Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft
File:                     aDjl4BZgX27c1MlhwZys9YFMeKM.mft (raw, json)
Hash identifier:          daKPUmz8nT+CnoB5lXd+JZSN4onzj/81A5puTvaHemg=
Subject key identifier:   12:29:54:DA:3A:5C:06:C4:4B:99:8F:71:CF:BB:B6:8E:A3:E5:56:30
Authority key identifier: 68:38:E5:E0:16:60:5F:6E:DC:D4:C9:61:C1:9C:AC:F5:81:4C:78:A3
Certificate issuer:       /CN=6838e5e016605f6edcd4c961c19cacf5814c78a3
Certificate serial:       019D390A272EAF069D1AEAA2049C5D004139
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDjl4BZgX27c1MlhwZys9YFMeKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft
Manifest number:          12CB
Signing time:             Sun 29 Mar 2026 10:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:59 +0000
Files and hashes:         1: aDjl4BZgX27c1MlhwZys9YFMeKM.crl (hash: aqV+h2Xu7acf4cW+fYRMkmWbpeECU+9heYQDR8o8C9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aDjl4BZgX27c1MlhwZys9YFMeKM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:27:2e:af:06:9d:1a:ea:a2:04:9c:5d:00:41:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6838e5e016605f6edcd4c961c19cacf5814c78a3
        Validity
            Not Before: Mar 29 10:00:59 2026 GMT
            Not After : Mar 30 10:00:59 2026 GMT
        Subject: CN=122954da3a5c06c44b998f71cfbbb68ea3e55630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0d:ca:48:a4:ff:31:ec:cd:6b:b4:fd:b0:f7:
                    e1:15:af:21:f5:f4:1b:1b:1e:de:ef:97:ee:7a:80:
                    b1:36:4f:cd:a6:28:dc:19:4a:f2:d4:44:36:7f:15:
                    a5:4c:5c:c5:83:ff:19:58:6f:e3:90:7b:63:8f:20:
                    45:66:58:56:b8:7e:9c:c3:a1:c9:1e:21:57:33:97:
                    10:f2:c3:9c:b7:eb:7f:2b:0e:5d:a3:e4:c1:cc:c7:
                    f9:7b:1d:a5:a1:e0:57:75:ce:53:22:7f:6b:29:a5:
                    88:31:ac:8c:66:54:48:66:31:be:8c:c2:a7:c2:c5:
                    fc:9d:c5:99:2d:e3:81:75:c6:d1:05:b8:05:24:da:
                    a0:ad:dd:55:58:39:e9:75:71:19:a6:a3:ad:69:6f:
                    6d:6a:af:f0:61:bf:7f:75:3b:9f:da:bd:c4:fb:0c:
                    3d:59:a0:40:3e:6c:c8:4c:4e:43:9c:ae:53:65:c0:
                    5d:a7:35:6e:d5:eb:31:50:41:92:48:fe:2d:a4:ca:
                    91:91:e8:74:7d:fe:c2:0d:a9:78:01:81:50:28:03:
                    78:55:f4:5d:d5:98:1e:91:29:9f:20:41:3c:72:19:
                    a3:67:a1:1c:37:24:1c:c6:57:21:5d:fe:88:a5:b1:
                    bc:8c:d5:d6:76:46:70:26:f8:c5:69:1f:2b:9d:82:
                    35:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:29:54:DA:3A:5C:06:C4:4B:99:8F:71:CF:BB:B6:8E:A3:E5:56:30
            X509v3 Authority Key Identifier:
                keyid:68:38:E5:E0:16:60:5F:6E:DC:D4:C9:61:C1:9C:AC:F5:81:4C:78:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDjl4BZgX27c1MlhwZys9YFMeKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:83:ac:c7:c3:8d:2d:b7:28:63:25:36:c5:8b:a3:3d:c2:c1:
         5d:f5:8b:13:cb:ad:07:f9:e7:48:f0:0d:fa:ad:a5:75:a3:cd:
         b2:b8:38:78:c7:64:3b:42:7c:c6:37:ad:77:ac:0b:5d:74:cc:
         49:e4:e3:98:cb:91:82:ad:70:00:46:6d:42:82:f2:ed:70:1d:
         d9:f5:22:48:1b:83:21:c9:41:2f:05:d8:de:8d:df:89:2d:c9:
         83:96:2c:fd:df:44:eb:5c:98:35:96:51:07:39:b0:f1:17:7c:
         5b:bb:37:ad:4a:0f:e2:dc:e5:e8:45:67:41:9e:79:91:69:90:
         65:67:c4:c8:44:cb:04:1d:59:f4:f2:ff:78:b1:e0:d1:2a:01:
         10:46:73:ec:32:c3:e0:e0:d2:84:dd:a0:02:87:bc:04:67:5c:
         97:8d:ff:d0:22:87:83:de:9e:c1:c9:6e:00:85:59:ba:dc:f4:
         7d:5e:c5:51:65:57:b8:84:bd:a6:02:7b:0c:9c:07:f6:27:64:
         e2:e3:0e:63:b9:bb:a1:99:29:f5:71:67:00:f4:03:17:69:74:
         a3:c6:3c:8f:08:c3:dd:5b:7d:d2:32:c3:32:ca:6e:7c:bd:41:
         40:ff:4a:7f:1c:65:1c:cd:1e:95:ad:25:0f:fb:06:8f:60:c6:
         75:7b:6c:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CicurwadGuqiBJxdAEE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzhlNWUwMTY2MDVmNmVkY2Q0Yzk2MWMxOWNhY2Y1ODE0
Yzc4YTMwHhcNMjYwMzI5MTAwMDU5WhcNMjYwMzMwMTAwMDU5WjAzMTEwLwYDVQQD
EygxMjI5NTRkYTNhNWMwNmM0NGI5OThmNzFjZmJiYjY4ZWEzZTU1NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA3KSKT/MezNa7T9sPfhFa8h9fQb
Gx7e75fueoCxNk/NpijcGUry1EQ2fxWlTFzFg/8ZWG/jkHtjjyBFZlhWuH6cw6HJ
HiFXM5cQ8sOct+t/Kw5do+TBzMf5ex2loeBXdc5TIn9rKaWIMayMZlRIZjG+jMKn
wsX8ncWZLeOBdcbRBbgFJNqgrd1VWDnpdXEZpqOtaW9taq/wYb9/dTuf2r3E+ww9
WaBAPmzITE5DnK5TZcBdpzVu1esxUEGSSP4tpMqRkeh0ff7CDal4AYFQKAN4VfRd
1ZgekSmfIEE8chmjZ6EcNyQcxlchXf6IpbG8jNXWdkZwJvjFaR8rnYI1ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIpVNo6XAbES5mPcc+7to6j5VYwMB8GA1UdIwQY
MBaAFGg45eAWYF9u3NTJYcGcrPWBTHijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURqbDRCWmdYMjdjMU1saHdaeXM5WUZNZUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83N2YxOTQtZmY1Zi00YTIzLWI4ODIt
ZjRjYzI1YTU0NTNmLzEvYURqbDRCWmdYMjdjMU1saHdaeXM5WUZNZUtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83N2YxOTQtZmY1Zi00YTIzLWI4ODItZjRjYzI1YTU0NTNm
LzEvYURqbDRCWmdYMjdjMU1saHdaeXM5WUZNZUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANoOsx8ON
LbcoYyU2xYujPcLBXfWLE8utB/nnSPAN+q2ldaPNsrg4eMdkO0J8xjetd6wLXXTM
SeTjmMuRgq1wAEZtQoLy7XAd2fUiSBuDIclBLwXY3o3fiS3Jg5Ys/d9E61yYNZZR
Bzmw8Rd8W7s3rUoP4tzl6EVnQZ55kWmQZWfEyETLBB1Z9PL/eLHg0SoBEEZz7DLD
4ODShN2gAoe8BGdcl43/0CKHg96ewcluAIVZutz0fV7FUWVXuIS9pgJ7DJwH9idk
4uMOY7m7oZkp9XFnAPQDF2l0o8Y8jwjD3Vt90jLDMspufL1BQP9KfxxlHM0ela0l
D/sGj2DGdXtsMA==
-----END CERTIFICATE-----