Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          9m11Qoviak7ud7ICepiTIJ5VQ6VdVFq6h9dgs/V9t3I=
Subject key identifier:   08:8D:D5:B6:EF:14:A8:9D:8D:FD:94:AD:73:B5:95:D3:0E:9C:17:E1
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       019D3865673DE45DA173CEB4FE1E7A5701D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          0998
Signing time:             Sun 29 Mar 2026 07:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:02 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: vHR5bA4MYmVX/+wCZrxXLg/Z7BWuZ59PhwmV17hqWBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:67:3d:e4:5d:a1:73:ce:b4:fe:1e:7a:57:01:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: Mar 29 07:01:02 2026 GMT
            Not After : Mar 30 07:01:02 2026 GMT
        Subject: CN=088dd5b6ef14a89d8dfd94ad73b595d30e9c17e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:15:00:a4:d7:86:6c:8a:68:66:1f:e5:9c:9d:
                    b7:4a:14:d9:9a:0a:74:97:89:62:e4:32:56:e7:fb:
                    f5:09:db:ae:36:87:3d:0a:81:30:ef:67:8c:55:c8:
                    c7:86:43:a2:8d:ca:9f:43:a1:01:07:da:32:2e:5a:
                    07:02:32:f7:ff:b0:fd:17:67:7a:4f:f3:94:10:58:
                    2f:89:fc:66:94:c8:53:e6:04:47:42:ec:73:e3:2d:
                    09:49:f3:75:9d:f2:8d:38:c3:e2:8f:89:59:96:58:
                    b7:c9:6a:d3:ad:4c:2d:ea:3f:2b:30:11:e4:c9:e9:
                    e5:c8:a1:75:a5:61:b2:29:e7:da:a7:ba:28:c4:44:
                    b6:14:e0:8b:54:e9:12:ab:5a:30:37:19:0b:79:57:
                    44:61:ba:4b:d4:51:c6:19:18:d3:f0:16:9c:93:76:
                    e9:2b:ec:3b:c4:3c:49:1b:51:c4:a9:85:c7:2e:ce:
                    94:ee:5b:31:47:7e:8a:80:8a:64:c1:1e:fa:44:7c:
                    7e:5f:a4:73:fd:d7:74:2c:e4:4e:a3:71:95:33:59:
                    e4:e8:bd:e1:b2:1f:55:3b:22:fc:00:0f:52:19:be:
                    f2:f8:b6:66:ec:6a:e1:7a:1e:d5:8a:e7:e5:25:85:
                    63:e3:d3:dd:e7:98:42:66:fd:19:e8:c4:1f:d5:57:
                    d5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:8D:D5:B6:EF:14:A8:9D:8D:FD:94:AD:73:B5:95:D3:0E:9C:17:E1
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:b1:51:7b:46:40:0d:bd:fe:2c:93:eb:d0:70:a7:f3:4b:cd:
         e2:3a:06:92:d9:68:bd:b2:d1:dc:f7:df:42:52:6d:85:e6:9e:
         d7:f1:ea:37:bf:19:b9:89:de:c9:52:65:b2:4e:32:e7:45:94:
         e7:9e:20:70:a1:db:80:ad:e8:c8:29:91:73:a9:42:97:0c:20:
         4f:8d:96:cf:86:6f:32:9b:49:68:3d:c3:ff:1c:92:2c:61:5b:
         3a:f1:4a:ab:a5:61:41:fe:53:ae:5b:67:23:b9:76:fc:2d:4b:
         e3:57:94:30:ca:84:55:2a:75:f3:e2:e8:f9:61:fa:f1:f3:15:
         0a:a7:c5:d5:f6:59:c7:9a:c2:82:34:6a:7a:16:34:c5:8b:c5:
         5e:3d:d3:3b:00:64:85:55:01:0e:a1:1b:ea:4c:c0:98:77:34:
         43:02:99:5c:db:ef:df:28:8f:16:95:fd:34:5b:81:1c:97:f3:
         8f:b8:12:4b:f4:1a:4d:ff:b7:18:c6:22:1a:f3:53:a5:e1:60:
         53:2d:85:a2:a4:22:75:d8:6f:35:5f:40:c9:09:cf:43:ea:3b:
         c2:4f:77:77:c4:8b:69:b5:3b:e0:b2:7c:cd:46:a9:ee:29:a3:
         b7:5f:8f:bf:4c:79:3c:d8:ed:12:35:ce:05:33:7e:59:59:ad:
         60:15:51:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWc95F2hc860/h56VwHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjYwMzI5MDcwMTAyWhcNMjYwMzMwMDcwMTAyWjAzMTEwLwYDVQQD
EygwODhkZDViNmVmMTRhODlkOGRmZDk0YWQ3M2I1OTVkMzBlOWMxN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBUApNeGbIpoZh/lnJ23ShTZmgp0
l4li5DJW5/v1CduuNoc9CoEw72eMVcjHhkOijcqfQ6EBB9oyLloHAjL3/7D9F2d6
T/OUEFgvifxmlMhT5gRHQuxz4y0JSfN1nfKNOMPij4lZlli3yWrTrUwt6j8rMBHk
yenlyKF1pWGyKefap7ooxES2FOCLVOkSq1owNxkLeVdEYbpL1FHGGRjT8Back3bp
K+w7xDxJG1HEqYXHLs6U7lsxR36KgIpkwR76RHx+X6Rz/dd0LOROo3GVM1nk6L3h
sh9VOyL8AA9SGb7y+LZm7Grheh7ViuflJYVj49Pd55hCZv0Z6MQf1VfVCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiN1bbvFKidjf2UrXO1ldMOnBfhMB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7FRe0ZA
Db3+LJPr0HCn80vN4joGktlovbLR3PffQlJtheae1/HqN78ZuYneyVJlsk4y50WU
554gcKHbgK3oyCmRc6lClwwgT42Wz4ZvMptJaD3D/xySLGFbOvFKq6VhQf5Trltn
I7l2/C1L41eUMMqEVSp18+Lo+WH68fMVCqfF1fZZx5rCgjRqehY0xYvFXj3TOwBk
hVUBDqEb6kzAmHc0QwKZXNvv3yiPFpX9NFuBHJfzj7gSS/QaTf+3GMYiGvNTpeFg
Uy2FoqQiddhvNV9AyQnPQ+o7wk93d8SLabU74LJ8zUap7imjt1+Pv0x5PNjtEjXO
BTN+WVmtYBVRMg==
-----END CERTIFICATE-----