Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          UJQofH8RSilSAOdrUIIymrtYRxQcHRYcWZWVFu31+gs=
Subject key identifier:   1D:C8:C9:48:00:BD:AB:15:D5:38:5B:35:0A:64:36:3B:D5:14:A8:29
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019D38D356A16F32D21E55EF2E43359EBD2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0E06
Signing time:             Sun 29 Mar 2026 09:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:07 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: q3o02VBSSfTj9EOICcMFPRndjbVAoW36n7pBAePuBOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:56:a1:6f:32:d2:1e:55:ef:2e:43:35:9e:bd:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Mar 29 09:01:07 2026 GMT
            Not After : Mar 30 09:01:07 2026 GMT
        Subject: CN=1dc8c94800bdab15d5385b350a64363bd514a829
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9a:33:7a:e5:fd:7b:82:39:8c:93:af:aa:0a:
                    f9:b0:a3:90:22:5f:ab:cd:7e:02:a4:8c:a8:a8:ef:
                    91:4c:41:e3:fd:7f:ae:aa:17:ff:0b:df:e4:1d:7e:
                    15:45:f9:d1:f0:49:75:8a:40:22:ba:7f:66:1b:75:
                    6f:80:bf:67:5d:17:97:d5:e2:04:de:92:3b:a6:cb:
                    b6:7c:04:58:87:5d:7b:bc:db:cc:93:02:ad:87:bd:
                    c5:cb:f6:37:7c:19:11:f4:99:1c:6a:94:8f:8c:09:
                    25:1e:66:0d:88:60:64:c3:9e:ef:7b:a3:58:88:2f:
                    89:4c:78:22:a9:5b:8f:b5:25:1e:41:2e:66:9e:49:
                    c5:88:a7:6e:83:73:78:99:bb:8b:ca:ec:c9:ec:38:
                    81:87:45:a5:8b:e7:6c:2f:52:71:f8:9b:97:dc:c2:
                    1d:c2:04:45:13:4b:d1:2a:18:a1:54:21:49:a0:6c:
                    33:08:3d:ce:25:77:bc:79:f6:0d:8b:11:c1:60:45:
                    d5:7a:16:fe:c9:6e:79:d3:bd:d2:d8:a7:49:48:9f:
                    6c:7c:a2:22:ae:9b:50:52:55:ca:66:db:de:47:1a:
                    0a:b0:3a:90:62:fd:e2:55:24:ac:4c:ea:ba:2e:14:
                    9d:0d:2f:80:70:0e:56:0c:fb:ab:4d:38:a6:fa:4c:
                    4f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C8:C9:48:00:BD:AB:15:D5:38:5B:35:0A:64:36:3B:D5:14:A8:29
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ec:57:a3:fe:ab:55:be:98:a8:fa:09:52:4d:c3:91:e9:aa:
         d4:47:72:d9:4f:d7:5a:89:8d:b4:97:b6:b8:1e:71:2e:92:a6:
         15:9a:f7:4a:44:30:e8:3b:8d:e3:b8:f2:bd:94:ba:68:ba:18:
         e1:91:ad:46:08:1f:16:dc:be:22:47:d0:7b:77:61:89:01:1f:
         50:ee:61:c8:6f:af:c3:7b:7e:78:e1:02:22:8e:3f:c4:7c:12:
         82:6c:db:0e:87:ae:ef:c2:de:ed:3a:fb:4d:33:9e:e2:5d:eb:
         f8:ca:ab:5e:4f:00:56:1a:a4:a6:9c:3e:36:9f:19:6c:15:d7:
         d1:d5:09:6b:2f:57:16:ef:2d:86:ed:b8:c7:c8:76:26:0d:9f:
         b1:46:27:d0:0b:f5:5b:3c:54:f7:6e:bd:4a:e9:ac:93:8b:8c:
         ed:7d:c4:ec:2c:87:38:6d:55:6b:0c:32:b4:a3:72:9c:1f:34:
         9a:59:85:09:8b:fc:bc:d6:81:0d:96:ff:3b:d1:23:7a:59:c6:
         1c:2c:90:b5:b6:f2:a4:d2:9c:cd:74:3a:42:99:8c:f9:ae:ec:
         1d:4e:3b:e2:45:10:5a:1a:08:9b:73:75:82:e9:c4:48:24:2d:
         8e:48:6d:a0:32:33:15:66:56:48:18:12:1c:e2:4e:f4:5f:d2:
         0d:c2:11:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401ahbzLSHlXvLkM1nr0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjYwMzI5MDkwMTA3WhcNMjYwMzMwMDkwMTA3WjAzMTEwLwYDVQQD
EygxZGM4Yzk0ODAwYmRhYjE1ZDUzODViMzUwYTY0MzYzYmQ1MTRhODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZozeuX9e4I5jJOvqgr5sKOQIl+r
zX4CpIyoqO+RTEHj/X+uqhf/C9/kHX4VRfnR8El1ikAiun9mG3VvgL9nXReX1eIE
3pI7psu2fARYh117vNvMkwKth73Fy/Y3fBkR9JkcapSPjAklHmYNiGBkw57ve6NY
iC+JTHgiqVuPtSUeQS5mnknFiKdug3N4mbuLyuzJ7DiBh0Wli+dsL1Jx+JuX3MId
wgRFE0vRKhihVCFJoGwzCD3OJXe8efYNixHBYEXVehb+yW55073S2KdJSJ9sfKIi
rptQUlXKZtveRxoKsDqQYv3iVSSsTOq6LhSdDS+AcA5WDPurTTim+kxP7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3IyUgAvasV1ThbNQpkNjvVFKgpMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZOxXo/6r
Vb6YqPoJUk3Dkemq1Edy2U/XWomNtJe2uB5xLpKmFZr3SkQw6DuN47jyvZS6aLoY
4ZGtRggfFty+IkfQe3dhiQEfUO5hyG+vw3t+eOECIo4/xHwSgmzbDoeu78Le7Tr7
TTOe4l3r+MqrXk8AVhqkppw+Np8ZbBXX0dUJay9XFu8thu24x8h2Jg2fsUYn0Av1
WzxU9269Sumsk4uM7X3E7CyHOG1VawwytKNynB80mlmFCYv8vNaBDZb/O9EjelnG
HCyQtbbypNKczXQ6QpmM+a7sHU474kUQWhoIm3N1gunESCQtjkhtoDIzFWZWSBgS
HOJO9F/SDcIR+A==
-----END CERTIFICATE-----