Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          Nbu6Soa4qgvw5/UF2zJAsxE0DuSjd5va4lkk9EDRoR4=
Subject key identifier:   D4:F5:74:D6:96:14:47:BE:D1:50:0A:9C:6B:96:7F:BC:AB:D3:86:6D
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       019D36E48EF2287D3C7EB21998CE9F201758
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          09FF
Signing time:             Sun 29 Mar 2026 00:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 00:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 00:00:41 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: nETExFa8VqXCBCSspgFcs/imh4XXhsZQXfLNQ9Wch/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 00:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:36:e4:8e:f2:28:7d:3c:7e:b2:19:98:ce:9f:20:17:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: Mar 29 00:00:41 2026 GMT
            Not After : Mar 30 00:00:41 2026 GMT
        Subject: CN=d4f574d6961447bed1500a9c6b967fbcabd3866d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:85:39:8d:a7:06:c5:73:cc:8d:f7:3e:f9:b0:
                    e6:01:bf:e1:d5:7e:a1:d1:2f:76:87:43:75:f6:59:
                    f4:d6:b8:ce:ff:fc:a0:bd:db:cf:5a:82:4b:29:71:
                    c5:6e:36:f4:54:39:11:89:7b:7e:be:f9:37:5d:6d:
                    25:83:d1:f6:c3:ed:4e:bf:cf:99:7a:76:ed:0d:b7:
                    c5:92:1f:28:34:9d:88:cd:f6:4b:3d:85:6e:e1:be:
                    1c:b3:d8:af:c7:dc:92:46:4e:14:09:52:3d:a6:80:
                    1c:5e:bb:31:33:b4:b1:e1:21:20:da:35:bf:d2:a3:
                    a1:81:2d:14:35:9d:f5:ce:65:77:87:3d:e8:b5:76:
                    b0:12:3b:df:5c:d8:a3:8b:c2:99:8d:ec:39:4b:8b:
                    53:e0:67:64:59:e2:0d:ab:72:01:17:c4:aa:a5:26:
                    5d:0c:82:af:ee:36:f1:03:91:9f:7f:60:7f:70:95:
                    dc:a9:bb:0a:83:47:c8:fd:59:67:cf:1c:47:59:ae:
                    ee:a9:42:ce:7b:73:3c:58:50:37:e5:13:10:35:2c:
                    c8:86:16:c1:93:9a:77:97:78:49:db:21:de:3d:a8:
                    c2:50:99:49:32:25:f3:aa:32:e8:65:9d:09:90:c6:
                    a6:56:c6:64:f9:df:7b:96:4b:31:32:5d:bd:f8:74:
                    51:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:F5:74:D6:96:14:47:BE:D1:50:0A:9C:6B:96:7F:BC:AB:D3:86:6D
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:c0:3d:4e:18:a3:a2:a2:1d:26:f2:0d:45:96:ce:a1:b4:04:
         ce:73:ac:fc:e4:fe:1f:64:d4:c7:b8:35:7a:bf:ac:ee:5e:0a:
         d4:71:5b:cc:30:d8:e1:65:04:51:49:d6:55:8a:53:00:74:e1:
         1a:c1:10:c0:0e:c8:e9:ad:1b:03:72:fd:7c:9a:42:e9:1f:76:
         4e:f2:cc:5e:7f:8e:3f:bb:fc:b2:67:14:c2:c2:f0:e9:75:a3:
         6e:b6:81:18:75:74:01:9c:dc:1d:05:5c:41:35:37:eb:ba:71:
         36:75:72:c1:07:70:20:16:73:08:45:b5:af:e3:d9:7b:d0:c5:
         f7:28:68:c1:f5:e4:10:63:d3:80:d0:00:54:49:5d:26:8a:38:
         07:4e:9f:7b:69:ac:5d:f1:8d:34:b8:89:2f:7e:ae:23:52:01:
         a9:b2:56:19:5d:20:42:66:9c:28:2b:19:bb:51:db:4c:da:3c:
         e1:02:26:9f:28:46:d9:24:26:62:77:3e:5e:50:51:5e:a4:d1:
         e1:56:0f:ca:d1:a4:c3:e3:69:93:aa:e1:d4:48:42:b2:fc:4f:
         49:b4:17:b1:4b:eb:c8:2d:c1:fe:ea:94:18:2a:19:58:c1:2f:
         96:61:85:6a:d4:5a:c1:7e:51:5e:1d:ab:53:54:bd:ed:0e:09:
         c8:ce:5c:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025I7yKH08frIZmM6fIBdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjYwMzI5MDAwMDQxWhcNMjYwMzMwMDAwMDQxWjAzMTEwLwYDVQQD
EyhkNGY1NzRkNjk2MTQ0N2JlZDE1MDBhOWM2Yjk2N2ZiY2FiZDM4NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYU5jacGxXPMjfc++bDmAb/h1X6h
0S92h0N19ln01rjO//ygvdvPWoJLKXHFbjb0VDkRiXt+vvk3XW0lg9H2w+1Ov8+Z
enbtDbfFkh8oNJ2IzfZLPYVu4b4cs9ivx9ySRk4UCVI9poAcXrsxM7Sx4SEg2jW/
0qOhgS0UNZ31zmV3hz3otXawEjvfXNiji8KZjew5S4tT4GdkWeINq3IBF8SqpSZd
DIKv7jbxA5Gff2B/cJXcqbsKg0fI/VlnzxxHWa7uqULOe3M8WFA35RMQNSzIhhbB
k5p3l3hJ2yHePajCUJlJMiXzqjLoZZ0JkMamVsZk+d97lksxMl29+HRRcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNT1dNaWFEe+0VAKnGuWf7yr04ZtMB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJsA9Thij
oqIdJvINRZbOobQEznOs/OT+H2TUx7g1er+s7l4K1HFbzDDY4WUEUUnWVYpTAHTh
GsEQwA7I6a0bA3L9fJpC6R92TvLMXn+OP7v8smcUwsLw6XWjbraBGHV0AZzcHQVc
QTU367pxNnVywQdwIBZzCEW1r+PZe9DF9yhowfXkEGPTgNAAVEldJoo4B06fe2ms
XfGNNLiJL36uI1IBqbJWGV0gQmacKCsZu1HbTNo84QImnyhG2SQmYnc+XlBRXqTR
4VYPytGkw+Npk6rh1EhCsvxPSbQXsUvryC3B/uqUGCoZWMEvlmGFatRawX5RXh2r
U1S97Q4JyM5cWg==
-----END CERTIFICATE-----