Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          0HbRsIXGX18UaiK4iUsCxuE4wzpp3Q8PVnU2IgFr6yk=
Subject key identifier:   C7:85:27:BD:9D:97:24:53:7E:A9:48:F7:D0:2D:38:85:DB:DD:FE:D2
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       019CADFE070253E0427153D65865B53E7B87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          1515
Signing time:             Mon 02 Mar 2026 10:00:32 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:32 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:32 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: t0cOUuz5LXs7679Y6F9PS/83ueYO5B8E/AznIqnGjpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:07:02:53:e0:42:71:53:d6:58:65:b5:3e:7b:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Mar  2 10:00:32 2026 GMT
            Not After : Mar  3 10:00:32 2026 GMT
        Subject: CN=c78527bd9d9724537ea948f7d02d3885dbddfed2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c0:d9:e5:2a:83:32:19:b0:8b:e4:d3:dc:b0:
                    6e:fc:70:f6:59:6e:8e:0f:73:ac:4b:24:9a:1c:fe:
                    47:69:74:a3:3f:c0:66:a7:0f:06:2e:37:8f:83:28:
                    cd:95:3a:8a:79:f7:f8:aa:75:fa:9f:50:77:1d:b7:
                    c4:09:9c:3b:95:4e:fb:fc:25:04:82:b8:be:d4:77:
                    90:3d:f7:a8:90:1b:89:f0:b1:35:96:27:7a:95:dd:
                    4b:8c:dd:10:ac:63:c2:9d:d1:5c:80:e4:3f:0c:c0:
                    70:fe:15:d1:50:fa:20:c4:12:33:be:17:ae:64:07:
                    32:38:02:ab:f2:e3:df:c8:aa:a3:b5:a8:97:62:59:
                    65:ed:23:26:8a:1d:10:fa:5d:c3:71:92:54:fa:98:
                    04:77:db:8e:a8:fa:fb:79:e3:58:76:db:a5:86:8a:
                    cf:fd:28:c7:d8:d6:0d:a2:14:f0:ca:b7:ad:43:64:
                    89:ab:3c:24:e8:3d:a0:ab:54:ef:02:58:e4:70:24:
                    cc:9b:b7:1e:ff:10:37:1c:05:05:4e:2c:ac:79:83:
                    b7:11:5d:69:ec:5b:6a:de:1c:36:65:c9:14:e7:61:
                    c9:ec:02:cd:e9:3d:9e:69:23:c2:0a:3c:8d:ee:1a:
                    29:99:88:6c:22:b1:0c:16:e4:eb:af:5c:fe:ba:83:
                    29:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:85:27:BD:9D:97:24:53:7E:A9:48:F7:D0:2D:38:85:DB:DD:FE:D2
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:1e:4c:b0:8e:5e:36:c7:e9:92:4a:a4:80:9d:cd:ad:11:e5:
         9d:82:91:72:46:b8:07:02:6f:16:c2:ae:1b:ef:24:ec:f0:aa:
         58:bc:74:db:0c:72:5b:a0:46:c8:51:9c:e9:b4:ec:8e:41:b2:
         3c:70:8d:da:d8:f5:b3:bc:cd:85:8e:ea:34:ff:15:e6:61:45:
         51:17:0c:1e:20:2c:0b:fd:30:20:f4:9a:11:99:69:de:71:f6:
         94:0b:82:93:63:6d:55:80:99:b0:d7:4b:ef:8a:1b:61:ee:b5:
         bd:11:9b:6b:75:1a:9a:4c:7d:42:28:4a:02:12:a4:2e:12:47:
         15:18:5d:14:91:0e:6a:f9:f6:dc:5a:8b:35:3e:e9:28:4c:70:
         84:b8:3f:84:b7:f2:69:c0:2e:8e:22:61:99:f8:07:70:7e:e9:
         a3:af:87:40:3a:46:6a:81:95:fe:6c:ce:d8:ba:ed:79:ca:2f:
         53:19:7a:28:25:e6:1e:82:17:8b:4b:0f:20:a1:05:8f:66:95:
         52:2c:e3:d2:56:d4:15:28:dc:89:a6:91:f0:21:23:1f:57:a9:
         d0:2e:4d:e8:47:d0:46:0a:60:98:9d:cc:20:0c:6c:fa:42:4a:
         8d:e0:9e:5e:f2:bc:eb:3a:d9:73:a6:5b:f2:88:77:1a:36:c8:
         1e:50:60:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/gcCU+BCcVPWWGW1PnuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjYwMzAyMTAwMDMyWhcNMjYwMzAzMTAwMDMyWjAzMTEwLwYDVQQD
EyhjNzg1MjdiZDlkOTcyNDUzN2VhOTQ4ZjdkMDJkMzg4NWRiZGRmZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsDZ5SqDMhmwi+TT3LBu/HD2WW6O
D3OsSySaHP5HaXSjP8Bmpw8GLjePgyjNlTqKeff4qnX6n1B3HbfECZw7lU77/CUE
gri+1HeQPfeokBuJ8LE1lid6ld1LjN0QrGPCndFcgOQ/DMBw/hXRUPogxBIzvheu
ZAcyOAKr8uPfyKqjtaiXYlll7SMmih0Q+l3DcZJU+pgEd9uOqPr7eeNYdtulhorP
/SjH2NYNohTwyretQ2SJqzwk6D2gq1TvAljkcCTMm7ce/xA3HAUFTiyseYO3EV1p
7Ftq3hw2ZckU52HJ7ALN6T2eaSPCCjyN7hopmYhsIrEMFuTrr1z+uoMp6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeFJ72dlyRTfqlI99AtOIXb3f7SMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPR5MsI5e
NsfpkkqkgJ3NrRHlnYKRcka4BwJvFsKuG+8k7PCqWLx02wxyW6BGyFGc6bTsjkGy
PHCN2tj1s7zNhY7qNP8V5mFFURcMHiAsC/0wIPSaEZlp3nH2lAuCk2NtVYCZsNdL
74obYe61vRGba3Uamkx9QihKAhKkLhJHFRhdFJEOavn23FqLNT7pKExwhLg/hLfy
acAujiJhmfgHcH7po6+HQDpGaoGV/mzO2LrtecovUxl6KCXmHoIXi0sPIKEFj2aV
Uizj0lbUFSjciaaR8CEjH1ep0C5N6EfQRgpgmJ3MIAxs+kJKjeCeXvK86zrZc6Zb
8oh3GjbIHlBgXA==
-----END CERTIFICATE-----