Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
File:                     aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json)
Hash identifier:          McJ0Iu/EHn2ifDnRwUFPFK3NiCbsOv0JImM+xkWdD2U=
Subject key identifier:   FE:61:C3:1C:C1:12:12:B5:0D:C9:50:AE:67:C2:37:41:B1:C5:86:5A
Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1
Certificate issuer:       /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
Certificate serial:       019D39098C2E4624B6FB794F6C758A85454C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
Manifest number:          0FA9
Signing time:             Sun 29 Mar 2026 10:00:20 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:20 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:20 +0000
Files and hashes:         1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: 0hiz0ktVcUzTqePL8H5mXj4ErsV8maX6j2+cEf78hJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:8c:2e:46:24:b6:fb:79:4f:6c:75:8a:85:45:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
        Validity
            Not Before: Mar 29 10:00:20 2026 GMT
            Not After : Mar 30 10:00:20 2026 GMT
        Subject: CN=fe61c31cc11212b50dc950ae67c23741b1c5865a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7b:b0:62:44:8f:8a:d9:6c:35:e8:0c:15:38:
                    9c:fa:cb:64:ef:87:91:10:7b:83:40:f4:ef:25:17:
                    4e:9f:96:b7:eb:0b:4c:76:35:4f:bd:e3:8a:4b:12:
                    32:ac:e9:c8:0f:3d:b8:bb:0e:31:1e:61:1f:5c:16:
                    4d:4c:c8:1c:4d:9d:3d:27:7a:99:28:84:9a:33:b8:
                    db:6d:d5:28:0f:c0:06:ea:4f:95:6b:c5:22:7e:44:
                    41:13:3d:5a:53:f8:ea:f2:21:d1:79:ab:11:6c:9d:
                    54:03:08:5e:0c:c8:17:71:03:24:8e:43:3f:6c:0d:
                    18:59:96:aa:2c:9d:ea:d0:6b:0c:d2:66:82:05:f5:
                    19:97:4d:c5:2e:a3:3e:84:66:d7:28:9d:44:7d:83:
                    b9:f9:0c:3e:47:2b:a8:88:f0:6d:37:b2:f8:fc:62:
                    f5:ea:ec:6e:cb:e4:0d:7d:00:41:b8:4c:2a:f7:20:
                    79:f8:59:0a:bb:c4:64:ae:0b:8c:ad:90:ce:e1:34:
                    f1:05:29:d4:00:09:0d:4f:9f:39:56:30:b0:61:35:
                    20:a3:85:00:83:ed:f6:65:63:d2:70:84:ea:a5:c0:
                    bc:55:3a:c7:e4:cd:b3:27:49:ca:a4:f2:ef:52:c4:
                    4f:fa:55:ea:0b:82:6f:ad:d3:82:62:7a:1f:82:fa:
                    41:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:61:C3:1C:C1:12:12:B5:0D:C9:50:AE:67:C2:37:41:B1:C5:86:5A
            X509v3 Authority Key Identifier:
                keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c7:03:fc:3c:ad:3d:b6:54:5f:61:40:22:62:6e:5d:a6:48:
         4e:91:5a:fb:27:d5:25:91:75:4b:7a:c1:a3:e7:76:b5:42:56:
         07:fe:ab:51:15:d3:9b:01:0a:24:df:47:6e:cd:f0:6a:80:d2:
         85:fe:49:67:ee:8a:36:cc:4d:7d:5b:a7:83:83:3e:52:61:e4:
         c9:a0:0a:40:63:9c:d4:f8:6a:0c:3d:af:57:26:c3:be:b1:40:
         6b:b6:22:b7:62:fa:ee:e0:c8:ec:77:4b:ad:b9:17:ec:bf:46:
         12:6f:77:7f:f9:b5:62:56:b4:11:6d:be:20:ba:1e:33:33:ee:
         42:6d:d4:23:e0:dd:43:66:48:f1:4c:6c:14:7c:03:83:bd:f9:
         0f:d9:f8:3d:96:f7:f0:32:f1:a0:9d:f0:49:64:93:de:5f:12:
         8a:ea:93:e5:86:bb:92:23:6d:08:4c:18:38:1a:2f:74:76:a6:
         c5:cb:d9:a9:09:44:01:ce:4f:38:59:4e:08:69:0e:e2:2d:36:
         c0:01:77:bf:02:b6:ce:f2:72:80:01:98:35:d8:32:7d:43:1e:
         b4:f0:18:6a:9f:6b:1a:96:ce:ea:a5:ce:3b:03:28:8a:7b:ec:
         fd:ac:c9:f5:6f:3c:72:44:3c:f8:e2:80:71:61:61:52:71:29:
         00:01:26:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYwuRiS2+3lPbHWKhUVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1
OTYwYTEwHhcNMjYwMzI5MTAwMDIwWhcNMjYwMzMwMTAwMDIwWjAzMTEwLwYDVQQD
EyhmZTYxYzMxY2MxMTIxMmI1MGRjOTUwYWU2N2MyMzc0MWIxYzU4NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHuwYkSPitlsNegMFTic+stk74eR
EHuDQPTvJRdOn5a36wtMdjVPveOKSxIyrOnIDz24uw4xHmEfXBZNTMgcTZ09J3qZ
KISaM7jbbdUoD8AG6k+Va8UifkRBEz1aU/jq8iHReasRbJ1UAwheDMgXcQMkjkM/
bA0YWZaqLJ3q0GsM0maCBfUZl03FLqM+hGbXKJ1EfYO5+Qw+RyuoiPBtN7L4/GL1
6uxuy+QNfQBBuEwq9yB5+FkKu8RkrguMrZDO4TTxBSnUAAkNT585VjCwYTUgo4UA
g+32ZWPScITqpcC8VTrH5M2zJ0nKpPLvUsRP+lXqC4JvrdOCYnofgvpBUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5hwxzBEhK1DclQrmfCN0GxxYZaMB8GA1UdIwQY
MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt
NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj
LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbccD/Dyt
PbZUX2FAImJuXaZITpFa+yfVJZF1S3rBo+d2tUJWB/6rURXTmwEKJN9Hbs3waoDS
hf5JZ+6KNsxNfVung4M+UmHkyaAKQGOc1PhqDD2vVybDvrFAa7Yit2L67uDI7HdL
rbkX7L9GEm93f/m1Yla0EW2+ILoeMzPuQm3UI+DdQ2ZI8UxsFHwDg735D9n4PZb3
8DLxoJ3wSWST3l8SiuqT5Ya7kiNtCEwYOBovdHamxcvZqQlEAc5POFlOCGkO4i02
wAF3vwK2zvJygAGYNdgyfUMetPAYap9rGpbO6qXOOwMoinvs/azJ9W88ckQ8+OKA
cWFhUnEpAAEmWg==
-----END CERTIFICATE-----