Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
File:                     Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft (raw, json)
Hash identifier:          rrnFK4khnVYrX8DBeYvRW2jZd8TBkR6D7ef/+WDDBms=
Subject key identifier:   C2:CE:AC:99:D2:5E:DF:4C:CA:46:DF:22:03:1C:DE:CA:8D:6A:FC:F3
Authority key identifier: 31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54
Certificate issuer:       /CN=31fd401741e669e920b03c6c76aa3a7871403f54
Certificate serial:       019D3A539C5BC5D331892E51844753B6244A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
Manifest number:          06F7
Signing time:             Sun 29 Mar 2026 16:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:51 +0000
Files and hashes:         1: Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl (hash: Uar5BM++WhiJdk+WFqkSQ2kXCn7jnYbF/W8O4Jhx8D0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:9c:5b:c5:d3:31:89:2e:51:84:47:53:b6:24:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31fd401741e669e920b03c6c76aa3a7871403f54
        Validity
            Not Before: Mar 29 16:00:51 2026 GMT
            Not After : Mar 30 16:00:51 2026 GMT
        Subject: CN=c2ceac99d25edf4cca46df22031cdeca8d6afcf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b4:12:b0:89:3c:26:07:af:6a:ed:5d:4d:9c:
                    d6:54:a2:24:cb:e2:66:55:60:8c:d3:48:3e:96:56:
                    af:4b:85:e3:c0:db:b0:11:31:ea:09:d9:71:f5:76:
                    50:31:dd:dc:11:2c:c3:36:66:cc:63:fe:59:ca:82:
                    a3:bb:a9:f8:84:99:64:39:d8:dd:02:43:44:ef:70:
                    b8:02:13:35:c3:93:68:21:a1:f1:9e:99:8d:f3:1c:
                    ef:e0:dd:4e:68:65:df:9f:aa:25:a2:f4:c0:bb:cc:
                    8f:44:99:a3:ee:7d:61:29:33:3b:2b:9a:4c:27:73:
                    03:c2:f0:fd:63:a0:bf:cb:39:d1:08:6c:d6:a0:c4:
                    0d:56:0b:dc:d3:dd:22:64:5b:24:25:da:ee:5f:47:
                    32:6e:05:b7:f5:94:4a:13:00:d0:f5:53:44:bc:e1:
                    7e:04:4e:b7:8d:60:d0:9e:e3:ab:b1:e2:4e:0b:6c:
                    bb:05:b6:07:a1:94:38:af:ad:01:a3:b9:82:af:46:
                    d1:30:27:f0:88:da:d3:b0:ce:c7:ec:ed:a8:c3:c0:
                    a4:c8:84:df:30:50:4d:d1:e7:5c:22:92:c1:2e:33:
                    5a:0d:98:ce:0b:51:20:f7:92:7a:92:aa:30:25:88:
                    3f:ac:bc:9d:af:61:27:71:86:66:1e:b2:b6:63:39:
                    3c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:CE:AC:99:D2:5E:DF:4C:CA:46:DF:22:03:1C:DE:CA:8D:6A:FC:F3
            X509v3 Authority Key Identifier:
                keyid:31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:da:26:ca:b0:f4:44:5d:b2:ef:c6:3b:f6:91:b9:00:1f:23:
         72:80:4b:7c:0c:3b:26:24:03:32:cc:0a:2f:5f:fe:62:15:3e:
         35:ab:e1:4f:c6:70:23:fa:af:92:d9:b2:00:55:3a:37:b9:b6:
         8f:dd:d9:8b:c1:30:f9:e4:eb:b7:0e:c0:86:bf:aa:8b:6a:d1:
         43:49:78:d2:f4:6d:d2:78:03:3f:de:ad:71:57:80:c1:6f:56:
         21:d3:e2:35:0f:ba:59:e0:1d:a1:f5:57:e5:90:cb:d2:15:61:
         e9:22:38:a2:cd:d5:70:99:b3:6d:54:85:09:be:0e:5c:2b:1b:
         39:2e:61:ca:1f:e6:7b:68:7a:88:86:7c:47:59:7f:8d:ab:78:
         bd:e0:40:f5:8c:f2:b1:59:bb:26:9b:c4:a3:95:de:6c:bd:d1:
         fa:60:34:07:2d:8d:59:0a:44:12:97:c9:dc:d1:ed:21:23:6d:
         c4:ed:84:eb:b4:42:37:74:e1:72:2c:30:56:01:f3:12:cb:75:
         35:15:99:fd:95:f3:eb:3f:51:97:f8:de:70:56:0a:a5:0c:b7:
         46:14:b4:4e:33:3a:e7:3a:f9:be:bd:07:0c:e1:a6:4f:68:c5:
         a7:7f:d4:78:75:f3:ff:5f:ef:6e:03:b9:8e:47:0f:a0:af:1c:
         22:c3:e6:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U5xbxdMxiS5RhEdTtiRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmQ0MDE3NDFlNjY5ZTkyMGIwM2M2Yzc2YWEzYTc4NzE0
MDNmNTQwHhcNMjYwMzI5MTYwMDUxWhcNMjYwMzMwMTYwMDUxWjAzMTEwLwYDVQQD
EyhjMmNlYWM5OWQyNWVkZjRjY2E0NmRmMjIwMzFjZGVjYThkNmFmY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17QSsIk8Jgevau1dTZzWVKIky+Jm
VWCM00g+llavS4XjwNuwETHqCdlx9XZQMd3cESzDNmbMY/5ZyoKju6n4hJlkOdjd
AkNE73C4AhM1w5NoIaHxnpmN8xzv4N1OaGXfn6olovTAu8yPRJmj7n1hKTM7K5pM
J3MDwvD9Y6C/yznRCGzWoMQNVgvc090iZFskJdruX0cybgW39ZRKEwDQ9VNEvOF+
BE63jWDQnuOrseJOC2y7BbYHoZQ4r60Bo7mCr0bRMCfwiNrTsM7H7O2ow8CkyITf
MFBN0edcIpLBLjNaDZjOC1Eg95J6kqowJYg/rLydr2EncYZmHrK2Yzk8aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLOrJnSXt9MykbfIgMc3sqNavzzMB8GA1UdIwQY
MBaAFDH9QBdB5mnpILA8bHaqOnhxQD9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMt
ZGUzNmJmMjBiYTRmLzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMtZGUzNmJmMjBiYTRm
LzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAldomyrD0
RF2y78Y79pG5AB8jcoBLfAw7JiQDMswKL1/+YhU+NavhT8ZwI/qvktmyAFU6N7m2
j93Zi8Ew+eTrtw7Ahr+qi2rRQ0l40vRt0ngDP96tcVeAwW9WIdPiNQ+6WeAdofVX
5ZDL0hVh6SI4os3VcJmzbVSFCb4OXCsbOS5hyh/me2h6iIZ8R1l/jat4veBA9Yzy
sVm7JpvEo5XebL3R+mA0By2NWQpEEpfJ3NHtISNtxO2E67RCN3ThciwwVgHzEst1
NRWZ/ZXz6z9Rl/jecFYKpQy3RhS0TjM65zr5vr0HDOGmT2jFp3/UeHXz/1/vbgO5
jkcPoK8cIsPmLQ==
-----END CERTIFICATE-----