Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          1gdqQ10yQNZS6pRHQf8dp1slOHiCNZZ5iPj7bfT+aSw=
Subject key identifier:   45:62:85:32:54:8B:59:B4:3A:0A:C0:1F:66:FF:CE:66:6E:25:E1:02
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       019CAAC62A7CC1308292FD8D5E050639871B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          077B
Signing time:             Sun 01 Mar 2026 19:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:39 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: 8LhEz08yIQ5wr+wQFQBF+UP5eT9qMy0k8TghmjZ0Q7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:2a:7c:c1:30:82:92:fd:8d:5e:05:06:39:87:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Mar  1 19:00:39 2026 GMT
            Not After : Mar  2 19:00:39 2026 GMT
        Subject: CN=45628532548b59b43a0ac01f66ffce666e25e102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:78:b9:d0:fb:40:f4:82:fa:58:4c:81:19:8d:
                    0c:29:f3:fb:42:f8:44:44:01:14:55:ae:ed:0f:32:
                    07:bc:70:d3:e1:3b:d6:2f:15:31:75:1c:79:c2:fb:
                    0b:4b:65:98:bb:30:71:aa:4a:8f:9c:ba:c1:a3:49:
                    d7:3b:40:09:b9:dc:26:59:92:49:dd:aa:ee:bb:21:
                    19:be:f2:f5:e5:a9:f4:14:8b:1f:c9:d0:58:4a:7d:
                    ea:b8:1c:5e:8c:85:b4:47:a2:87:36:48:a2:92:e8:
                    06:c2:4b:45:4f:fb:bb:09:54:fb:65:23:a2:52:be:
                    63:16:d1:15:3b:7d:b7:95:5a:34:f5:86:52:17:de:
                    89:8b:0f:49:df:e5:84:58:47:14:50:d0:43:32:a6:
                    7e:b7:0c:34:b6:a5:6c:c9:e8:9f:10:21:fa:dc:1a:
                    fb:d2:28:5b:ca:75:94:18:8f:1e:4a:da:c0:0c:6f:
                    0a:b3:87:c3:2d:ab:dd:b4:9c:b1:fa:65:0c:7a:d5:
                    45:61:f3:eb:74:ed:1b:a9:31:1e:d5:a8:b6:0b:dc:
                    c2:ff:42:71:36:38:c7:22:21:5f:80:0d:2a:95:39:
                    e6:37:57:c9:c4:03:a9:82:69:e5:63:d9:cd:1a:18:
                    1f:0d:fc:12:ba:d3:ad:95:24:74:47:83:9d:b2:c1:
                    8d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:62:85:32:54:8B:59:B4:3A:0A:C0:1F:66:FF:CE:66:6E:25:E1:02
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:e7:3e:78:50:a8:90:37:ea:35:67:f8:85:1e:99:53:62:66:
         da:e8:aa:60:ab:79:48:0c:64:98:0b:43:b6:cd:83:48:5a:11:
         86:87:3e:1b:d8:2b:de:be:d7:3a:f3:f6:ea:ba:ce:8d:1d:06:
         9c:84:fb:54:28:64:fc:1f:98:c7:ea:85:4e:51:ea:e8:27:78:
         5c:21:cc:f0:0b:f2:8c:9e:2d:75:f5:ce:17:7f:76:6b:c0:e8:
         b1:a4:bf:1e:3a:db:64:9b:3f:63:e9:22:af:15:2f:fb:8e:7d:
         a4:39:fd:0f:5b:02:e7:3d:61:38:60:32:92:fa:fa:73:8e:f7:
         55:a1:72:58:50:67:84:42:92:ce:27:e9:b8:2e:98:4a:82:f3:
         af:8f:86:88:14:5c:29:dd:c7:6b:33:61:47:c4:d8:3e:f5:de:
         9b:00:dc:23:d7:ac:6f:df:57:b9:a4:5a:e7:ec:26:c4:da:34:
         ee:2c:d4:09:33:7c:61:07:77:b6:8b:60:5f:b4:8c:2b:fd:08:
         a3:90:1b:cc:bf:31:17:ef:33:01:09:18:82:4c:a1:c7:5f:88:
         1c:68:34:88:61:28:83:dc:53:4a:ea:57:6d:08:80:a9:31:8d:
         67:23:15:51:12:bc:1b:fb:7d:b6:01:45:01:5e:79:ff:67:5e:
         6d:5d:99:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxip8wTCCkv2NXgUGOYcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjYwMzAxMTkwMDM5WhcNMjYwMzAyMTkwMDM5WjAzMTEwLwYDVQQD
Eyg0NTYyODUzMjU0OGI1OWI0M2EwYWMwMWY2NmZmY2U2NjZlMjVlMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Xi50PtA9IL6WEyBGY0MKfP7QvhE
RAEUVa7tDzIHvHDT4TvWLxUxdRx5wvsLS2WYuzBxqkqPnLrBo0nXO0AJudwmWZJJ
3aruuyEZvvL15an0FIsfydBYSn3quBxejIW0R6KHNkiikugGwktFT/u7CVT7ZSOi
Ur5jFtEVO323lVo09YZSF96Jiw9J3+WEWEcUUNBDMqZ+tww0tqVsyeifECH63Br7
0ihbynWUGI8eStrADG8Ks4fDLavdtJyx+mUMetVFYfPrdO0bqTEe1ai2C9zC/0Jx
NjjHIiFfgA0qlTnmN1fJxAOpgmnlY9nNGhgfDfwSutOtlSR0R4OdssGNhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVihTJUi1m0OgrAH2b/zmZuJeECMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+c+eFCo
kDfqNWf4hR6ZU2Jm2uiqYKt5SAxkmAtDts2DSFoRhoc+G9gr3r7XOvP26rrOjR0G
nIT7VChk/B+Yx+qFTlHq6Cd4XCHM8AvyjJ4tdfXOF392a8DosaS/HjrbZJs/Y+ki
rxUv+459pDn9D1sC5z1hOGAykvr6c473VaFyWFBnhEKSzifpuC6YSoLzr4+GiBRc
Kd3HazNhR8TYPvXemwDcI9esb99XuaRa5+wmxNo07izUCTN8YQd3totgX7SMK/0I
o5AbzL8xF+8zAQkYgkyhx1+IHGg0iGEog9xTSupXbQiAqTGNZyMVURK8G/t9tgFF
AV55/2debV2Z8w==
-----END CERTIFICATE-----