Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          KStCG53ih6J07jwhQu2cj/HMDE6ffNbPqdmhXsO5e+0=
Subject key identifier:   91:DC:B9:2B:C4:6D:EF:97:EC:AE:B2:22:2B:30:76:ED:82:34:C9:0A
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019D3940F7C5FF740CFCAD74A30871F4F1B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          148E
Signing time:             Sun 29 Mar 2026 11:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:51 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: wMJskd2SIRrn6a9ZKxDuCdFIeFsBVyxOZPGiGS3GC3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:f7:c5:ff:74:0c:fc:ad:74:a3:08:71:f4:f1:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Mar 29 11:00:51 2026 GMT
            Not After : Mar 30 11:00:51 2026 GMT
        Subject: CN=91dcb92bc46def97ecaeb2222b3076ed8234c90a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:47:e5:90:74:de:e1:2c:fd:c0:8f:83:78:2a:
                    e4:05:b0:ea:d5:6f:40:44:86:26:98:13:0d:24:a5:
                    b6:4c:ad:8d:4e:16:bc:fd:87:35:a7:13:17:d9:22:
                    02:6a:57:06:6e:46:f3:76:02:7b:96:06:e8:61:42:
                    21:c9:ce:69:9a:0f:22:c9:23:24:f8:3d:4d:5e:17:
                    6d:b4:ae:f9:a6:99:b6:a2:9f:e4:e8:7c:3f:9e:d7:
                    cc:48:52:11:1a:92:cf:b9:5a:78:4c:85:08:dd:79:
                    7f:ac:b8:c8:9f:74:1e:19:58:4d:10:01:22:7d:3c:
                    42:0a:80:2c:94:c6:60:39:8d:aa:2f:d9:50:60:b3:
                    24:19:24:bf:ab:bb:ba:9e:68:36:29:6e:09:f7:bd:
                    a0:b2:7e:9d:ee:a9:19:6c:4d:5f:00:84:fc:16:fa:
                    86:59:05:b7:1f:be:6d:5a:ce:21:d7:4f:ec:96:6c:
                    65:db:80:d2:b9:49:74:a1:2a:32:27:20:dc:9b:41:
                    11:14:4a:7d:31:65:0f:56:f9:a6:fd:c4:69:c7:7d:
                    a4:53:a0:1c:e7:41:c2:91:90:ae:8c:fc:c0:53:c8:
                    a0:68:ce:ed:ee:c0:35:64:60:2d:bc:1e:e6:72:26:
                    a5:8c:77:fb:7a:e6:80:34:a9:4e:5c:ad:6a:20:bb:
                    5d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:DC:B9:2B:C4:6D:EF:97:EC:AE:B2:22:2B:30:76:ED:82:34:C9:0A
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:52:85:42:69:e0:2c:d4:94:e0:a4:71:9f:f7:b0:a2:ec:fd:
         26:16:55:98:3e:7f:d7:bb:52:3f:a3:4e:8e:f5:33:2e:dc:55:
         02:81:be:6a:57:a1:77:a2:40:84:3b:46:ab:12:86:6f:97:5e:
         1a:69:6c:a0:56:a1:81:0b:24:27:5f:82:db:ad:f6:a0:9a:92:
         51:d2:b1:6a:6c:ce:c5:46:03:ff:d7:27:63:62:9f:e4:90:d6:
         3f:34:f0:79:d2:ad:47:4f:4a:d6:72:cf:5e:9f:05:73:7c:50:
         fa:74:41:6f:4c:99:bf:44:65:f3:31:39:c4:6d:a1:ab:fa:7e:
         59:03:fb:7f:92:74:ba:30:d3:fe:0d:f3:ad:be:e7:47:aa:7c:
         b4:b5:5d:f4:d4:75:9d:15:67:9c:6a:b8:20:8a:1d:6e:bf:f0:
         14:b5:a9:40:1c:6e:3b:38:cd:be:9c:b9:e0:15:74:7c:cf:f4:
         0f:da:89:02:6c:60:c3:6e:e9:9d:65:3a:9c:81:e3:e0:a1:9a:
         ab:4e:57:a5:f1:fb:f9:ed:fc:19:22:b6:cd:7c:ee:57:f1:52:
         d2:1a:82:03:32:08:1e:0d:3e:c5:21:c2:c3:0b:ae:57:f8:84:
         57:4e:1f:43:9d:58:91:0a:2a:68:72:40:aa:7f:1e:78:f9:9a:
         4d:21:3e:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QPfF/3QM/K10owhx9PG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjYwMzI5MTEwMDUxWhcNMjYwMzMwMTEwMDUxWjAzMTEwLwYDVQQD
Eyg5MWRjYjkyYmM0NmRlZjk3ZWNhZWIyMjIyYjMwNzZlZDgyMzRjOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UflkHTe4Sz9wI+DeCrkBbDq1W9A
RIYmmBMNJKW2TK2NTha8/Yc1pxMX2SICalcGbkbzdgJ7lgboYUIhyc5pmg8iySMk
+D1NXhdttK75ppm2op/k6Hw/ntfMSFIRGpLPuVp4TIUI3Xl/rLjIn3QeGVhNEAEi
fTxCCoAslMZgOY2qL9lQYLMkGSS/q7u6nmg2KW4J972gsn6d7qkZbE1fAIT8FvqG
WQW3H75tWs4h10/slmxl24DSuUl0oSoyJyDcm0ERFEp9MWUPVvmm/cRpx32kU6Ac
50HCkZCujPzAU8igaM7t7sA1ZGAtvB7mcialjHf7euaANKlOXK1qILtdjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHcuSvEbe+X7K6yIiswdu2CNMkKMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB1KFQmng
LNSU4KRxn/ewouz9JhZVmD5/17tSP6NOjvUzLtxVAoG+alehd6JAhDtGqxKGb5de
GmlsoFahgQskJ1+C2632oJqSUdKxamzOxUYD/9cnY2Kf5JDWPzTwedKtR09K1nLP
Xp8Fc3xQ+nRBb0yZv0Rl8zE5xG2hq/p+WQP7f5J0ujDT/g3zrb7nR6p8tLVd9NR1
nRVnnGq4IIodbr/wFLWpQBxuOzjNvpy54BV0fM/0D9qJAmxgw27pnWU6nIHj4KGa
q05XpfH7+e38GSK2zXzuV/FS0hqCAzIIHg0+xSHCwwuuV/iEV04fQ51YkQoqaHJA
qn8eePmaTSE+HA==
-----END CERTIFICATE-----