Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          gwGvk2CtFK1JiljsN37IrrILP1DurG0t43ClFF91vao=
Subject key identifier:   F6:26:3A:C1:D5:15:DD:25:9C:7C:B3:4B:E5:C3:E7:B7:3F:83:39:86
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       019D394143D7A58439A78942B9F2F4BA4E42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          0A4D
Signing time:             Sun 29 Mar 2026 11:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:11 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: o5e2Q30VrwocjDf3dx4ozfQaRwDEOq5fGg/dAm5w0NI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:43:d7:a5:84:39:a7:89:42:b9:f2:f4:ba:4e:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: Mar 29 11:01:11 2026 GMT
            Not After : Mar 30 11:01:11 2026 GMT
        Subject: CN=f6263ac1d515dd259c7cb34be5c3e7b73f833986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:83:f2:28:ce:cb:2c:25:bf:17:38:55:a7:fb:
                    85:a0:bb:3f:9c:a8:0d:63:d5:05:e9:b7:7f:0c:13:
                    80:05:d3:1a:4b:f4:fd:92:9e:7f:dd:b3:da:46:d5:
                    4a:bb:13:e9:cf:7d:a3:33:f5:ca:aa:41:38:d8:69:
                    c1:a7:55:b3:03:2b:e5:29:ae:25:e7:cb:41:72:21:
                    c3:33:ee:a5:17:90:eb:f0:a7:c1:3a:d7:65:86:1f:
                    60:08:7b:a1:c7:a8:d6:d4:5c:67:5c:74:04:05:02:
                    61:9b:80:38:75:2d:d1:e9:e0:92:31:f7:ee:cc:b8:
                    96:a3:44:f8:b0:7b:3e:67:57:e3:77:f6:29:e8:07:
                    bd:14:f4:99:e7:16:db:6e:23:7e:f9:1a:b9:a3:7c:
                    50:59:b9:3a:64:95:d1:b6:20:63:a0:d5:90:12:a9:
                    53:d0:d8:5d:8e:48:c5:f0:e4:cf:41:e9:47:5a:f2:
                    db:7a:ae:d8:5c:78:72:36:71:76:67:bd:13:a5:8a:
                    9c:09:8a:08:e9:c3:b2:94:9d:0f:cf:2a:a7:69:17:
                    88:8d:82:07:18:a7:36:ca:02:32:d7:f5:b6:1b:e2:
                    d9:f0:a0:66:ed:c5:61:ed:bc:da:6e:39:1b:3e:5f:
                    70:a8:15:bc:a9:7d:da:b3:4c:bf:f1:e2:c0:94:1c:
                    0f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:26:3A:C1:D5:15:DD:25:9C:7C:B3:4B:E5:C3:E7:B7:3F:83:39:86
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:c4:f0:75:41:13:15:42:d8:53:0a:70:24:78:51:c7:3b:5b:
         64:ea:2f:65:e7:a5:13:61:5c:50:d6:90:51:3c:ef:64:5e:0c:
         38:5a:0c:e9:da:74:dc:4b:80:ec:4a:17:14:ef:d0:c2:4e:3d:
         57:96:20:76:d5:53:a0:88:ee:ea:e5:6d:21:ce:80:9d:b7:78:
         2d:55:ae:69:7d:97:09:43:0d:42:19:05:79:aa:b4:76:c8:b4:
         af:d3:68:43:17:17:ef:02:44:48:eb:a0:86:f2:ac:26:77:d0:
         dd:8b:8a:4a:0c:15:2b:c1:c5:90:f5:90:ec:99:06:f3:b0:11:
         f2:70:fe:c1:db:1c:a5:ac:08:72:c1:12:34:4f:7e:b2:72:d1:
         82:aa:64:8e:4c:a1:ae:58:76:27:fc:18:21:26:80:63:1c:d9:
         56:6d:5f:5a:74:64:91:55:d7:27:8e:8d:72:09:12:1e:9a:95:
         eb:43:a5:f0:d3:3a:a2:58:57:1b:d3:9e:5d:04:56:e8:05:70:
         56:55:f8:4c:12:28:8c:00:6e:e4:4b:05:4c:1c:7e:08:42:c2:
         75:52:07:e2:f0:09:34:8d:db:b0:38:78:9c:6e:1e:40:1d:ce:
         89:f9:26:9e:6e:5a:4e:5e:4d:c5:62:78:65:57:8b:75:01:71:
         a8:a0:99:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QUPXpYQ5p4lCufL0uk5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjYwMzI5MTEwMTExWhcNMjYwMzMwMTEwMTExWjAzMTEwLwYDVQQD
EyhmNjI2M2FjMWQ1MTVkZDI1OWM3Y2IzNGJlNWMzZTdiNzNmODMzOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4PyKM7LLCW/FzhVp/uFoLs/nKgN
Y9UF6bd/DBOABdMaS/T9kp5/3bPaRtVKuxPpz32jM/XKqkE42GnBp1WzAyvlKa4l
58tBciHDM+6lF5Dr8KfBOtdlhh9gCHuhx6jW1FxnXHQEBQJhm4A4dS3R6eCSMffu
zLiWo0T4sHs+Z1fjd/Yp6Ae9FPSZ5xbbbiN++Rq5o3xQWbk6ZJXRtiBjoNWQEqlT
0NhdjkjF8OTPQelHWvLbeq7YXHhyNnF2Z70TpYqcCYoI6cOylJ0PzyqnaReIjYIH
GKc2ygIy1/W2G+LZ8KBm7cVh7bzabjkbPl9wqBW8qX3as0y/8eLAlBwPswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYmOsHVFd0lnHyzS+XD57c/gzmGMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGMTwdUET
FULYUwpwJHhRxztbZOovZeelE2FcUNaQUTzvZF4MOFoM6dp03EuA7EoXFO/Qwk49
V5YgdtVToIju6uVtIc6Anbd4LVWuaX2XCUMNQhkFeaq0dsi0r9NoQxcX7wJESOug
hvKsJnfQ3YuKSgwVK8HFkPWQ7JkG87AR8nD+wdscpawIcsESNE9+snLRgqpkjkyh
rlh2J/wYISaAYxzZVm1fWnRkkVXXJ46NcgkSHpqV60Ol8NM6olhXG9OeXQRW6AVw
VlX4TBIojABu5EsFTBx+CELCdVIH4vAJNI3bsDh4nG4eQB3Oifkmnm5aTl5NxWJ4
ZVeLdQFxqKCZUg==
-----END CERTIFICATE-----