Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
File:                     ap2Z4esn7Hq76TViechBGkEw_co.mft (raw, json)
Hash identifier:          KgA8/b5sRZnc9nzLZ68Nd1LQXMburgMa95TWwTS3tqk=
Subject key identifier:   A5:B8:40:CC:55:69:DC:F2:52:F4:A0:11:7A:BD:DA:D4:87:EC:87:BC
Authority key identifier: 6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA
Certificate issuer:       /CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
Certificate serial:       019D38D335787FAE82CCA75E9C8AFC493436
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
Manifest number:          0F05
Signing time:             Sun 29 Mar 2026 09:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:58 +0000
Files and hashes:         1: ap2Z4esn7Hq76TViechBGkEw_co.crl (hash: LgQXzY0u6cJt8APrqguM7H4xRWyZKaonkA2m4YmkDQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:35:78:7f:ae:82:cc:a7:5e:9c:8a:fc:49:34:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
        Validity
            Not Before: Mar 29 09:00:58 2026 GMT
            Not After : Mar 30 09:00:58 2026 GMT
        Subject: CN=a5b840cc5569dcf252f4a0117abddad487ec87bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:cc:94:b0:48:0a:78:07:b2:64:d4:f6:7b:93:
                    ec:ad:68:2e:64:52:3d:36:25:f2:c3:cb:bf:8e:ae:
                    84:38:fc:8a:d5:54:e9:18:86:f7:d5:9c:0c:67:b0:
                    3e:a5:53:81:d8:87:4a:6f:62:6e:b9:f0:94:2b:f5:
                    22:92:37:f7:15:8e:e6:17:98:16:f7:39:1c:36:d6:
                    3b:8c:58:d6:cc:38:c4:5e:25:77:35:ce:74:ee:2d:
                    6e:69:64:f5:03:ee:21:5c:dd:de:f7:4f:fe:fb:d4:
                    4b:8a:d2:c7:ff:0f:67:bb:51:a9:2a:7a:0d:5b:02:
                    b8:40:d7:b9:c2:84:da:47:3a:f6:52:26:70:6d:21:
                    ca:f9:ac:8b:0b:7b:19:15:6b:d3:03:ba:63:cc:0b:
                    75:88:37:26:2f:3e:ef:86:a0:0a:fe:8d:4f:c5:af:
                    21:61:f4:a3:a1:6c:59:c5:95:c6:cd:ac:4f:37:cc:
                    56:dd:0b:4e:67:68:71:2d:11:1e:e2:eb:24:79:17:
                    3b:9e:4f:d1:b9:dd:48:d2:ef:3c:6f:71:77:14:1f:
                    f0:e6:12:f5:4e:a3:91:97:39:22:d4:e7:df:eb:7b:
                    73:b0:13:87:38:2c:1d:7c:b0:6e:81:1e:85:8d:20:
                    a9:b7:80:0b:f0:13:25:ae:ad:c2:e4:19:53:b9:6a:
                    b9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B8:40:CC:55:69:DC:F2:52:F4:A0:11:7A:BD:DA:D4:87:EC:87:BC
            X509v3 Authority Key Identifier:
                keyid:6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:32:a9:cd:e4:7d:a7:dd:af:02:c6:67:64:d2:e2:e3:88:8b:
         c6:bd:23:db:df:3d:c5:31:f3:55:4c:e1:3b:0f:ab:21:e8:18:
         f2:24:db:73:6b:a4:fe:12:37:44:fc:09:a3:b3:ea:f0:36:1c:
         f1:d3:7a:73:93:f7:63:53:6c:44:60:42:73:4f:08:df:4e:15:
         97:c8:5c:b7:ee:25:72:25:9e:a3:d2:18:14:65:74:ed:7f:98:
         f8:fd:79:15:fa:6d:a7:c9:ca:22:95:bd:91:37:43:03:d3:dd:
         f9:2a:7d:f6:31:1a:18:9b:c8:73:2a:9a:9b:d0:3c:75:a3:2b:
         6b:bd:cb:ad:58:fd:23:68:e4:d0:92:7d:a2:74:52:75:d6:ce:
         93:2a:df:2a:68:c5:1c:d0:91:73:a4:09:a0:c2:e0:48:69:67:
         29:bb:73:c0:46:4e:72:f5:d4:63:7d:2d:73:74:72:0e:53:c5:
         97:5d:74:f5:b0:32:33:8a:dd:2b:61:b0:1e:18:50:25:08:51:
         81:b2:5e:2b:92:7c:b0:54:99:ea:ed:c3:11:c5:a1:a5:12:19:
         43:56:8a:7f:4a:1f:93:78:ec:6d:93:16:e0:d7:8f:38:7c:9e:
         38:10:10:67:00:3f:8d:6d:33:5a:c0:97:df:41:ae:5d:0d:ca:
         f9:9b:46:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zV4f66CzKdenIr8STQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWQ5OWUxZWIyN2VjN2FiYmU5MzU2Mjc5Yzg0MTFhNDEz
MGZkY2EwHhcNMjYwMzI5MDkwMDU4WhcNMjYwMzMwMDkwMDU4WjAzMTEwLwYDVQQD
EyhhNWI4NDBjYzU1NjlkY2YyNTJmNGEwMTE3YWJkZGFkNDg3ZWM4N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9syUsEgKeAeyZNT2e5PsrWguZFI9
NiXyw8u/jq6EOPyK1VTpGIb31ZwMZ7A+pVOB2IdKb2JuufCUK/Uikjf3FY7mF5gW
9zkcNtY7jFjWzDjEXiV3Nc507i1uaWT1A+4hXN3e90/++9RLitLH/w9nu1GpKnoN
WwK4QNe5woTaRzr2UiZwbSHK+ayLC3sZFWvTA7pjzAt1iDcmLz7vhqAK/o1Pxa8h
YfSjoWxZxZXGzaxPN8xW3QtOZ2hxLREe4uskeRc7nk/Rud1I0u88b3F3FB/w5hL1
TqORlzki1Off63tzsBOHOCwdfLBugR6FjSCpt4AL8BMlrq3C5BlTuWq56wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW4QMxVadzyUvSgEXq92tSH7Ie8MB8GA1UdIwQY
MBaAFGqdmeHrJ+x6u+k1YnnIQRpBMP3KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQt
YjdkYWYyZTYwZjZmLzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQtYjdkYWYyZTYwZjZm
LzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjKpzeR9
p92vAsZnZNLi44iLxr0j2989xTHzVUzhOw+rIegY8iTbc2uk/hI3RPwJo7Pq8DYc
8dN6c5P3Y1NsRGBCc08I304Vl8hct+4lciWeo9IYFGV07X+Y+P15Ffptp8nKIpW9
kTdDA9Pd+Sp99jEaGJvIcyqam9A8daMra73LrVj9I2jk0JJ9onRSddbOkyrfKmjF
HNCRc6QJoMLgSGlnKbtzwEZOcvXUY30tc3RyDlPFl1109bAyM4rdK2GwHhhQJQhR
gbJeK5J8sFSZ6u3DEcWhpRIZQ1aKf0ofk3jsbZMW4NePOHyeOBAQZwA/jW0zWsCX
30GuXQ3K+ZtGIw==
-----END CERTIFICATE-----