Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
File:                     aWZ-UauBVWetZ8u10biJY4Nfqfc.mft (raw, json)
Hash identifier:          1JEEe8ON1/o6SoKKfmHjTqoeq8xUSDV8YFxCu+O1IXw=
Subject key identifier:   5D:09:08:B7:6D:0E:14:0C:55:75:5B:D3:25:E6:23:FE:AD:EB:6A:B7
Authority key identifier: 69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7
Certificate issuer:       /CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
Certificate serial:       019D3A547A05B31180FB3E0004D2E1AC7971
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
Manifest number:          0FF0
Signing time:             Sun 29 Mar 2026 16:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:47 +0000
Files and hashes:         1: aWZ-UauBVWetZ8u10biJY4Nfqfc.crl (hash: VEYAkcSX035WPNMdJqks0HSzTPGISzSLb66E0/7DFow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:7a:05:b3:11:80:fb:3e:00:04:d2:e1:ac:79:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
        Validity
            Not Before: Mar 29 16:01:47 2026 GMT
            Not After : Mar 30 16:01:47 2026 GMT
        Subject: CN=5d0908b76d0e140c55755bd325e623feadeb6ab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:0d:4d:3b:23:b3:c4:2e:7e:cd:ca:a7:8c:d7:
                    cc:17:e9:68:f8:bb:80:17:ee:a0:1b:3e:22:74:f8:
                    12:3f:3a:80:04:99:a2:af:83:58:4d:ce:dd:79:0c:
                    c7:20:23:2d:cf:a1:8c:49:45:ee:92:cd:c8:fb:b5:
                    c5:16:2f:13:c8:5b:6c:bb:80:7e:4f:a1:56:5e:57:
                    09:f1:fa:36:be:fd:6d:ca:08:d9:ae:bd:75:f3:f4:
                    2d:4a:20:27:fb:9a:6e:a4:b4:05:5b:83:ec:66:3c:
                    f0:e5:21:fa:74:0a:d2:47:20:ed:46:64:6f:57:8d:
                    c5:00:df:e8:79:80:d3:47:7b:c6:e7:68:03:7f:46:
                    bb:9c:13:70:1c:2e:58:0c:df:5b:6a:e0:13:04:19:
                    40:ff:74:8f:b4:66:4c:ad:64:91:f7:6a:fd:c5:33:
                    21:18:00:80:3f:6b:e1:3a:49:ea:66:7f:c7:54:97:
                    97:f3:5b:23:ba:1a:ed:25:74:dd:1d:ce:eb:90:12:
                    0a:d0:a8:72:0e:af:35:61:e4:77:a4:de:67:bc:38:
                    c5:45:64:70:30:7d:36:db:14:a1:17:77:45:fd:4c:
                    a7:8b:6a:1c:03:fe:9e:68:c0:35:7a:ea:b4:1d:8b:
                    0d:e1:fc:d6:60:b0:9d:7b:1a:2b:29:13:c0:7e:cb:
                    c4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:09:08:B7:6D:0E:14:0C:55:75:5B:D3:25:E6:23:FE:AD:EB:6A:B7
            X509v3 Authority Key Identifier:
                keyid:69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:ac:7f:76:9d:e2:a9:c4:89:f9:86:45:4b:46:2f:80:0b:52:
         c1:99:d8:39:c2:5e:86:49:ea:c8:4f:f2:64:b0:85:c7:7b:46:
         c2:3a:d8:f6:38:fe:bf:c2:e5:1a:78:1c:73:c1:36:1d:1a:be:
         f5:a4:b4:8c:69:f2:7b:16:76:70:18:0e:91:a3:23:a0:3b:d2:
         41:d6:57:6b:8c:42:17:b3:63:c9:66:ce:d6:46:c4:6a:2e:93:
         52:7e:81:73:e5:f8:10:cd:2c:a3:63:a3:1c:00:47:6b:56:cb:
         3c:e7:10:bf:35:db:c3:fc:c9:bf:e2:38:a2:0c:4c:fd:c9:57:
         f2:e5:94:02:ff:60:45:72:b8:25:b8:10:79:82:e1:70:34:00:
         b4:39:4b:52:b2:d3:72:43:78:be:81:4a:29:71:0f:45:d9:09:
         97:ef:22:3c:33:a7:74:53:05:60:27:61:d1:eb:21:30:2a:5e:
         f4:da:ee:73:8f:fe:37:09:be:c7:86:cf:59:7a:b8:ed:58:f1:
         83:25:c3:7b:b9:8e:c0:86:f0:71:b8:a9:c5:96:db:70:d2:e5:
         9a:58:6f:d0:73:f1:ea:26:07:de:ac:c9:d8:74:34:3d:77:69:
         4d:32:7d:53:47:1c:f1:6d:1e:83:e1:ba:f1:6a:fc:18:f0:0c:
         59:d9:72:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VHoFsxGA+z4ABNLhrHlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY3ZTUxYWI4MTU1NjdhZDY3Y2JiNWQxYjg4OTYzODM1
ZmE5ZjcwHhcNMjYwMzI5MTYwMTQ3WhcNMjYwMzMwMTYwMTQ3WjAzMTEwLwYDVQQD
Eyg1ZDA5MDhiNzZkMGUxNDBjNTU3NTViZDMyNWU2MjNmZWFkZWI2YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA1NOyOzxC5+zcqnjNfMF+lo+LuA
F+6gGz4idPgSPzqABJmir4NYTc7deQzHICMtz6GMSUXuks3I+7XFFi8TyFtsu4B+
T6FWXlcJ8fo2vv1tygjZrr118/QtSiAn+5pupLQFW4PsZjzw5SH6dArSRyDtRmRv
V43FAN/oeYDTR3vG52gDf0a7nBNwHC5YDN9bauATBBlA/3SPtGZMrWSR92r9xTMh
GACAP2vhOknqZn/HVJeX81sjuhrtJXTdHc7rkBIK0KhyDq81YeR3pN5nvDjFRWRw
MH022xShF3dF/Uyni2ocA/6eaMA1euq0HYsN4fzWYLCdexorKRPAfsvEgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0JCLdtDhQMVXVb0yXmI/6t62q3MB8GA1UdIwQY
MBaAFGlmflGrgVVnrWfLtdG4iWODX6n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzct
YTdlM2M2YTg5MmVjLzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzctYTdlM2M2YTg5MmVj
LzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApax/dp3i
qcSJ+YZFS0YvgAtSwZnYOcJehknqyE/yZLCFx3tGwjrY9jj+v8LlGngcc8E2HRq+
9aS0jGnyexZ2cBgOkaMjoDvSQdZXa4xCF7NjyWbO1kbEai6TUn6Bc+X4EM0so2Oj
HABHa1bLPOcQvzXbw/zJv+I4ogxM/clX8uWUAv9gRXK4JbgQeYLhcDQAtDlLUrLT
ckN4voFKKXEPRdkJl+8iPDOndFMFYCdh0eshMCpe9Nruc4/+Nwm+x4bPWXq47Vjx
gyXDe7mOwIbwcbipxZbbcNLlmlhv0HPx6iYH3qzJ2HQ0PXdpTTJ9U0cc8W0eg+G6
8Wr8GPAMWdlycA==
-----END CERTIFICATE-----