Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
File:                     APkIwDKKjpc_pArFL8M359PE_tA.mft (raw, json)
Hash identifier:          H/mn2kogqqTTBfIpgjjCoRRIOze4oXIh/pI8iESZ1to=
Subject key identifier:   6B:32:12:F9:88:1C:06:69:14:31:C9:13:CF:8C:1C:44:FF:0C:62:D6
Authority key identifier: 00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0
Certificate issuer:       /CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
Certificate serial:       019E2F96A47BFCB62B0526BCB90673FA03FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
Manifest number:          190B
Signing time:             Sat 16 May 2026 07:01:02 +0000
Manifest this update:     Sat 16 May 2026 07:01:02 +0000
Manifest next update:     Sun 17 May 2026 07:01:02 +0000
Files and hashes:         1: APkIwDKKjpc_pArFL8M359PE_tA.crl (hash: iAitAlJMcOZg8QejZTYUX5jlUZl7rHz/puvQnV1ZpGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:a4:7b:fc:b6:2b:05:26:bc:b9:06:73:fa:03:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
        Validity
            Not Before: May 16 07:01:02 2026 GMT
            Not After : May 17 07:01:02 2026 GMT
        Subject: CN=6b3212f9881c06691431c913cf8c1c44ff0c62d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:90:6c:4e:3a:53:95:ba:22:f1:4c:a6:82:7a:
                    6d:e1:2d:ef:20:d2:3e:c8:26:0d:f5:5c:02:da:c0:
                    95:2d:82:70:80:53:47:d4:01:07:76:e7:10:36:67:
                    ba:81:ea:8c:32:fc:55:5b:7f:ad:e3:31:18:41:a4:
                    03:56:d2:48:e2:0d:21:19:ab:7f:b0:45:7f:77:57:
                    2c:fb:f9:77:13:b1:23:69:07:e2:61:05:39:c1:1c:
                    37:02:18:58:a9:f6:5f:3a:c0:ab:d0:b8:39:2e:b8:
                    45:d0:f5:3c:f5:72:64:e4:27:30:8e:82:0e:6d:7d:
                    64:f8:7c:63:70:de:d7:f1:95:06:be:b2:92:56:3e:
                    4c:74:04:df:c0:03:fc:10:90:63:0c:0a:f6:5f:33:
                    c3:23:9a:0a:5c:07:d7:9e:2a:7e:dc:cf:3f:d8:4c:
                    35:5f:f5:0e:05:21:31:2b:fa:d1:b3:23:d1:38:f4:
                    a6:c0:46:c1:f3:ea:8e:41:76:5a:e3:28:dc:1a:73:
                    43:42:ac:54:f4:dd:d4:eb:d0:03:3c:6d:be:1b:aa:
                    f9:d0:e1:92:4d:9e:36:68:ff:16:b3:b6:53:7d:9a:
                    5c:ca:40:1b:4d:ea:3d:10:08:2a:e9:3e:90:e3:f8:
                    f4:c3:b8:d7:fc:49:11:b3:fd:ba:b6:e7:4f:b7:da:
                    fb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:32:12:F9:88:1C:06:69:14:31:C9:13:CF:8C:1C:44:FF:0C:62:D6
            X509v3 Authority Key Identifier:
                keyid:00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:c8:5a:71:5a:d7:80:9e:ed:74:a8:44:1f:ea:f8:fe:b0:54:
         16:3f:cd:42:ae:e8:da:94:3e:22:c9:b1:29:90:19:5a:79:d8:
         96:7a:4b:30:0f:ed:7f:a5:bf:42:07:12:b1:d6:dc:ab:62:58:
         88:19:23:45:01:bf:0d:95:c1:fd:c1:78:da:b1:98:0a:35:af:
         4a:e2:d3:80:00:1e:c9:9f:27:0e:af:19:5e:99:88:aa:31:d7:
         fd:08:61:61:a7:f3:67:99:96:a8:a9:d5:b6:f2:4f:c9:fc:e6:
         7a:c9:0e:64:bc:28:96:c1:25:66:45:f3:22:65:f9:5c:cb:d5:
         34:7e:eb:bd:52:ce:f3:a0:f5:fb:9a:51:43:02:76:92:95:aa:
         c5:6e:35:54:05:7f:35:6e:48:92:7a:c9:4d:18:e0:47:7f:6b:
         6e:c3:51:f4:44:a5:96:e8:4c:a4:91:8c:5e:0b:92:4e:68:b6:
         3d:ec:3b:aa:59:bf:51:0e:05:1e:80:8c:03:48:96:b4:6f:a3:
         5d:ec:6c:29:ab:ac:5c:74:95:29:8e:d9:73:15:0c:ab:1a:4c:
         ac:88:71:9e:1e:d0:c7:da:18:be:33:60:78:07:07:49:f5:aa:
         0a:40:c1:27:f8:29:61:5d:63:e8:58:19:a8:3f:f3:a0:c8:71:
         18:df:1e:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlqR7/LYrBSa8uQZz+gP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjkwOGMwMzI4YThlOTczZmE0MGFjNTJmYzMzN2U3ZDNj
NGZlZDAwHhcNMjYwNTE2MDcwMTAyWhcNMjYwNTE3MDcwMTAyWjAzMTEwLwYDVQQD
Eyg2YjMyMTJmOTg4MWMwNjY5MTQzMWM5MTNjZjhjMWM0NGZmMGM2MmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JBsTjpTlboi8Uymgnpt4S3vINI+
yCYN9VwC2sCVLYJwgFNH1AEHducQNme6geqMMvxVW3+t4zEYQaQDVtJI4g0hGat/
sEV/d1cs+/l3E7EjaQfiYQU5wRw3AhhYqfZfOsCr0Lg5LrhF0PU89XJk5CcwjoIO
bX1k+HxjcN7X8ZUGvrKSVj5MdATfwAP8EJBjDAr2XzPDI5oKXAfXnip+3M8/2Ew1
X/UOBSExK/rRsyPROPSmwEbB8+qOQXZa4yjcGnNDQqxU9N3U69ADPG2+G6r50OGS
TZ42aP8Ws7ZTfZpcykAbTeo9EAgq6T6Q4/j0w7jX/EkRs/26tudPt9r7TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGsyEvmIHAZpFDHJE8+MHET/DGLWMB8GA1UdIwQY
MBaAFAD5CMAyio6XP6QKxS/DN+fTxP7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEt
N2RlY2YxZTQ3ODY1LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEtN2RlY2YxZTQ3ODY1
LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHchacVrX
gJ7tdKhEH+r4/rBUFj/NQq7o2pQ+IsmxKZAZWnnYlnpLMA/tf6W/QgcSsdbcq2JY
iBkjRQG/DZXB/cF42rGYCjWvSuLTgAAeyZ8nDq8ZXpmIqjHX/QhhYafzZ5mWqKnV
tvJPyfzmeskOZLwolsElZkXzImX5XMvVNH7rvVLO86D1+5pRQwJ2kpWqxW41VAV/
NW5IknrJTRjgR39rbsNR9ESlluhMpJGMXguSTmi2Pew7qlm/UQ4FHoCMA0iWtG+j
XexsKausXHSVKY7ZcxUMqxpMrIhxnh7Qx9oYvjNgeAcHSfWqCkDBJ/gpYV1j6FgZ
qD/zoMhxGN8eaA==
-----END CERTIFICATE-----