E50e
qX+IotemUUifekO/7XIVmgUvJJ6QyA9eMKi9wKGWEtn+JGPXbmfVa9MJvNAV1v8d
yUeeqVC240CibQ==
-----END CERTIFICATE-----