Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          hwSc8gOKuNAs6mv944XER1wKPpLr6udbO7LIVpCRFNk=
Subject key identifier:   26:E1:F5:88:67:62:25:EB:5B:B9:70:86:43:27:34:6C:4C:AD:FD:6D
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       019D37C0263217A3BF9896FD2429CAF69D53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          1452
Signing time:             Sun 29 Mar 2026 04:00:32 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:32 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:32 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: gme8bVhPR/cznDjkwDQjeneWf2h1XqR7f6fvRYCIG0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:26:32:17:a3:bf:98:96:fd:24:29:ca:f6:9d:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Mar 29 04:00:32 2026 GMT
            Not After : Mar 30 04:00:32 2026 GMT
        Subject: CN=26e1f588676225eb5bb970864327346c4cadfd6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:1c:fc:c7:29:94:5f:95:9b:b2:09:b2:61:8e:
                    ba:8f:de:01:5d:66:8e:ca:e2:6d:84:dc:2d:86:a4:
                    d1:1d:fa:40:3e:3b:6f:be:d9:87:a7:1e:93:d4:e6:
                    75:89:c2:24:96:79:1b:66:00:3f:50:54:61:b5:43:
                    99:cb:3b:75:17:f0:a0:31:47:7d:ce:ef:cd:c4:4c:
                    29:4e:5f:81:60:3e:c2:4b:20:8d:6f:22:8d:97:31:
                    1e:72:3d:3c:00:80:30:65:7f:54:98:4d:0e:01:a0:
                    d9:df:66:4d:84:9c:48:53:70:b3:47:1d:9d:39:16:
                    ed:09:17:c8:58:7c:41:a1:0e:f9:91:12:0b:7d:1f:
                    1a:55:16:2d:80:21:ab:80:10:45:95:2b:42:d7:1f:
                    be:24:71:c8:d4:34:cc:d8:ba:f6:fc:21:d7:ce:73:
                    18:bf:fe:37:d5:4e:ed:91:80:a3:2a:9c:c9:6e:85:
                    35:2f:33:b4:b4:b4:dd:63:4e:33:bf:71:8b:3c:72:
                    bc:73:a9:cf:fe:50:fb:46:38:f8:da:3d:68:c1:d2:
                    c3:af:40:fe:85:7a:78:b7:4a:47:6f:87:72:fd:e9:
                    de:b3:1b:05:77:6e:a3:e0:ed:59:77:73:a8:67:c1:
                    81:38:74:64:15:32:32:44:94:1f:65:a2:13:d3:eb:
                    1b:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:E1:F5:88:67:62:25:EB:5B:B9:70:86:43:27:34:6C:4C:AD:FD:6D
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:ea:72:28:0a:e2:ba:51:a4:52:f5:c0:9e:6d:db:fd:07:96:
         e7:31:90:0d:8a:18:97:55:b9:fa:90:9d:01:58:67:91:88:20:
         3c:c1:b2:04:10:b4:40:dc:29:e2:f8:38:7e:0c:ac:78:2f:f2:
         0b:3d:71:93:6c:63:bf:b2:3c:0f:d0:e6:3b:0e:e7:00:a7:bb:
         52:84:3d:27:68:c7:aa:19:e5:7e:ea:f9:39:6c:01:ba:15:4b:
         f5:4e:25:42:1a:e6:1c:2f:79:60:05:b6:e4:a4:87:03:61:6c:
         21:85:33:42:41:b6:70:80:65:da:62:7b:a8:c4:7b:5d:c8:53:
         2e:a3:67:c4:16:bc:ef:73:45:27:e1:4c:7c:13:7a:bf:33:c4:
         74:4b:2a:68:0d:6d:33:fd:4b:73:21:19:f6:ac:70:4a:c2:71:
         4f:fe:93:27:30:68:f8:bb:09:7d:92:97:53:d1:63:d8:7d:2d:
         cb:a9:76:5b:e4:56:a9:39:a9:11:97:77:16:df:75:41:f0:83:
         e2:42:76:e8:ba:48:6b:e6:f3:75:27:52:aa:9e:80:c9:5a:53:
         48:37:00:d5:1b:b0:71:51:37:3e:01:13:82:56:c4:ec:38:24:
         c8:c1:e2:7c:a0:d5:21:7f:55:57:6f:ec:0d:0b:89:d9:5f:88:
         8b:a1:78:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wCYyF6O/mJb9JCnK9p1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjYwMzI5MDQwMDMyWhcNMjYwMzMwMDQwMDMyWjAzMTEwLwYDVQQD
EygyNmUxZjU4ODY3NjIyNWViNWJiOTcwODY0MzI3MzQ2YzRjYWRmZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Rz8xymUX5WbsgmyYY66j94BXWaO
yuJthNwthqTRHfpAPjtvvtmHpx6T1OZ1icIklnkbZgA/UFRhtUOZyzt1F/CgMUd9
zu/NxEwpTl+BYD7CSyCNbyKNlzEecj08AIAwZX9UmE0OAaDZ32ZNhJxIU3CzRx2d
ORbtCRfIWHxBoQ75kRILfR8aVRYtgCGrgBBFlStC1x++JHHI1DTM2Lr2/CHXznMY
v/431U7tkYCjKpzJboU1LzO0tLTdY04zv3GLPHK8c6nP/lD7Rjj42j1owdLDr0D+
hXp4t0pHb4dy/enesxsFd26j4O1Zd3OoZ8GBOHRkFTIyRJQfZaIT0+sblwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbh9YhnYiXrW7lwhkMnNGxMrf1tMB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+pyKAri
ulGkUvXAnm3b/QeW5zGQDYoYl1W5+pCdAVhnkYggPMGyBBC0QNwp4vg4fgyseC/y
Cz1xk2xjv7I8D9DmOw7nAKe7UoQ9J2jHqhnlfur5OWwBuhVL9U4lQhrmHC95YAW2
5KSHA2FsIYUzQkG2cIBl2mJ7qMR7XchTLqNnxBa873NFJ+FMfBN6vzPEdEsqaA1t
M/1LcyEZ9qxwSsJxT/6TJzBo+LsJfZKXU9Fj2H0ty6l2W+RWqTmpEZd3Ft91QfCD
4kJ26LpIa+bzdSdSqp6AyVpTSDcA1RuwcVE3PgETglbE7DgkyMHifKDVIX9VV2/s
DQuJ2V+Ii6F4hg==
-----END CERTIFICATE-----