Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
File:                     tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json)
Hash identifier:          Soc7gFpR+8/U9pI2AnBzhA6ZtxJjSEnnLO9veEsDdcA=
Subject key identifier:   6D:73:11:2D:D0:8E:81:F5:18:BC:34:FB:61:CE:65:88:B1:A8:60:15
Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C
Certificate issuer:       /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
Certificate serial:       019D9AE31DCC2E4A0C2A6B42973434BA3573
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 10:01:08 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:08 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:08 +0000
Files and hashes:         1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: rFcI8rJ9s0aFmFAac9CLZ5Q0zfV6/fiV2zoQR4OVqvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:1d:cc:2e:4a:0c:2a:6b:42:97:34:34:ba:35:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c
        Validity
            Not Before: Apr 17 10:01:08 2026 GMT
            Not After : Apr 18 10:01:08 2026 GMT
        Subject: CN=6d73112dd08e81f518bc34fb61ce6588b1a86015
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:8c:ba:b5:1d:88:94:e2:af:65:15:4a:5d:ce:
                    ea:84:fe:52:58:4e:c1:0f:16:bc:72:6f:86:92:c0:
                    34:82:27:aa:48:36:82:c2:3b:85:6b:b3:47:17:22:
                    e8:a8:18:dc:14:7d:27:76:b1:51:ea:b4:12:a7:66:
                    a2:1d:2f:83:39:e7:cf:08:e7:6d:5d:e3:30:09:71:
                    cf:39:9b:e5:1f:5c:ad:19:3a:cf:dc:4a:96:bf:56:
                    da:77:d9:16:dd:4c:43:09:70:21:54:1c:4a:b4:95:
                    5e:bf:aa:0c:5a:61:e8:05:4b:6a:d8:b1:e5:44:b3:
                    41:f7:64:2e:6e:c6:86:56:8a:3b:a1:17:b3:a8:e8:
                    96:0c:8d:01:a1:dc:02:bd:4a:02:6b:6c:d4:19:1a:
                    cf:58:1c:ff:b6:3b:27:67:f1:a6:77:c7:b2:88:2c:
                    6b:44:d8:a7:33:c6:00:96:2a:5a:d9:01:40:1f:79:
                    d0:47:3d:b1:8f:50:e2:bd:33:b7:44:ff:bc:65:ea:
                    92:ca:87:b2:16:83:95:43:a8:31:36:70:f6:a4:1a:
                    d3:d9:65:85:c3:f8:4c:fd:2e:bc:1a:a1:14:ec:ba:
                    cd:d6:36:65:9c:60:2a:19:1d:d2:eb:4f:ae:23:69:
                    65:f6:3a:14:4b:4d:c2:a2:0d:1f:d6:41:40:76:2b:
                    e4:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:73:11:2D:D0:8E:81:F5:18:BC:34:FB:61:CE:65:88:B1:A8:60:15
            X509v3 Authority Key Identifier:
                keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:7a:e0:b8:04:47:42:1b:5e:bb:d3:69:02:9b:18:40:89:cb:
         43:08:d7:4d:50:e7:25:b2:5f:d3:1f:f0:e0:da:9b:3b:88:99:
         72:ce:2e:60:6e:d6:10:08:5c:ec:cd:65:9f:3d:99:b1:53:a2:
         70:e1:b1:be:cc:4a:28:83:22:79:07:da:c9:c9:0c:b9:30:4f:
         df:74:59:bd:28:24:23:5e:e6:8b:75:2d:52:3a:0c:92:de:13:
         da:91:87:23:1d:3b:f6:8e:57:75:5a:98:cb:c6:e8:33:31:5f:
         bf:70:33:c2:66:1c:ef:c5:8d:55:42:69:f2:77:0d:6f:44:d4:
         31:e4:ed:d6:c6:fa:73:26:cb:39:19:69:78:31:be:74:34:78:
         83:13:17:0f:73:f1:e6:23:ed:d7:aa:bf:10:2b:ef:73:6c:2c:
         f9:63:7a:16:25:c4:26:21:f3:46:8f:6e:95:9c:57:f9:11:88:
         a3:a1:48:2c:41:12:b3:a1:d0:1d:ce:06:53:cb:dc:8b:ec:90:
         11:c3:bd:94:b9:55:fc:05:78:20:d5:68:05:bb:3c:04:64:68:
         82:84:6c:c1:c1:74:3d:8e:bf:06:98:ae:3a:c9:7b:7e:3e:f2:
         e9:f7:93:1e:8f:51:87:d3:19:4b:eb:e8:48:b6:14:18:98:ce:
         da:2d:19:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4x3MLkoMKmtClzQ0ujVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4
OTI2MmMwHhcNMjYwNDE3MTAwMTA4WhcNMjYwNDE4MTAwMTA4WjAzMTEwLwYDVQQD
Eyg2ZDczMTEyZGQwOGU4MWY1MThiYzM0ZmI2MWNlNjU4OGIxYTg2MDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYy6tR2IlOKvZRVKXc7qhP5SWE7B
Dxa8cm+GksA0gieqSDaCwjuFa7NHFyLoqBjcFH0ndrFR6rQSp2aiHS+DOefPCOdt
XeMwCXHPOZvlH1ytGTrP3EqWv1bad9kW3UxDCXAhVBxKtJVev6oMWmHoBUtq2LHl
RLNB92QubsaGVoo7oRezqOiWDI0BodwCvUoCa2zUGRrPWBz/tjsnZ/Gmd8eyiCxr
RNinM8YAlipa2QFAH3nQRz2xj1DivTO3RP+8ZeqSyoeyFoOVQ6gxNnD2pBrT2WWF
w/hM/S68GqEU7LrN1jZlnGAqGR3S60+uI2ll9joUS03Cog0f1kFAdivkRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1zES3QjoH1GLw0+2HOZYixqGAVMB8GA1UdIwQY
MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt
ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4
LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD3rguARH
Qhteu9NpApsYQInLQwjXTVDnJbJf0x/w4NqbO4iZcs4uYG7WEAhc7M1lnz2ZsVOi
cOGxvsxKKIMieQfayckMuTBP33RZvSgkI17mi3UtUjoMkt4T2pGHIx079o5XdVqY
y8boMzFfv3AzwmYc78WNVUJp8ncNb0TUMeTt1sb6cybLORlpeDG+dDR4gxMXD3Px
5iPt16q/ECvvc2ws+WN6FiXEJiHzRo9ulZxX+RGIo6FILEESs6HQHc4GU8vci+yQ
EcO9lLlV/AV4INVoBbs8BGRogoRswcF0PY6/BpiuOsl7fj7y6feTHo9Rh9MZS+vo
SLYUGJjO2i0ZhA==
-----END CERTIFICATE-----