Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          xbIOFH0+r/8D//wVHQMojcH0uZoTt77EldybDIJn7Ds=
Subject key identifier:   10:66:AF:BD:E8:B5:50:78:0A:2C:DC:DB:22:71:BD:0A:8F:8D:E9:36
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019D999962064CF62F8A3E5BBDEC0DBC699B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          158F
Signing time:             Fri 17 Apr 2026 04:00:59 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:59 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:59 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: 0EIv52eGp1BgfjSSkb49pcs78EDLy4YdzUedyTloDHQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:62:06:4c:f6:2f:8a:3e:5b:bd:ec:0d:bc:69:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Apr 17 04:00:59 2026 GMT
            Not After : Apr 18 04:00:59 2026 GMT
        Subject: CN=1066afbde8b550780a2cdcdb2271bd0a8f8de936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f9:a0:ef:29:0d:49:1e:d8:33:f2:ee:5a:d4:
                    e8:5c:9a:74:91:e5:9e:ad:3c:21:45:5e:c7:07:4b:
                    23:16:41:29:74:73:9f:ba:17:7b:23:0a:30:40:bb:
                    9f:65:0c:28:3e:3a:af:5d:c7:c7:9a:72:e8:36:84:
                    44:1c:ae:ae:72:c6:28:be:04:3b:0d:c7:1d:c7:f2:
                    6d:27:13:8b:76:c3:78:1c:4c:89:bb:17:2d:bf:c1:
                    8b:b2:68:99:1f:d2:c9:37:f9:45:c6:8e:0e:25:da:
                    d7:90:66:55:f6:90:f5:d2:28:0b:34:e2:16:d4:cd:
                    08:7b:8c:bf:2d:42:5b:23:4f:f4:2a:29:03:da:c5:
                    f1:9a:ac:98:42:91:41:0e:a5:71:3c:f7:c5:e1:dd:
                    9f:82:ff:a4:cd:ea:b1:2b:0b:24:43:2e:28:e8:ff:
                    db:cc:ab:c7:91:bf:84:25:99:b6:fb:d0:c2:85:67:
                    36:cd:fc:78:36:6e:4a:ad:bc:29:04:5b:6b:7c:eb:
                    68:5e:fb:bc:82:42:fc:ed:be:93:09:79:ad:41:01:
                    52:92:77:d5:76:94:8d:a0:4f:50:d6:61:33:da:49:
                    6d:62:4e:3a:dc:08:2b:e9:83:70:e0:be:26:c9:d7:
                    07:f6:17:ef:77:55:61:4c:93:43:7a:9a:61:15:eb:
                    2f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:66:AF:BD:E8:B5:50:78:0A:2C:DC:DB:22:71:BD:0A:8F:8D:E9:36
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:b1:82:8f:eb:77:2b:0d:df:95:70:82:a5:77:59:e9:76:99:
         3b:b6:c7:d5:75:aa:0a:ae:5a:9e:9c:78:05:2a:e2:82:56:06:
         28:e2:35:fa:16:50:ae:7e:13:91:4f:13:85:a8:d5:08:43:5f:
         ba:8f:da:33:8f:94:9b:c3:05:a0:89:cf:3f:f6:e6:d8:8d:08:
         27:c5:14:30:6d:43:3b:8e:fa:0e:50:69:97:47:97:81:e0:30:
         fa:a6:03:ec:f4:1d:98:99:c2:0d:9b:a5:84:4d:eb:03:95:4a:
         14:b5:e1:d5:d7:45:49:d5:da:94:de:7c:75:09:39:aa:7f:51:
         07:3c:f7:31:ef:1e:90:8c:3c:0b:3f:14:42:c4:9d:83:d3:ec:
         93:71:af:01:ff:c5:ce:85:a0:08:c2:40:4e:be:ce:7a:06:3b:
         83:5f:17:a5:a1:fd:90:e2:36:64:59:5c:e3:ca:22:58:41:0f:
         d5:d9:19:20:fd:24:43:85:03:1f:ba:69:8b:85:15:61:e7:05:
         55:e0:86:23:1c:a8:57:20:ea:c9:a6:e4:c8:05:d1:c8:70:b7:
         55:12:d1:fb:bf:e5:00:b3:e1:8e:27:12:32:af:e3:7d:bf:a5:
         21:42:19:7c:49:35:e6:23:2b:8f:b6:ce:15:ca:5e:56:b7:0a:
         64:75:2d:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmWIGTPYvij5bvewNvGmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjYwNDE3MDQwMDU5WhcNMjYwNDE4MDQwMDU5WjAzMTEwLwYDVQQD
EygxMDY2YWZiZGU4YjU1MDc4MGEyY2RjZGIyMjcxYmQwYThmOGRlOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfmg7ykNSR7YM/LuWtToXJp0keWe
rTwhRV7HB0sjFkEpdHOfuhd7IwowQLufZQwoPjqvXcfHmnLoNoREHK6ucsYovgQ7
Dccdx/JtJxOLdsN4HEyJuxctv8GLsmiZH9LJN/lFxo4OJdrXkGZV9pD10igLNOIW
1M0Ie4y/LUJbI0/0KikD2sXxmqyYQpFBDqVxPPfF4d2fgv+kzeqxKwskQy4o6P/b
zKvHkb+EJZm2+9DChWc2zfx4Nm5KrbwpBFtrfOtoXvu8gkL87b6TCXmtQQFSknfV
dpSNoE9Q1mEz2kltYk463Agr6YNw4L4mydcH9hfvd1VhTJNDepphFesvqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBmr73otVB4Cizc2yJxvQqPjek2MB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7GCj+t3
Kw3flXCCpXdZ6XaZO7bH1XWqCq5anpx4BSriglYGKOI1+hZQrn4TkU8ThajVCENf
uo/aM4+Um8MFoInPP/bm2I0IJ8UUMG1DO476DlBpl0eXgeAw+qYD7PQdmJnCDZul
hE3rA5VKFLXh1ddFSdXalN58dQk5qn9RBzz3Me8ekIw8Cz8UQsSdg9Psk3GvAf/F
zoWgCMJATr7OegY7g18XpaH9kOI2ZFlc48oiWEEP1dkZIP0kQ4UDH7ppi4UVYecF
VeCGIxyoVyDqyabkyAXRyHC3VRLR+7/lALPhjicSMq/jfb+lIUIZfEk15iMrj7bO
FcpeVrcKZHUtFg==
-----END CERTIFICATE-----