Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
File:                     TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json)
Hash identifier:          Zd/jK7lT9Nv++JpIq/m54SG/eJfVBByqmB1vFL8vkvU=
Subject key identifier:   5A:EB:AC:6B:B1:02:03:C1:67:94:C8:5C:79:8D:85:A6:DB:36:D5:5B
Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5
Certificate issuer:       /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
Certificate serial:       019CAC7E0A2C40A34C7F1140C4411291E92B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
Manifest number:          0FE5
Signing time:             Mon 02 Mar 2026 03:01:07 +0000
Manifest this update:     Mon 02 Mar 2026 03:01:07 +0000
Manifest next update:     Tue 03 Mar 2026 03:01:07 +0000
Files and hashes:         1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: eQ7bxqMnoEhFvqILIOoz+1axPEl7XSMWGm7TOXJR550=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7e:0a:2c:40:a3:4c:7f:11:40:c4:41:12:91:e9:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5
        Validity
            Not Before: Mar  2 03:01:07 2026 GMT
            Not After : Mar  3 03:01:07 2026 GMT
        Subject: CN=5aebac6bb10203c16794c85c798d85a6db36d55b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ca:88:47:a6:00:76:4d:33:2a:91:4e:42:68:
                    57:06:95:fe:f9:1f:0f:8b:b9:f3:e9:73:ce:f6:81:
                    46:ab:1c:cd:d3:d9:4a:d1:80:32:a7:f7:0a:2b:8d:
                    57:84:1d:1e:4d:3a:4e:5d:58:80:02:3b:0d:dc:f8:
                    4f:28:b6:c6:cf:7c:81:87:60:ea:5a:f3:a5:4b:d3:
                    1b:d8:0e:e7:95:56:76:ad:e6:e7:3c:53:93:54:28:
                    8c:68:59:53:b3:0f:9a:cc:e8:2a:01:46:db:ff:eb:
                    06:bb:5a:dd:ac:d5:f1:78:4f:df:07:92:75:02:2a:
                    ca:2b:05:8d:f0:df:00:e2:f0:30:5c:9a:16:07:16:
                    1d:37:8f:93:79:dd:be:75:03:94:27:70:db:e7:5e:
                    b3:83:7d:6e:60:55:09:53:98:d1:09:bb:9f:78:61:
                    1e:28:ca:ef:45:8d:17:15:6e:a6:23:d6:50:f5:b5:
                    31:7a:08:ee:e6:f0:e3:ed:94:a7:4e:9c:75:6e:09:
                    7a:ca:56:e2:80:9a:89:ee:4f:6a:01:6d:af:1f:26:
                    22:88:b2:72:ed:89:ef:d7:35:39:09:b2:d4:9c:56:
                    b5:53:54:5d:9e:08:63:45:28:fe:49:41:0d:24:d2:
                    b5:8b:35:da:cf:77:3d:c4:14:47:99:62:24:04:b5:
                    d1:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:EB:AC:6B:B1:02:03:C1:67:94:C8:5C:79:8D:85:A6:DB:36:D5:5B
            X509v3 Authority Key Identifier:
                keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:38:6c:80:f5:18:03:1d:51:59:bf:83:d3:43:6f:33:65:ff:
         be:e3:e1:76:ad:cb:29:43:35:0b:1e:eb:82:73:97:72:82:fb:
         4d:e0:80:8f:5e:33:be:ca:d4:d9:64:76:22:db:6e:7b:54:e1:
         0b:f0:67:40:f6:50:5e:15:00:28:1a:93:26:c0:ed:f1:13:51:
         f6:59:1c:7f:87:d5:2b:76:8b:23:1b:da:a2:79:f1:d7:63:2f:
         d5:6d:f4:58:d8:b7:4d:52:fd:e4:ae:d3:f7:9a:81:8b:c9:94:
         60:6e:28:62:1e:5f:bb:55:fa:42:aa:18:da:ff:13:79:94:13:
         86:e8:e4:88:9b:28:6e:19:2e:f3:08:44:65:4f:bf:c3:b7:7e:
         bf:b8:de:db:d4:26:cc:f3:d3:2f:8f:b6:2d:24:44:7c:3b:82:
         01:1a:17:4a:a9:da:ef:57:f5:a9:88:a4:fc:e6:de:51:67:26:
         14:5e:10:aa:99:a6:91:39:13:91:7a:5c:38:34:0c:d4:a2:41:
         98:b4:f4:1e:b0:ea:84:7a:8e:ec:24:ce:2f:b2:83:ac:28:7d:
         76:a9:6d:74:c6:64:23:7c:42:f2:bb:36:f2:64:55:b8:9f:43:
         d7:a3:d2:5e:f5:df:8e:6b:be:0b:68:85:aa:d2:32:1a:fa:55:
         e5:1e:ba:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfgosQKNMfxFAxEESkekrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw
ZmZlZDUwHhcNMjYwMzAyMDMwMTA3WhcNMjYwMzAzMDMwMTA3WjAzMTEwLwYDVQQD
Eyg1YWViYWM2YmIxMDIwM2MxNjc5NGM4NWM3OThkODVhNmRiMzZkNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8qIR6YAdk0zKpFOQmhXBpX++R8P
i7nz6XPO9oFGqxzN09lK0YAyp/cKK41XhB0eTTpOXViAAjsN3PhPKLbGz3yBh2Dq
WvOlS9Mb2A7nlVZ2rebnPFOTVCiMaFlTsw+azOgqAUbb/+sGu1rdrNXxeE/fB5J1
AirKKwWN8N8A4vAwXJoWBxYdN4+Ted2+dQOUJ3Db516zg31uYFUJU5jRCbufeGEe
KMrvRY0XFW6mI9ZQ9bUxegju5vDj7ZSnTpx1bgl6ylbigJqJ7k9qAW2vHyYiiLJy
7Ynv1zU5CbLUnFa1U1RdnghjRSj+SUENJNK1izXaz3c9xBRHmWIkBLXRXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrrrGuxAgPBZ5TIXHmNhabbNtVbMB8GA1UdIwQY
MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt
YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx
LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWThsgPUY
Ax1RWb+D00NvM2X/vuPhdq3LKUM1Cx7rgnOXcoL7TeCAj14zvsrU2WR2Ittue1Th
C/BnQPZQXhUAKBqTJsDt8RNR9lkcf4fVK3aLIxvaonnx12Mv1W30WNi3TVL95K7T
95qBi8mUYG4oYh5fu1X6QqoY2v8TeZQThujkiJsobhku8whEZU+/w7d+v7je29Qm
zPPTL4+2LSREfDuCARoXSqna71f1qYik/ObeUWcmFF4QqpmmkTkTkXpcODQM1KJB
mLT0HrDqhHqO7CTOL7KDrCh9dqltdMZkI3xC8rs28mRVuJ9D16PSXvXfjmu+C2iF
qtIyGvpV5R66NA==
-----END CERTIFICATE-----