Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File:                     9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier:          ZZPniWeMmBtlBMJqUf9SDBQbCYcMK057T6bA7340yKk=
Subject key identifier:   FF:3E:72:A4:CC:4A:79:AA:AE:1C:6C:3F:20:AC:9A:E7:09:80:F9:DA
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer:       /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial:       019DCE992CF19292E75140C0B9B0EE38F51E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number:          062A
Signing time:             Mon 27 Apr 2026 11:00:38 +0000
Manifest this update:     Mon 27 Apr 2026 11:00:38 +0000
Manifest next update:     Tue 28 Apr 2026 11:00:38 +0000
Files and hashes:         1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: TgTGQ0+sWTzvwmgS952yf7aXboxPnsyl/Lhot+B0AqQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 11:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:ce:99:2c:f1:92:92:e7:51:40:c0:b9:b0:ee:38:f5:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
        Validity
            Not Before: Apr 27 11:00:38 2026 GMT
            Not After : Apr 28 11:00:38 2026 GMT
        Subject: CN=ff3e72a4cc4a79aaae1c6c3f20ac9ae70980f9da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:61:a8:df:5b:7a:01:03:10:d6:ef:c2:17:60:
                    bb:ba:cf:22:5d:8f:fe:ac:79:68:dd:e8:56:99:d3:
                    4e:82:e4:a6:81:e0:da:3d:74:eb:5b:19:d5:15:11:
                    f2:34:aa:b4:a9:ad:54:0b:bc:2c:60:46:62:7c:b6:
                    92:54:ae:b1:f0:53:03:4c:8e:81:97:c8:92:e1:b5:
                    85:9c:41:c6:73:77:26:a2:ca:fc:2b:df:76:76:94:
                    f4:9c:14:97:62:49:48:89:bc:c0:1a:71:68:d6:5d:
                    4b:0e:5c:91:4a:09:22:96:7d:9b:8f:04:fd:8d:f9:
                    b7:d3:87:71:77:66:e6:4e:cc:87:5b:fd:8d:bf:9e:
                    0c:19:8c:b8:a9:2e:bc:31:3f:c6:8a:98:45:39:6b:
                    6d:cb:e8:d5:5c:7d:95:e4:82:53:50:8f:67:ac:95:
                    89:a0:dc:4e:3a:fe:52:a1:d3:fb:10:06:c6:84:c6:
                    b0:b8:ce:80:33:9b:20:7e:62:a1:55:5a:06:6c:8d:
                    5c:51:db:5d:a0:61:41:6e:f7:d9:3a:cd:2b:a9:20:
                    85:a5:aa:61:4f:81:bb:e6:4d:ff:45:85:f9:51:d5:
                    ec:80:ea:51:42:d9:02:b7:cd:d5:29:85:d5:1a:c7:
                    0a:ad:cf:c4:8d:99:64:92:ae:87:c6:a6:ba:1c:70:
                    e2:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:3E:72:A4:CC:4A:79:AA:AE:1C:6C:3F:20:AC:9A:E7:09:80:F9:DA
            X509v3 Authority Key Identifier:
                keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:e7:4a:df:9c:12:76:dd:15:14:24:fc:79:b8:86:a9:a0:b1:
         81:6b:68:9a:81:4b:7d:fe:61:71:ad:9f:fa:12:27:dd:e8:85:
         da:fd:30:b8:ec:34:1f:44:05:dc:02:28:d9:04:c7:9e:d0:d6:
         b7:d8:a9:b2:fc:d0:41:c0:0e:cb:55:14:cd:de:f6:88:b0:70:
         be:2f:08:77:24:11:24:68:fe:38:d1:78:fa:95:10:ec:f8:1d:
         6d:6f:86:9b:f8:fd:0c:df:4d:eb:e4:f8:fa:8d:5f:d5:18:b2:
         5f:5e:a6:38:76:62:bc:a1:78:df:35:67:46:3e:2f:33:1d:8e:
         de:23:bb:76:0a:25:37:3b:d7:b8:0b:3d:1b:49:73:da:db:5e:
         ed:11:17:ce:36:41:df:b6:75:0d:66:af:04:74:fc:bb:df:d3:
         c5:be:36:8c:08:0f:12:b4:7d:ce:bc:53:f3:2e:ac:30:c5:70:
         96:e4:9a:30:e0:2d:d8:12:e9:c4:c3:e6:43:05:e4:1e:2d:22:
         5b:81:c8:9c:29:b3:cc:25:2a:4f:29:af:ed:31:7b:2d:fc:e2:
         79:c0:30:0f:1a:b3:85:29:09:d8:ab:cb:84:28:ae:c6:04:d8:
         39:76:81:39:47:d5:9e:41:78:b0:6d:86:b4:b1:8c:38:13:85:
         c2:e0:d5:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OmSzxkpLnUUDAubDuOPUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjYwNDI3MTEwMDM4WhcNMjYwNDI4MTEwMDM4WjAzMTEwLwYDVQQD
EyhmZjNlNzJhNGNjNGE3OWFhYWUxYzZjM2YyMGFjOWFlNzA5ODBmOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGGo31t6AQMQ1u/CF2C7us8iXY/+
rHlo3ehWmdNOguSmgeDaPXTrWxnVFRHyNKq0qa1UC7wsYEZifLaSVK6x8FMDTI6B
l8iS4bWFnEHGc3cmosr8K992dpT0nBSXYklIibzAGnFo1l1LDlyRSgkiln2bjwT9
jfm304dxd2bmTsyHW/2Nv54MGYy4qS68MT/GiphFOWtty+jVXH2V5IJTUI9nrJWJ
oNxOOv5SodP7EAbGhMawuM6AM5sgfmKhVVoGbI1cUdtdoGFBbvfZOs0rqSCFpaph
T4G75k3/RYX5UdXsgOpRQtkCt83VKYXVGscKrc/EjZlkkq6Hxqa6HHDicwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8+cqTMSnmqrhxsPyCsmucJgPnaMB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPudK35wS
dt0VFCT8ebiGqaCxgWtomoFLff5hca2f+hIn3eiF2v0wuOw0H0QF3AIo2QTHntDW
t9ipsvzQQcAOy1UUzd72iLBwvi8IdyQRJGj+ONF4+pUQ7PgdbW+Gm/j9DN9N6+T4
+o1f1RiyX16mOHZivKF43zVnRj4vMx2O3iO7dgolNzvXuAs9G0lz2tte7REXzjZB
37Z1DWavBHT8u9/Txb42jAgPErR9zrxT8y6sMMVwluSaMOAt2BLpxMPmQwXkHi0i
W4HInCmzzCUqTymv7TF7LfziecAwDxqzhSkJ2KvLhCiuxgTYOXaBOUfVnkF4sG2G
tLGMOBOFwuDVhg==
-----END CERTIFICATE-----