Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          5VH/ESWQIpovuELBAb/jClpyNhr9pn8IkDMcmR1Z+xQ=
Subject key identifier:   5F:BD:94:CF:1D:C0:4A:C1:AC:68:6E:4C:FE:49:7B:71:30:35:5F:91
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       019E2F9678DF8F04A16B1954FDB5259174A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          0A18
Signing time:             Sat 16 May 2026 07:00:50 +0000
Manifest this update:     Sat 16 May 2026 07:00:50 +0000
Manifest next update:     Sun 17 May 2026 07:00:50 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: zCmvHRdLEMayoJlRyCXelaf0y1Hu4ngQl3oFOSpxoPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:78:df:8f:04:a1:6b:19:54:fd:b5:25:91:74:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: May 16 07:00:50 2026 GMT
            Not After : May 17 07:00:50 2026 GMT
        Subject: CN=5fbd94cf1dc04ac1ac686e4cfe497b7130355f91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:31:14:83:8a:23:13:7b:63:aa:87:a9:31:71:
                    84:bd:d2:6f:69:2c:13:f3:b1:ad:68:13:5a:20:9f:
                    28:49:3a:65:a1:b9:60:db:3d:e3:be:0d:94:72:88:
                    30:75:45:70:80:c0:d6:61:12:bf:3f:21:88:09:ba:
                    5b:3f:ee:c8:91:1f:2f:18:aa:29:1d:c3:79:d2:ef:
                    ef:f3:54:1e:e9:4e:83:0f:ec:6e:40:15:1f:58:df:
                    f3:18:c6:dd:c6:39:2e:1d:12:13:49:1c:db:bb:f2:
                    6b:35:3f:c4:a2:11:87:c6:30:10:5e:51:6b:9c:28:
                    e0:78:56:f9:18:2d:c0:87:97:79:5c:9a:c6:d5:5f:
                    cd:ad:eb:54:04:9d:e0:f7:63:5c:79:5c:7f:e1:2e:
                    8f:02:e7:4a:a8:2c:e3:60:fa:f3:b7:33:23:26:64:
                    f4:ff:70:bb:cf:fd:7b:ce:06:8a:49:5b:e0:51:a0:
                    19:d1:c1:b0:21:0f:a3:5d:89:2e:fc:a9:7c:8e:a4:
                    43:37:27:8f:8c:3d:e0:e0:9f:c0:ae:7c:a5:9f:47:
                    d0:17:33:49:34:ae:5e:c5:b7:b8:c7:52:a3:6f:71:
                    95:ba:13:27:32:22:44:d0:4a:88:82:42:98:f2:32:
                    03:e4:5a:a5:1c:7e:26:c0:eb:44:68:f6:34:de:38:
                    88:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BD:94:CF:1D:C0:4A:C1:AC:68:6E:4C:FE:49:7B:71:30:35:5F:91
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:86:d2:06:c1:fc:ef:58:dd:0f:c9:62:a2:1e:5a:a2:f0:3c:
         dc:1b:ef:1b:5a:7c:3b:a9:21:24:20:5b:bf:41:c3:c9:4f:1b:
         81:04:43:a2:8a:5f:31:bc:39:91:b0:74:a1:ba:05:17:ae:3f:
         06:b3:36:46:23:79:6c:bb:f5:c6:6a:c0:35:ba:12:cd:a5:40:
         d0:41:cb:ca:44:d7:fa:d3:21:1a:94:90:f7:ff:ab:89:ea:30:
         e7:cb:89:49:54:39:ba:d9:ee:08:06:5f:44:cc:46:92:e7:16:
         21:8a:8c:e1:dc:71:de:d5:5e:76:f6:19:94:ed:09:c3:a5:92:
         48:38:02:7c:49:8c:73:a0:3e:5f:8f:48:44:25:de:8c:0d:fa:
         03:d6:7c:e0:7e:ed:15:68:8d:66:44:cf:04:33:5c:d3:a7:d8:
         6d:ef:c2:0a:37:ef:53:93:b4:f0:44:3e:64:ba:df:90:ca:ca:
         5e:4f:c0:72:e0:79:3a:80:ae:64:79:5d:f7:97:56:08:4c:3a:
         c0:2e:b3:00:3e:6f:9e:27:7f:f9:f1:ca:39:6d:67:87:72:47:
         36:59:c0:f6:b2:3a:85:7f:0f:c1:16:7f:a8:dd:89:3f:f8:55:
         66:a6:00:4f:b2:df:4f:8d:a8:26:6f:02:cb:7a:a2:dd:83:c1:
         d7:52:4e:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlnjfjwShaxlU/bUlkXSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjYwNTE2MDcwMDUwWhcNMjYwNTE3MDcwMDUwWjAzMTEwLwYDVQQD
Eyg1ZmJkOTRjZjFkYzA0YWMxYWM2ODZlNGNmZTQ5N2I3MTMwMzU1ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjEUg4ojE3tjqoepMXGEvdJvaSwT
87GtaBNaIJ8oSTploblg2z3jvg2UcogwdUVwgMDWYRK/PyGICbpbP+7IkR8vGKop
HcN50u/v81Qe6U6DD+xuQBUfWN/zGMbdxjkuHRITSRzbu/JrNT/EohGHxjAQXlFr
nCjgeFb5GC3Ah5d5XJrG1V/NretUBJ3g92NceVx/4S6PAudKqCzjYPrztzMjJmT0
/3C7z/17zgaKSVvgUaAZ0cGwIQ+jXYku/Kl8jqRDNyePjD3g4J/Arnyln0fQFzNJ
NK5exbe4x1Kjb3GVuhMnMiJE0EqIgkKY8jID5FqlHH4mwOtEaPY03jiIGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+9lM8dwErBrGhuTP5Je3EwNV+RMB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWobSBsH8
71jdD8lioh5aovA83BvvG1p8O6khJCBbv0HDyU8bgQRDoopfMbw5kbB0oboFF64/
BrM2RiN5bLv1xmrANboSzaVA0EHLykTX+tMhGpSQ9/+rieow58uJSVQ5utnuCAZf
RMxGkucWIYqM4dxx3tVedvYZlO0Jw6WSSDgCfEmMc6A+X49IRCXejA36A9Z84H7t
FWiNZkTPBDNc06fYbe/CCjfvU5O08EQ+ZLrfkMrKXk/AcuB5OoCuZHld95dWCEw6
wC6zAD5vnid/+fHKOW1nh3JHNlnA9rI6hX8PwRZ/qN2JP/hVZqYAT7LfT42oJm8C
y3qi3YPB11JOSQ==
-----END CERTIFICATE-----