Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
File:                     aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json)
Hash identifier:          BgLT9uL0SAMgmvlhcdh5BGKGXgMNxSt2yvIkNRQXtdA=
Subject key identifier:   D4:57:62:A3:E5:0B:7B:3D:1B:21:57:FF:42:92:16:EB:05:05:DF:B8
Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
Certificate issuer:       /CN=694d3295bace92fbc5407965c65cb65969bad028
Certificate serial:       019D389BAEFA9B09F45016994EC56A19871F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
Manifest number:          038D
Signing time:             Sun 29 Mar 2026 08:00:20 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:20 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:20 +0000
Files and hashes:         1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: 5cnh78A2Hb3yoFVnBUszTlbGkfAhO/r1EN+PgrcZZIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:ae:fa:9b:09:f4:50:16:99:4e:c5:6a:19:87:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028
        Validity
            Not Before: Mar 29 08:00:20 2026 GMT
            Not After : Mar 30 08:00:20 2026 GMT
        Subject: CN=d45762a3e50b7b3d1b2157ff429216eb0505dfb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:f5:50:03:94:88:90:17:29:21:31:b5:fb:fa:
                    e3:69:dc:41:3e:5f:00:ef:f3:66:0c:51:ea:c1:59:
                    2e:51:2b:0a:f0:d8:97:2e:43:43:ee:72:26:42:8c:
                    c6:b0:c4:2d:23:37:05:86:ab:ea:32:90:86:64:bb:
                    33:e5:7c:09:65:65:dd:bf:8d:c6:3e:5f:25:01:30:
                    ac:ac:17:28:3b:0e:03:ee:6d:c0:d7:4c:c0:10:47:
                    37:2f:67:21:ba:21:fa:5a:3a:5f:1a:72:f8:76:e4:
                    74:da:2b:18:3b:00:34:3c:3e:3b:dd:e0:f5:ee:b3:
                    e6:f1:9e:e5:46:88:28:f3:75:d8:f4:7e:4f:ef:c8:
                    7e:3e:ca:34:8a:00:3d:43:59:c6:2d:04:86:3b:8a:
                    d9:9b:71:a9:29:f4:e4:19:d7:15:85:6d:6d:63:bb:
                    54:e7:a0:b6:3e:7f:b1:e7:4e:bf:fb:7c:71:08:37:
                    19:3b:78:5c:0e:10:ec:bf:df:53:5c:66:ac:c5:38:
                    e7:8d:fb:ad:5d:a5:e0:e5:22:4b:c5:b7:ce:a7:60:
                    dd:00:34:f2:23:98:42:4f:b0:d7:50:a3:94:fb:61:
                    ef:4e:c4:18:36:1a:fb:ad:7d:43:71:5e:89:c0:75:
                    2f:a5:a3:8c:dd:96:1b:64:17:bf:f5:b6:42:70:37:
                    fc:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:57:62:A3:E5:0B:7B:3D:1B:21:57:FF:42:92:16:EB:05:05:DF:B8
            X509v3 Authority Key Identifier:
                keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:be:45:5e:3b:95:dd:9f:75:3f:56:21:ab:92:09:1a:86:75:
         c0:08:13:4f:c4:1d:a9:a2:07:6c:0b:d7:8c:e5:6e:e1:9e:d5:
         7b:93:10:63:e2:47:41:f1:7d:69:b3:6b:17:88:82:18:7a:3b:
         ed:a8:62:cc:22:a3:98:f0:d5:48:0c:de:0f:97:1c:5c:b2:ed:
         ec:0f:e8:76:68:92:53:38:50:ca:87:1d:a8:cb:11:80:8a:2a:
         ce:e7:c6:d5:9a:91:aa:c3:d2:cf:b1:d5:2b:31:11:c1:54:cc:
         69:58:e4:64:b7:dc:49:7c:74:3e:9a:69:bf:eb:23:f9:95:1d:
         0e:4e:4d:45:00:4e:67:8b:ee:fd:1c:c7:f5:13:5d:05:29:23:
         f7:e9:61:2f:f2:09:9d:fa:4f:d2:d4:bb:5a:12:76:90:12:7f:
         15:f6:6d:d4:1f:fe:17:ad:42:2f:e7:b7:06:97:db:28:aa:6b:
         6f:35:ed:57:20:4e:18:92:23:28:f5:2c:98:e8:df:ba:b6:61:
         0f:37:b5:11:42:63:9f:1b:c1:41:20:14:0c:bd:d6:c4:76:51:
         19:77:ce:f8:cc:3b:d1:d0:75:d4:23:6e:46:0e:6d:9f:c4:9d:
         09:66:d6:30:10:ba:df:04:be:c6:3e:cc:2e:b7:84:ad:bc:7d:
         16:f2:d4:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m676mwn0UBaZTsVqGYcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli
YWQwMjgwHhcNMjYwMzI5MDgwMDIwWhcNMjYwMzMwMDgwMDIwWjAzMTEwLwYDVQQD
EyhkNDU3NjJhM2U1MGI3YjNkMWIyMTU3ZmY0MjkyMTZlYjA1MDVkZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vVQA5SIkBcpITG1+/rjadxBPl8A
7/NmDFHqwVkuUSsK8NiXLkND7nImQozGsMQtIzcFhqvqMpCGZLsz5XwJZWXdv43G
Pl8lATCsrBcoOw4D7m3A10zAEEc3L2chuiH6WjpfGnL4duR02isYOwA0PD473eD1
7rPm8Z7lRogo83XY9H5P78h+Pso0igA9Q1nGLQSGO4rZm3GpKfTkGdcVhW1tY7tU
56C2Pn+x506/+3xxCDcZO3hcDhDsv99TXGasxTjnjfutXaXg5SJLxbfOp2DdADTy
I5hCT7DXUKOU+2HvTsQYNhr7rX1DcV6JwHUvpaOM3ZYbZBe/9bZCcDf8AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRXYqPlC3s9GyFX/0KSFusFBd+4MB8GA1UdIwQY
MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt
MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4
LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHb5FXjuV
3Z91P1Yhq5IJGoZ1wAgTT8QdqaIHbAvXjOVu4Z7Ve5MQY+JHQfF9abNrF4iCGHo7
7ahizCKjmPDVSAzeD5ccXLLt7A/odmiSUzhQyocdqMsRgIoqzufG1ZqRqsPSz7HV
KzERwVTMaVjkZLfcSXx0Ppppv+sj+ZUdDk5NRQBOZ4vu/RzH9RNdBSkj9+lhL/IJ
nfpP0tS7WhJ2kBJ/FfZt1B/+F61CL+e3BpfbKKprbzXtVyBOGJIjKPUsmOjfurZh
Dze1EUJjnxvBQSAUDL3WxHZRGXfO+Mw70dB11CNuRg5tn8SdCWbWMBC63wS+xj7M
LreErbx9FvLUkQ==
-----END CERTIFICATE-----