Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft
File:                     aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft (raw, json)
Hash identifier:          tsfGkK8jOP2mN6ajArrq5MUClHObIss9SzLmxYnmC6I=
Subject key identifier:   97:B2:21:D2:A6:A1:F3:F7:A4:AA:44:BD:C4:03:5F:27:FA:D7:55:D0
Authority key identifier: 69:51:D3:A6:8F:40:00:8A:D8:C5:20:74:5C:A0:F3:09:EA:81:E9:65
Certificate issuer:       /CN=6951d3a68f40008ad8c520745ca0f309ea81e965
Certificate serial:       019D382DF1228FAC354DFB709FD43D4F9A88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVHTpo9AAIrYxSB0XKDzCeqB6WU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft
Manifest number:          01EE
Signing time:             Sun 29 Mar 2026 06:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:28 +0000
Files and hashes:         1: aVHTpo9AAIrYxSB0XKDzCeqB6WU.crl (hash: gAGD8NKjA3txyAVMTrdhdMzRo3wYXnRDn/I5L/iyW0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aVHTpo9AAIrYxSB0XKDzCeqB6WU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2d:f1:22:8f:ac:35:4d:fb:70:9f:d4:3d:4f:9a:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6951d3a68f40008ad8c520745ca0f309ea81e965
        Validity
            Not Before: Mar 29 06:00:28 2026 GMT
            Not After : Mar 30 06:00:28 2026 GMT
        Subject: CN=97b221d2a6a1f3f7a4aa44bdc4035f27fad755d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:53:23:05:41:f3:e3:2c:cd:75:b8:a5:e8:1e:
                    1f:f4:51:6c:cd:0d:46:2c:a0:a5:bf:93:0c:97:dd:
                    90:45:25:d6:b1:ec:49:35:d4:32:30:ff:cd:40:b9:
                    0e:15:81:70:14:8b:f5:db:56:e8:0d:4e:8d:63:1f:
                    88:f4:40:8c:61:fb:94:1a:f1:90:2a:f4:e6:35:af:
                    d4:ac:07:49:f6:19:17:14:47:2c:8c:66:7a:91:67:
                    a8:69:61:da:9b:d5:50:f5:b7:6a:d6:c1:fd:c8:5c:
                    09:2f:62:84:69:dc:2d:e3:da:2f:7a:22:35:f6:3e:
                    70:5f:08:bc:b6:f3:d3:d0:f0:c4:fa:b0:c9:da:54:
                    8e:73:d6:08:7f:43:08:ae:0b:f3:b4:02:38:e9:e2:
                    b3:6e:09:ac:30:8d:f6:08:c3:0d:8a:3d:73:5c:04:
                    7c:80:ac:52:52:96:4e:57:f3:08:c9:ed:53:5d:ae:
                    d0:0b:d5:0d:40:17:0f:73:22:f8:f4:2b:8f:db:11:
                    66:df:3c:8b:50:40:b6:4f:1f:07:f0:ce:78:62:d6:
                    0b:34:6e:68:03:60:6b:41:93:69:43:16:99:04:17:
                    de:7f:8d:c5:a7:e6:97:ba:df:e4:8f:c9:f3:88:47:
                    b0:1b:a2:df:f2:0c:81:63:5a:c2:ba:92:01:d0:8d:
                    00:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:B2:21:D2:A6:A1:F3:F7:A4:AA:44:BD:C4:03:5F:27:FA:D7:55:D0
            X509v3 Authority Key Identifier:
                keyid:69:51:D3:A6:8F:40:00:8A:D8:C5:20:74:5C:A0:F3:09:EA:81:E9:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVHTpo9AAIrYxSB0XKDzCeqB6WU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:fc:65:34:57:23:b7:a2:63:a0:d5:4c:d2:67:47:8e:db:62:
         dd:9e:10:86:6b:c6:f1:a6:c5:8b:df:dc:4a:64:21:1a:57:84:
         7f:ce:d4:56:30:8f:e4:5c:b3:98:c9:96:e4:1c:a6:0e:f5:62:
         5e:52:8b:06:61:21:d7:76:ae:7d:77:99:39:6c:3d:f5:b9:af:
         8c:b2:2c:49:26:ee:e1:c6:6d:ba:3d:9f:2b:32:b6:8c:f3:7b:
         5e:b0:65:7f:bb:e7:af:5f:a4:35:de:64:ab:e0:25:ae:e8:94:
         be:30:fa:f5:a3:5c:c6:11:5f:4d:84:0c:53:d6:f5:40:3d:cd:
         0d:84:0d:05:ed:a1:01:64:47:c6:ce:14:51:15:c1:7c:08:67:
         0f:e0:c6:18:61:d4:4d:71:18:df:55:bc:88:60:61:2c:62:4e:
         3f:94:61:db:5e:7a:74:0c:1d:8b:a6:3f:cb:5a:66:50:be:1e:
         3a:e4:5d:46:8b:7f:ef:21:69:1e:2c:e4:5e:8b:11:49:69:db:
         43:e5:02:d5:7f:e2:11:6e:0b:a1:61:47:c6:5e:ec:c9:99:e7:
         e2:39:10:e4:e6:d5:82:34:6e:f1:0a:99:e3:cb:d9:a7:4e:b2:
         b3:8f:2a:1d:0d:6f:e0:ca:58:f9:1b:c6:9c:25:31:f3:4e:2f:
         36:1b:47:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LfEij6w1Tftwn9Q9T5qIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTFkM2E2OGY0MDAwOGFkOGM1MjA3NDVjYTBmMzA5ZWE4
MWU5NjUwHhcNMjYwMzI5MDYwMDI4WhcNMjYwMzMwMDYwMDI4WjAzMTEwLwYDVQQD
Eyg5N2IyMjFkMmE2YTFmM2Y3YTRhYTQ0YmRjNDAzNWYyN2ZhZDc1NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71MjBUHz4yzNdbil6B4f9FFszQ1G
LKClv5MMl92QRSXWsexJNdQyMP/NQLkOFYFwFIv121boDU6NYx+I9ECMYfuUGvGQ
KvTmNa/UrAdJ9hkXFEcsjGZ6kWeoaWHam9VQ9bdq1sH9yFwJL2KEadwt49oveiI1
9j5wXwi8tvPT0PDE+rDJ2lSOc9YIf0MIrgvztAI46eKzbgmsMI32CMMNij1zXAR8
gKxSUpZOV/MIye1TXa7QC9UNQBcPcyL49CuP2xFm3zyLUEC2Tx8H8M54YtYLNG5o
A2BrQZNpQxaZBBfef43Fp+aXut/kj8nziEewG6Lf8gyBY1rCupIB0I0A7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeyIdKmofP3pKpEvcQDXyf611XQMB8GA1UdIwQY
MBaAFGlR06aPQACK2MUgdFyg8wnqgellMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZIVHBvOUFBSXJZeFNCMFhLRHpDZXFCNldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83ZWFmMDUtNmEwMy00MGIxLTk3YmIt
YTI1MjExMTRhNzJlLzEvYVZIVHBvOUFBSXJZeFNCMFhLRHpDZXFCNldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83ZWFmMDUtNmEwMy00MGIxLTk3YmItYTI1MjExMTRhNzJl
LzEvYVZIVHBvOUFBSXJZeFNCMFhLRHpDZXFCNldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPxlNFcj
t6JjoNVM0mdHjtti3Z4QhmvG8abFi9/cSmQhGleEf87UVjCP5FyzmMmW5BymDvVi
XlKLBmEh13aufXeZOWw99bmvjLIsSSbu4cZtuj2fKzK2jPN7XrBlf7vnr1+kNd5k
q+AlruiUvjD69aNcxhFfTYQMU9b1QD3NDYQNBe2hAWRHxs4UURXBfAhnD+DGGGHU
TXEY31W8iGBhLGJOP5Rh2156dAwdi6Y/y1pmUL4eOuRdRot/7yFpHizkXosRSWnb
Q+UC1X/iEW4LoWFHxl7syZnn4jkQ5ObVgjRu8QqZ48vZp06ys48qHQ1v4MpY+RvG
nCUx804vNhtH3Q==
-----END CERTIFICATE-----