Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          ghriY3wmTyCwM8B23pH2JkFSPAmJdyYMjwlOhFWa1mY=
Subject key identifier:   68:B9:C0:39:3C:E5:3B:47:A8:0F:31:9A:F5:DE:B6:93:16:E5:8D:9C
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       019DA3AF3C4CB2542BB03586DB14476C6171
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          1065
Signing time:             Sun 19 Apr 2026 03:01:03 +0000
Manifest this update:     Sun 19 Apr 2026 03:01:03 +0000
Manifest next update:     Mon 20 Apr 2026 03:01:03 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: 1kHcKzCNhYknrgLiBV7/wZ8Gvt4ysR73BsCw+WcDmq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:af:3c:4c:b2:54:2b:b0:35:86:db:14:47:6c:61:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Apr 19 03:01:03 2026 GMT
            Not After : Apr 20 03:01:03 2026 GMT
        Subject: CN=68b9c0393ce53b47a80f319af5deb69316e58d9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6b:9b:05:8e:11:91:bd:21:ce:f1:cb:63:fd:
                    df:4f:9f:66:c7:2a:2b:95:9d:b0:5a:33:22:2a:20:
                    35:bb:a4:f5:c1:f4:3c:03:6e:ee:4c:10:42:13:cd:
                    65:c8:28:5b:06:ae:03:4d:08:b9:a5:2c:72:4c:7c:
                    6c:8c:f2:59:90:bf:13:f8:06:b6:05:16:58:79:76:
                    f7:8d:79:e7:14:ab:fe:80:e6:79:ae:9a:d3:f9:7f:
                    44:18:20:3e:18:3f:b9:cb:c5:f9:5b:c2:6e:94:cc:
                    52:65:cd:e5:95:03:2b:ab:8e:97:80:f7:f1:11:b0:
                    09:81:fe:cb:db:ac:23:e7:9e:e1:02:03:ff:d8:c3:
                    dd:49:19:77:e7:f1:e9:ca:58:1a:e3:65:8c:ca:0d:
                    7f:df:3c:50:e3:db:a4:c5:15:20:16:f5:ad:f4:f2:
                    35:ae:35:d4:8a:6d:45:f2:e6:29:30:d7:99:25:4e:
                    23:86:2c:a2:6c:77:db:1f:4b:1f:df:34:52:7b:5f:
                    1f:1e:03:69:03:41:55:33:e2:3e:89:54:25:33:ea:
                    14:1c:7d:d8:1b:b0:34:fd:64:83:55:d6:d4:8e:b5:
                    cc:4d:e2:19:9c:ea:86:d3:07:c9:a5:72:75:01:09:
                    60:e8:44:d1:72:66:12:95:80:9d:f1:97:d1:38:69:
                    1f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:B9:C0:39:3C:E5:3B:47:A8:0F:31:9A:F5:DE:B6:93:16:E5:8D:9C
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:f7:12:c3:23:06:8e:1d:19:03:da:90:21:23:7d:b4:d3:3e:
         81:eb:80:7d:a2:8c:df:60:4d:bf:34:5c:59:f2:62:87:29:53:
         e2:58:6c:0a:57:5c:77:88:90:b4:e4:01:31:01:1d:80:4c:6e:
         f4:36:37:49:66:29:43:4c:6a:a3:9e:f6:c2:88:d4:ac:b5:cc:
         e5:bd:a7:3e:73:37:bc:db:35:2d:98:4f:9d:11:54:84:67:f4:
         ea:82:ed:41:ae:e2:8e:e0:98:2c:50:2c:7c:c8:68:00:cc:54:
         ef:ef:7f:ab:da:5f:bf:4d:f8:57:c8:87:fd:80:b3:eb:5e:63:
         f9:67:a1:2f:db:e7:06:4e:86:d9:c6:8f:da:2c:9f:3d:a6:0e:
         54:61:33:1a:42:56:73:c9:66:40:99:82:2e:5b:ae:81:39:d1:
         80:31:38:ff:e9:21:ec:9c:a0:40:74:86:f9:0c:82:bd:61:57:
         89:9e:16:36:e7:c0:16:2c:1c:46:37:90:f1:5a:56:af:5e:1f:
         d1:32:da:4b:96:a3:fc:04:ac:02:3b:f4:82:54:d3:f8:74:a7:
         1a:28:94:db:f0:97:53:ea:4a:3e:3e:7d:de:b6:4d:1a:e1:ca:
         42:93:32:5c:b2:1b:fb:82:d7:96:9c:80:b6:d4:64:0c:e1:36:
         23:1c:b4:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jrzxMslQrsDWG2xRHbGFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjYwNDE5MDMwMTAzWhcNMjYwNDIwMDMwMTAzWjAzMTEwLwYDVQQD
Eyg2OGI5YzAzOTNjZTUzYjQ3YTgwZjMxOWFmNWRlYjY5MzE2ZTU4ZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWubBY4Rkb0hzvHLY/3fT59mxyor
lZ2wWjMiKiA1u6T1wfQ8A27uTBBCE81lyChbBq4DTQi5pSxyTHxsjPJZkL8T+Aa2
BRZYeXb3jXnnFKv+gOZ5rprT+X9EGCA+GD+5y8X5W8JulMxSZc3llQMrq46XgPfx
EbAJgf7L26wj557hAgP/2MPdSRl35/Hpylga42WMyg1/3zxQ49ukxRUgFvWt9PI1
rjXUim1F8uYpMNeZJU4jhiyibHfbH0sf3zRSe18fHgNpA0FVM+I+iVQlM+oUHH3Y
G7A0/WSDVdbUjrXMTeIZnOqG0wfJpXJ1AQlg6ETRcmYSlYCd8ZfROGkfqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGi5wDk85TtHqA8xmvXetpMW5Y2cMB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAefcSwyMG
jh0ZA9qQISN9tNM+geuAfaKM32BNvzRcWfJihylT4lhsCldcd4iQtOQBMQEdgExu
9DY3SWYpQ0xqo572wojUrLXM5b2nPnM3vNs1LZhPnRFUhGf06oLtQa7ijuCYLFAs
fMhoAMxU7+9/q9pfv034V8iH/YCz615j+WehL9vnBk6G2caP2iyfPaYOVGEzGkJW
c8lmQJmCLluugTnRgDE4/+kh7JygQHSG+QyCvWFXiZ4WNufAFiwcRjeQ8VpWr14f
0TLaS5aj/ASsAjv0glTT+HSnGiiU2/CXU+pKPj593rZNGuHKQpMyXLIb+4LXlpyA
ttRkDOE2Ixy0PQ==
-----END CERTIFICATE-----