Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
File:                     tPljRdPyLts5XSR_e4bS1z5KAJE.mft (raw, json)
Hash identifier:          6JKFlY7ohvFQ5oy4YX/Teq0QCHBYQURDD6UFdSychKs=
Subject key identifier:   F5:F6:DD:22:93:74:F8:39:A8:49:52:B5:6C:68:CB:4A:9E:A5:06:CD
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       019CAAFD976596F63A698E2531B8CB25E322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
Manifest number:          14D1
Signing time:             Sun 01 Mar 2026 20:01:11 +0000
Manifest this update:     Sun 01 Mar 2026 20:01:11 +0000
Manifest next update:     Mon 02 Mar 2026 20:01:11 +0000
Files and hashes:         1: tPljRdPyLts5XSR_e4bS1z5KAJE.crl (hash: XWLbsKRi8gRH/avz5rsXtriCE9eykcy5zin2bdomgqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:97:65:96:f6:3a:69:8e:25:31:b8:cb:25:e3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Mar  1 20:01:11 2026 GMT
            Not After : Mar  2 20:01:11 2026 GMT
        Subject: CN=f5f6dd229374f839a84952b56c68cb4a9ea506cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:81:e1:91:1a:56:03:0f:f8:49:78:26:1f:b7:
                    f9:16:eb:53:28:8e:21:ca:89:67:03:01:b0:3a:7b:
                    43:14:2b:a2:39:c0:d6:58:2a:fb:fc:6c:92:35:76:
                    79:a0:a8:47:6a:b4:9d:79:4e:85:44:2a:0e:dd:c5:
                    09:c4:7d:aa:d3:72:2c:16:12:64:6a:44:21:9c:28:
                    73:62:cd:31:68:a6:60:4e:37:28:78:0c:10:85:15:
                    fa:cc:96:61:1e:16:b2:61:3c:16:61:ea:ad:aa:14:
                    62:8b:6c:8c:13:2f:ce:30:25:ba:69:ef:0f:ef:ca:
                    35:97:84:ae:82:72:1a:20:66:9f:65:ea:60:22:43:
                    06:4d:81:3c:7b:96:d9:cb:a2:e3:8d:65:6c:34:91:
                    f2:d7:43:1d:69:91:35:29:49:cb:d7:59:17:a6:cd:
                    0b:ea:7e:f8:b8:48:74:50:6c:83:5d:f4:d3:b4:c1:
                    de:69:6f:d9:cf:ae:4a:b2:24:d2:75:6b:e4:e2:66:
                    b8:32:73:6f:30:80:d5:16:4f:0b:44:e0:94:0b:f0:
                    6d:96:c5:9b:27:1e:55:81:5e:17:7e:3f:10:a9:7f:
                    05:73:9c:92:18:70:a5:5f:8a:c8:d9:37:7b:12:2f:
                    38:e1:43:8f:1f:6f:b3:de:82:aa:72:b2:19:85:6d:
                    07:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:F6:DD:22:93:74:F8:39:A8:49:52:B5:6C:68:CB:4A:9E:A5:06:CD
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:a6:8c:5a:c6:d4:93:11:44:65:43:6f:96:8a:1b:a1:1e:b8:
         81:64:fa:af:c2:9b:ef:10:68:88:8a:f5:b4:3a:75:ea:36:76:
         b0:0e:83:82:18:bb:6f:0b:2a:c8:a6:7f:1d:ee:b0:c6:ee:fb:
         26:ba:95:49:71:a2:7d:03:e9:37:fe:e9:44:5f:4c:9d:72:5e:
         c1:31:52:dc:2b:f3:39:11:f1:c6:60:7b:47:18:40:6c:2e:bc:
         c0:db:ec:50:5a:7b:48:9b:f6:6f:c5:20:92:60:84:51:fc:30:
         ce:68:7e:2e:8a:62:8d:fb:20:b6:1f:8d:a5:37:2a:0c:19:e8:
         6d:88:a6:b0:b1:90:00:a8:f0:e6:06:1b:0f:b2:20:d5:c9:0d:
         4b:1d:4e:6a:24:cf:d5:e8:8f:d0:7c:3f:8d:58:a6:c8:8a:df:
         0b:26:5f:a0:0f:29:99:00:d5:4d:b9:a6:bf:cc:db:30:e8:35:
         db:ae:01:17:c4:ba:d0:89:48:c3:87:61:34:f8:e2:77:85:2a:
         76:80:5f:5f:18:f1:d5:9d:12:e9:a6:07:55:8f:ba:94:ad:88:
         51:66:b3:6b:9a:78:57:83:43:02:96:c9:3e:58:00:94:dd:b8:
         e1:80:79:47:92:03:2a:bc:8b:cf:e5:ed:82:03:02:2a:19:1c:
         77:3b:ee:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/ZdllvY6aY4lMbjLJeMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjYwMzAxMjAwMTExWhcNMjYwMzAyMjAwMTExWjAzMTEwLwYDVQQD
EyhmNWY2ZGQyMjkzNzRmODM5YTg0OTUyYjU2YzY4Y2I0YTllYTUwNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIHhkRpWAw/4SXgmH7f5FutTKI4h
yolnAwGwOntDFCuiOcDWWCr7/GySNXZ5oKhHarSdeU6FRCoO3cUJxH2q03IsFhJk
akQhnChzYs0xaKZgTjcoeAwQhRX6zJZhHhayYTwWYeqtqhRii2yMEy/OMCW6ae8P
78o1l4SugnIaIGafZepgIkMGTYE8e5bZy6LjjWVsNJHy10MdaZE1KUnL11kXps0L
6n74uEh0UGyDXfTTtMHeaW/Zz65KsiTSdWvk4ma4MnNvMIDVFk8LROCUC/BtlsWb
Jx5VgV4Xfj8QqX8Fc5ySGHClX4rI2Td7Ei844UOPH2+z3oKqcrIZhW0HvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPX23SKTdPg5qElStWxoy0qepQbNMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqaMWsbU
kxFEZUNvlooboR64gWT6r8Kb7xBoiIr1tDp16jZ2sA6Dghi7bwsqyKZ/He6wxu77
JrqVSXGifQPpN/7pRF9MnXJewTFS3CvzORHxxmB7RxhAbC68wNvsUFp7SJv2b8Ug
kmCEUfwwzmh+Lopijfsgth+NpTcqDBnobYimsLGQAKjw5gYbD7Ig1ckNSx1OaiTP
1eiP0Hw/jVimyIrfCyZfoA8pmQDVTbmmv8zbMOg1264BF8S60IlIw4dhNPjid4Uq
doBfXxjx1Z0S6aYHVY+6lK2IUWaza5p4V4NDApbJPlgAlN244YB5R5IDKryLz+Xt
ggMCKhkcdzvuTA==
-----END CERTIFICATE-----