Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
File:                     tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json)
Hash identifier:          RdDouR3/3kczaW1ovDvIEJtB8S9kVaON5aQRrzQ2YLc=
Subject key identifier:   D6:CA:92:C2:8A:FC:1C:94:6C:C7:60:B5:89:90:F3:73:27:1C:9D:55
Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC
Certificate issuer:       /CN=b53aca36846d2d3023648eac581c7d9b6317eedc
Certificate serial:       019CAC469DD2F8DD960045C3309486289F5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
Manifest number:          0445
Signing time:             Mon 02 Mar 2026 02:00:34 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:34 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:34 +0000
Files and hashes:         1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: xhZzTJJ0gUPkJbV7HflmJG0d8UiTPYRgsLxu3hl7iMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:9d:d2:f8:dd:96:00:45:c3:30:94:86:28:9f:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc
        Validity
            Not Before: Mar  2 02:00:34 2026 GMT
            Not After : Mar  3 02:00:34 2026 GMT
        Subject: CN=d6ca92c28afc1c946cc760b58990f373271c9d55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6f:e4:b3:cb:d2:f5:5f:79:71:14:81:73:d2:
                    3a:76:c4:29:68:83:38:e1:7a:24:7e:d7:6d:51:11:
                    9d:b9:e7:f0:2d:6e:99:34:8c:0c:79:d7:a9:17:ba:
                    dd:f5:2a:b4:1e:60:13:6e:a9:a7:7d:0a:31:50:fa:
                    18:6c:66:88:47:3c:30:94:13:57:82:fc:5a:0e:58:
                    bb:fe:01:51:14:99:77:38:0f:4b:ec:77:43:31:4b:
                    d9:bf:44:b9:7e:5c:95:fe:0d:3a:5d:d8:54:3e:1f:
                    dc:e9:dc:0c:f7:45:d3:e0:c0:2f:cf:35:c7:8d:ab:
                    cd:14:0c:43:83:c4:47:a1:9e:49:fb:c6:78:83:5c:
                    7e:60:9d:40:8e:20:31:f0:45:b2:57:68:e1:47:d0:
                    5c:6c:e2:7c:98:ba:9e:c5:04:5f:0e:11:5f:82:a4:
                    3c:0c:b1:2c:78:ac:32:35:43:1b:9b:c6:82:6e:b8:
                    02:b4:b6:78:09:f9:03:01:46:43:1a:1f:8d:ea:73:
                    45:f9:2c:a0:ad:bb:b6:dd:28:20:2f:ac:2a:70:de:
                    ba:c5:b3:b0:20:de:b8:85:53:dc:2f:cc:3b:61:cf:
                    ff:b9:e5:0f:64:82:d5:55:26:02:1f:69:a5:0c:47:
                    07:be:11:26:55:34:dd:38:c4:11:4a:06:03:20:20:
                    d4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:CA:92:C2:8A:FC:1C:94:6C:C7:60:B5:89:90:F3:73:27:1C:9D:55
            X509v3 Authority Key Identifier:
                keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:ab:d6:e3:52:a7:c0:45:66:d9:0d:d0:c3:8d:15:c6:fb:48:
         65:8f:3f:24:df:be:1e:65:c3:41:b8:be:09:10:d2:39:8e:e2:
         de:8a:88:54:e7:59:60:4c:c0:71:84:49:e9:dd:3b:54:74:99:
         09:b4:16:a0:fe:35:a7:c5:62:ea:f3:bf:26:a8:a1:bb:07:41:
         a9:7e:ef:3e:02:bc:b7:4c:e7:68:44:ca:8a:97:6d:d0:6d:fe:
         3f:85:2a:03:dc:ec:de:19:21:12:6d:cf:5c:30:e6:55:5a:53:
         b8:cd:c6:64:6b:f5:2f:dc:cc:3f:3e:ba:b7:72:84:20:fc:9a:
         d1:47:7d:ed:06:b7:a5:e9:93:53:8d:45:36:33:63:80:e1:ba:
         1a:9f:3b:f5:23:ce:cc:2d:e1:1b:84:30:36:1e:7f:6e:21:52:
         33:3d:dd:e1:0b:e8:d5:20:46:ed:3d:09:26:8a:c8:13:da:47:
         ee:2e:39:f9:81:15:4d:1e:f9:bd:d9:55:cc:b9:83:9a:d5:a9:
         65:1a:80:02:a1:a2:b1:b4:f8:60:dd:8a:45:8e:21:54:04:19:
         2f:53:eb:50:d1:cc:ea:5c:2f:7a:c1:e1:1e:63:ac:dc:85:a7:
         2f:a0:cf:6d:b0:73:19:a9:fe:18:5e:be:16:67:cb:51:09:5f:
         14:91:f2:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRp3S+N2WAEXDMJSGKJ9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx
N2VlZGMwHhcNMjYwMzAyMDIwMDM0WhcNMjYwMzAzMDIwMDM0WjAzMTEwLwYDVQQD
EyhkNmNhOTJjMjhhZmMxYzk0NmNjNzYwYjU4OTkwZjM3MzI3MWM5ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2/ks8vS9V95cRSBc9I6dsQpaIM4
4XokftdtURGduefwLW6ZNIwMedepF7rd9Sq0HmATbqmnfQoxUPoYbGaIRzwwlBNX
gvxaDli7/gFRFJl3OA9L7HdDMUvZv0S5flyV/g06XdhUPh/c6dwM90XT4MAvzzXH
javNFAxDg8RHoZ5J+8Z4g1x+YJ1AjiAx8EWyV2jhR9BcbOJ8mLqexQRfDhFfgqQ8
DLEseKwyNUMbm8aCbrgCtLZ4CfkDAUZDGh+N6nNF+Sygrbu23SggL6wqcN66xbOw
IN64hVPcL8w7Yc//ueUPZILVVSYCH2mlDEcHvhEmVTTdOMQRSgYDICDUdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbKksKK/ByUbMdgtYmQ83MnHJ1VMB8GA1UdIwQY
MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt
NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl
LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYavW41Kn
wEVm2Q3Qw40VxvtIZY8/JN++HmXDQbi+CRDSOY7i3oqIVOdZYEzAcYRJ6d07VHSZ
CbQWoP41p8Vi6vO/JqihuwdBqX7vPgK8t0znaETKipdt0G3+P4UqA9zs3hkhEm3P
XDDmVVpTuM3GZGv1L9zMPz66t3KEIPya0Ud97Qa3pemTU41FNjNjgOG6Gp879SPO
zC3hG4QwNh5/biFSMz3d4Qvo1SBG7T0JJorIE9pH7i45+YEVTR75vdlVzLmDmtWp
ZRqAAqGisbT4YN2KRY4hVAQZL1PrUNHM6lwvesHhHmOs3IWnL6DPbbBzGan+GF6+
FmfLUQlfFJHyPg==
-----END CERTIFICATE-----