Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft
File:                     aPgE6F8ICkuVFSbfi3IwEAe37es.mft (raw, json)
Hash identifier:          +iqHZtYQY7lWWDBB+Eb/TYmyNIXaLExVrwrT+3u0YDo=
Subject key identifier:   F2:00:8F:B3:B5:C3:B9:96:A8:B7:B7:66:C5:0A:C9:2F:FD:EA:8D:8F
Authority key identifier: 68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB
Certificate issuer:       /CN=68f804e85f080a4b951526df8b72301007b7edeb
Certificate serial:       019D3A1CD21D5B8E93D708F6A5CF51FF4B40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft
Manifest number:          0143
Signing time:             Sun 29 Mar 2026 15:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 15:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 15:01:00 +0000
Files and hashes:         1: aPgE6F8ICkuVFSbfi3IwEAe37es.crl (hash: 5162evJI9QLIqYiCj0elz+XaLxYYXJFf3NuDGMwG2jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 15:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:d2:1d:5b:8e:93:d7:08:f6:a5:cf:51:ff:4b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68f804e85f080a4b951526df8b72301007b7edeb
        Validity
            Not Before: Mar 29 15:01:00 2026 GMT
            Not After : Mar 30 15:01:00 2026 GMT
        Subject: CN=f2008fb3b5c3b996a8b7b766c50ac92ffdea8d8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7c:b3:7f:d9:28:5f:66:5f:da:69:b7:69:18:
                    cd:7d:d0:58:f1:fe:d4:ea:d3:3e:5a:28:7f:67:34:
                    a3:d0:41:bf:ab:1b:05:0d:79:af:38:6c:88:b9:82:
                    51:54:41:d4:ef:49:e9:5f:d8:06:4e:53:32:07:ea:
                    d6:71:1e:7d:5e:76:f4:69:d5:86:b7:54:06:34:e2:
                    70:51:a8:f7:c7:cf:88:f0:53:91:95:9e:d7:8c:25:
                    a5:61:99:8d:1a:c7:2b:fb:d7:f6:d8:e4:39:9a:d4:
                    35:80:45:a8:0d:66:48:48:46:dc:31:c6:0c:e8:aa:
                    ca:07:56:39:c5:6d:78:5b:e4:5f:33:44:53:c7:67:
                    6d:e8:12:9e:31:11:b6:ed:f6:13:9e:19:9d:a7:20:
                    9a:69:4c:d5:e5:ae:1c:91:2a:ba:07:d8:1f:c0:22:
                    c6:c6:11:d9:fd:7a:73:0a:09:77:65:e7:14:60:c2:
                    db:82:4c:85:c6:07:19:e9:f4:3a:4f:c8:30:a2:8a:
                    d4:ee:25:83:2f:3c:7c:c8:a4:bf:43:33:87:81:be:
                    a2:28:9a:f4:eb:03:a8:ee:f9:61:4d:0b:11:95:56:
                    05:ea:4d:62:ec:f0:ff:99:35:c4:47:c4:d3:85:f7:
                    06:fa:ea:34:8c:4a:ac:cf:9e:61:92:06:5a:e9:5c:
                    0b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:00:8F:B3:B5:C3:B9:96:A8:B7:B7:66:C5:0A:C9:2F:FD:EA:8D:8F
            X509v3 Authority Key Identifier:
                keyid:68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:38:de:63:f3:57:48:c9:f3:de:53:27:05:07:18:4a:06:19:
         c9:87:37:8b:fe:fa:dc:aa:b6:7d:13:0c:d4:8b:8d:40:26:66:
         25:07:e4:c0:2c:93:44:97:48:88:4a:22:fe:20:bf:e7:1e:e8:
         ec:b8:69:1e:38:ec:e4:22:6f:8d:f6:91:08:87:53:65:42:ac:
         da:fe:12:18:c0:e4:13:84:e0:74:e4:13:a4:c8:6b:d5:2c:08:
         b5:30:b6:53:96:42:09:27:f7:4c:ff:0b:f0:b6:bf:4c:67:6e:
         f8:ee:32:12:03:59:0e:85:4d:5e:81:45:9e:a5:20:f3:8d:93:
         22:fe:70:1b:c8:17:74:7a:c2:d5:5f:54:9c:9a:f5:5a:01:c7:
         fc:3d:9b:8d:e3:ce:8e:0c:70:e3:4b:bc:10:89:f3:ef:c8:0d:
         d0:f8:b0:0e:c9:c5:cd:28:4e:79:4c:dd:54:1d:8d:3c:37:21:
         7a:0e:b6:c3:09:eb:04:b0:e4:3b:ac:00:ad:c3:32:43:9c:35:
         52:f6:33:a7:b8:9e:df:05:1e:7c:4c:4d:42:ed:7d:9c:f1:82:
         fb:49:ad:c9:9b:e6:e8:17:ac:69:cd:44:47:9a:e5:31:74:f3:
         00:13:20:90:92:70:8f:9d:d4:90:50:39:1a:61:f4:eb:9e:43:
         ce:a0:e4:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HNIdW46T1wj2pc9R/0tAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjgwNGU4NWYwODBhNGI5NTE1MjZkZjhiNzIzMDEwMDdi
N2VkZWIwHhcNMjYwMzI5MTUwMTAwWhcNMjYwMzMwMTUwMTAwWjAzMTEwLwYDVQQD
EyhmMjAwOGZiM2I1YzNiOTk2YThiN2I3NjZjNTBhYzkyZmZkZWE4ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3yzf9koX2Zf2mm3aRjNfdBY8f7U
6tM+Wih/ZzSj0EG/qxsFDXmvOGyIuYJRVEHU70npX9gGTlMyB+rWcR59Xnb0adWG
t1QGNOJwUaj3x8+I8FORlZ7XjCWlYZmNGscr+9f22OQ5mtQ1gEWoDWZISEbcMcYM
6KrKB1Y5xW14W+RfM0RTx2dt6BKeMRG27fYTnhmdpyCaaUzV5a4ckSq6B9gfwCLG
xhHZ/XpzCgl3ZecUYMLbgkyFxgcZ6fQ6T8gwoorU7iWDLzx8yKS/QzOHgb6iKJr0
6wOo7vlhTQsRlVYF6k1i7PD/mTXER8TThfcG+uo0jEqsz55hkgZa6VwLKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIAj7O1w7mWqLe3ZsUKyS/96o2PMB8GA1UdIwQY
MBaAFGj4BOhfCApLlRUm34tyMBAHt+3rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUt
ODlhZjFmMjYyOGU2LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUtODlhZjFmMjYyOGU2
LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcDjeY/NX
SMnz3lMnBQcYSgYZyYc3i/763Kq2fRMM1IuNQCZmJQfkwCyTRJdIiEoi/iC/5x7o
7LhpHjjs5CJvjfaRCIdTZUKs2v4SGMDkE4TgdOQTpMhr1SwItTC2U5ZCCSf3TP8L
8La/TGdu+O4yEgNZDoVNXoFFnqUg842TIv5wG8gXdHrC1V9UnJr1WgHH/D2bjePO
jgxw40u8EInz78gN0PiwDsnFzShOeUzdVB2NPDcheg62wwnrBLDkO6wArcMyQ5w1
UvYzp7ie3wUefExNQu19nPGC+0mtyZvm6Besac1ER5rlMXTzABMgkJJwj53UkFA5
GmH0655DzqDkzg==
-----END CERTIFICATE-----