Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          hhoWCUakQ0Bj2DIAbSC1yfCY4xqpHpRCjgmgxnzqGPo=
Subject key identifier:   13:22:82:8A:92:F6:DB:51:5F:4E:95:9C:0B:4C:7C:8D:51:74:BB:91
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       019D39AF033923D5823DAC2BFDD40B7F81DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          0E1A
Signing time:             Sun 29 Mar 2026 13:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:03 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: HhTWO15w3tBj70hYUpxcnjSa2ahsbwUj3eQx6VeazVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:03:39:23:d5:82:3d:ac:2b:fd:d4:0b:7f:81:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Mar 29 13:01:03 2026 GMT
            Not After : Mar 30 13:01:03 2026 GMT
        Subject: CN=1322828a92f6db515f4e959c0b4c7c8d5174bb91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:be:73:d5:9e:34:6f:bf:52:e3:69:34:e3:db:
                    a6:26:ce:25:59:60:91:c6:b0:42:31:54:ac:c4:73:
                    0e:4c:d6:0d:19:62:8d:97:ae:cd:b6:fd:1b:5f:5d:
                    a0:68:fc:5c:35:26:93:f9:77:af:86:03:a3:fb:1a:
                    a5:74:dd:57:cd:3d:ce:6b:5e:6e:b2:56:a3:e9:cb:
                    e6:16:f7:b7:4e:3c:ad:2e:1c:7e:bc:2f:74:de:10:
                    54:6f:3a:5a:62:79:70:e5:c5:dd:99:a4:d8:46:38:
                    f7:e5:29:ae:72:b0:26:4d:91:46:34:4d:f7:c0:99:
                    91:b0:21:85:4f:a9:28:5c:bf:58:9d:a9:38:0f:b3:
                    2f:eb:d7:f8:bd:ac:69:91:bd:04:48:8c:95:06:b4:
                    d3:ce:26:3b:a7:1d:ac:b3:91:cb:e9:92:c2:fc:12:
                    2f:88:a3:1e:d8:9d:cb:42:52:2d:d1:1c:be:0a:7d:
                    eb:74:0b:e0:3a:f5:79:e5:73:ed:45:66:bd:1e:9a:
                    f6:6d:18:b4:7f:e1:8c:55:40:fc:93:4d:97:80:f7:
                    91:f1:e7:49:9b:92:d0:d6:32:72:89:0c:9d:8e:0b:
                    ee:c7:95:ba:90:46:e4:5b:fa:14:d6:48:bc:2a:6c:
                    4a:ff:a3:a7:7a:a7:c6:1b:2d:80:eb:26:38:c5:6d:
                    34:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:22:82:8A:92:F6:DB:51:5F:4E:95:9C:0B:4C:7C:8D:51:74:BB:91
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:c1:4f:85:f2:1a:e8:5c:68:a9:ab:b0:bc:5a:cb:ab:13:b5:
         47:15:62:13:0c:94:ff:ab:b6:9a:b4:ce:0f:30:62:10:e8:44:
         f8:87:4f:dc:90:27:4d:ac:76:39:aa:56:18:51:35:08:bb:ee:
         39:3b:44:b3:ca:d2:16:99:f8:d1:66:b5:8b:d1:bb:56:3e:f9:
         04:6b:a2:d0:90:1f:a6:65:9d:12:90:60:38:59:f0:fb:42:a8:
         50:10:7e:43:c4:a6:b3:ce:0e:88:26:5e:ab:1d:e0:a6:a9:38:
         e5:d4:7d:af:d6:57:63:41:c5:cb:85:29:a1:c7:f3:c1:e6:84:
         ce:9b:0e:d6:1d:bf:c5:df:92:9f:f6:9b:44:19:60:a6:7a:ff:
         38:7e:8a:6a:b2:56:72:e3:7f:89:74:b6:92:72:05:a8:a0:97:
         71:d6:95:a0:f3:67:01:5b:6e:48:be:5d:57:2c:78:8d:c9:3a:
         44:b8:21:a7:8b:c8:84:e7:57:86:0d:ae:a5:49:83:d8:66:17:
         a8:15:fc:1d:2c:55:cd:41:8a:a9:3c:6c:d4:0d:89:35:69:87:
         16:69:d8:1b:39:15:3b:be:4f:a4:91:55:af:52:29:ee:3f:09:
         57:54:e6:3d:7d:9b:2e:9a:17:f4:63:6e:c3:2c:c5:52:91:db:
         db:16:60:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rwM5I9WCPawr/dQLf4HdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjYwMzI5MTMwMTAzWhcNMjYwMzMwMTMwMTAzWjAzMTEwLwYDVQQD
EygxMzIyODI4YTkyZjZkYjUxNWY0ZTk1OWMwYjRjN2M4ZDUxNzRiYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6r5z1Z40b79S42k049umJs4lWWCR
xrBCMVSsxHMOTNYNGWKNl67Ntv0bX12gaPxcNSaT+XevhgOj+xqldN1XzT3Oa15u
slaj6cvmFve3TjytLhx+vC903hBUbzpaYnlw5cXdmaTYRjj35SmucrAmTZFGNE33
wJmRsCGFT6koXL9Ynak4D7Mv69f4vaxpkb0ESIyVBrTTziY7px2ss5HL6ZLC/BIv
iKMe2J3LQlIt0Ry+Cn3rdAvgOvV55XPtRWa9Hpr2bRi0f+GMVUD8k02XgPeR8edJ
m5LQ1jJyiQydjgvux5W6kEbkW/oU1ki8KmxK/6OneqfGGy2A6yY4xW004QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMigoqS9ttRX06VnAtMfI1RdLuRMB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMFPhfIa
6FxoqauwvFrLqxO1RxViEwyU/6u2mrTODzBiEOhE+IdP3JAnTax2OapWGFE1CLvu
OTtEs8rSFpn40Wa1i9G7Vj75BGui0JAfpmWdEpBgOFnw+0KoUBB+Q8Sms84OiCZe
qx3gpqk45dR9r9ZXY0HFy4UpocfzweaEzpsO1h2/xd+Sn/abRBlgpnr/OH6KarJW
cuN/iXS2knIFqKCXcdaVoPNnAVtuSL5dVyx4jck6RLghp4vIhOdXhg2upUmD2GYX
qBX8HSxVzUGKqTxs1A2JNWmHFmnYGzkVO75PpJFVr1Ip7j8JV1TmPX2bLpoX9GNu
wyzFUpHb2xZgEw==
-----END CERTIFICATE-----