Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File:                     pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier:          4R7KieyJFN1lN5kIS/y8arwElhHhkmfCyYFHZI0syoc=
Subject key identifier:   09:24:5A:63:E7:87:04:58:14:B0:03:72:71:66:38:B8:2D:7B:78:3B
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer:       /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial:       019D382E15A0FA13CE53FB44D087ED008000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number:          158C
Signing time:             Sun 29 Mar 2026 06:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:37 +0000
Files and hashes:         1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: w6o5Igza11fqu4PwkEMVYF2j149xZGIeoSbJMbXpLCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:15:a0:fa:13:ce:53:fb:44:d0:87:ed:00:80:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
        Validity
            Not Before: Mar 29 06:00:37 2026 GMT
            Not After : Mar 30 06:00:37 2026 GMT
        Subject: CN=09245a63e787045814b00372716638b82d7b783b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f4:b5:f3:7f:b9:3a:8f:f3:7d:3a:06:9d:8f:
                    c0:67:00:60:a7:5e:d1:2f:5c:88:29:bf:35:97:36:
                    05:35:84:d1:a3:f5:3d:f0:ee:0e:a1:83:77:95:2b:
                    b4:e6:ac:47:84:d9:96:f0:10:f5:2a:11:5a:a9:15:
                    a8:91:76:17:58:a1:4a:e2:dc:e8:f3:67:14:ef:d3:
                    a8:65:6d:3e:b9:19:fa:52:e6:61:b0:c5:cd:b6:2e:
                    e4:72:d9:66:97:55:80:cd:ff:68:7c:ae:0f:17:b6:
                    72:4a:e2:3e:4d:be:8f:25:90:90:07:a3:9f:7e:81:
                    7e:97:01:ce:20:cb:0a:15:20:fd:57:18:9f:5e:c4:
                    94:55:c7:e3:93:1d:45:63:e8:81:eb:ee:d6:18:26:
                    e1:25:33:d0:73:bd:57:bc:76:ba:8f:81:18:1e:7e:
                    cd:06:c1:8f:47:82:40:c0:51:1c:a7:0e:ad:d8:a7:
                    2c:43:4c:3e:4f:5d:a8:fb:ec:5b:f4:e9:8c:64:79:
                    89:44:6b:a3:2b:64:29:64:c0:87:74:5e:70:22:a8:
                    8e:cc:6d:27:03:e0:68:bf:47:e3:77:34:2b:9f:2f:
                    25:e8:d3:8e:30:5f:65:74:ea:02:78:38:99:54:05:
                    e1:89:f9:16:a1:3d:9d:9d:c3:59:bd:91:72:7d:f7:
                    e7:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:24:5A:63:E7:87:04:58:14:B0:03:72:71:66:38:B8:2D:7B:78:3B
            X509v3 Authority Key Identifier:
                keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:0a:bb:ac:25:8b:03:b9:61:f4:d7:b5:64:b1:7c:aa:75:67:
         c1:48:3b:04:c9:52:02:07:fb:6b:68:2d:3f:6f:a9:0f:c7:5a:
         88:ff:c6:56:e0:0e:90:3c:88:82:6b:24:3e:6f:a9:1e:e0:b3:
         4b:d1:4e:3c:42:07:f2:00:74:15:bf:52:06:a3:a0:1d:cf:fc:
         1e:e9:c7:cf:f6:ae:ad:66:4a:e5:a5:e9:c8:e8:f6:b0:42:29:
         ad:c3:9a:b9:74:d7:3f:2a:8d:03:e2:3b:ae:bc:54:0c:f6:65:
         b4:58:a9:7e:46:cd:73:aa:92:57:7c:90:3c:98:78:d0:b8:d8:
         9e:4e:c2:cf:35:3a:a3:1f:87:3b:e8:e0:7b:07:72:7a:69:65:
         2a:89:bf:48:6d:ed:94:67:5f:d5:67:85:b3:46:ce:d2:69:13:
         72:d8:87:40:24:7e:4c:b0:b0:0b:7f:25:26:dd:88:a1:00:34:
         84:54:10:a5:30:f6:1d:6c:2e:7e:18:91:8e:93:84:0e:db:15:
         ef:05:97:92:5b:10:d0:01:d4:24:5c:f3:79:3b:e9:3e:a9:73:
         a4:8f:29:25:66:54:df:95:ea:6c:56:b1:b2:27:f2:8b:36:f2:
         25:b9:4f:25:ad:f8:f1:35:b3:49:ce:aa:ba:9c:0c:d1:50:a7:
         8a:28:50:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LhWg+hPOU/tE0IftAIAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjYwMzI5MDYwMDM3WhcNMjYwMzMwMDYwMDM3WjAzMTEwLwYDVQQD
EygwOTI0NWE2M2U3ODcwNDU4MTRiMDAzNzI3MTY2MzhiODJkN2I3ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vS183+5Oo/zfToGnY/AZwBgp17R
L1yIKb81lzYFNYTRo/U98O4OoYN3lSu05qxHhNmW8BD1KhFaqRWokXYXWKFK4tzo
82cU79OoZW0+uRn6UuZhsMXNti7kctlml1WAzf9ofK4PF7ZySuI+Tb6PJZCQB6Of
foF+lwHOIMsKFSD9VxifXsSUVcfjkx1FY+iB6+7WGCbhJTPQc71XvHa6j4EYHn7N
BsGPR4JAwFEcpw6t2KcsQ0w+T12o++xb9OmMZHmJRGujK2QpZMCHdF5wIqiOzG0n
A+Bov0fjdzQrny8l6NOOMF9ldOoCeDiZVAXhifkWoT2dncNZvZFyfffnfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkkWmPnhwRYFLADcnFmOLgte3g7MB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbQq7rCWL
A7lh9Ne1ZLF8qnVnwUg7BMlSAgf7a2gtP2+pD8daiP/GVuAOkDyIgmskPm+pHuCz
S9FOPEIH8gB0Fb9SBqOgHc/8HunHz/aurWZK5aXpyOj2sEIprcOauXTXPyqNA+I7
rrxUDPZltFipfkbNc6qSV3yQPJh40LjYnk7CzzU6ox+HO+jgewdyemllKom/SG3t
lGdf1WeFs0bO0mkTctiHQCR+TLCwC38lJt2IoQA0hFQQpTD2HWwufhiRjpOEDtsV
7wWXklsQ0AHUJFzzeTvpPqlzpI8pJWZU35XqbFaxsifyizbyJblPJa348TWzSc6q
upwM0VCniihQjg==
-----END CERTIFICATE-----