Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
File:                     aomTYnatLRhxB9-3QAeTADrBSac.mft (raw, json)
Hash identifier:          SMkqJyWoy9whlM8sAeGdNvXEzL6x+U8D6+tPpDdtkEM=
Subject key identifier:   A8:08:53:D6:19:88:D5:39:64:56:E5:44:C5:74:8D:F5:67:7C:63:1E
Authority key identifier: 6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7
Certificate issuer:       /CN=6a89936276ad2d187107dfb7400793003ac149a7
Certificate serial:       019D37C0144A243E072BCBFE222ADBA8B22A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
Manifest number:          181D
Signing time:             Sun 29 Mar 2026 04:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:28 +0000
Files and hashes:         1: aomTYnatLRhxB9-3QAeTADrBSac.crl (hash: O9EnZzi4XCAwszHErLIorsz9/nU3owRliaIrO/xpOPQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:14:4a:24:3e:07:2b:cb:fe:22:2a:db:a8:b2:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a89936276ad2d187107dfb7400793003ac149a7
        Validity
            Not Before: Mar 29 04:00:28 2026 GMT
            Not After : Mar 30 04:00:28 2026 GMT
        Subject: CN=a80853d61988d5396456e544c5748df5677c631e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8f:bb:c5:09:f8:b8:30:3b:48:76:99:cb:a0:
                    66:fb:b8:41:6a:8a:eb:2c:a8:da:b2:37:0f:a0:0f:
                    ed:d3:8f:ab:97:62:4e:1e:bf:ca:a1:ad:25:39:f2:
                    4c:fc:c5:fd:7e:d8:76:17:d8:6b:41:f2:92:e5:07:
                    17:92:3f:0d:4d:2f:f1:3d:a8:85:83:62:9f:aa:c4:
                    4f:ab:0f:11:1d:f4:72:87:99:57:48:03:45:c3:0b:
                    7d:ec:ee:a8:d9:f2:e2:87:f5:06:54:51:c6:24:f5:
                    4b:e6:44:43:d3:98:71:5e:ce:b2:86:0e:9c:70:b7:
                    7d:34:d4:f4:42:69:6a:1a:b4:b5:d2:de:01:66:62:
                    4e:1c:74:30:f1:16:cf:ed:df:0d:74:3e:0c:b8:4a:
                    98:0a:73:ae:07:3a:09:d3:9a:a0:1e:86:2e:16:83:
                    6e:b8:ce:00:d0:3e:24:e1:9b:46:9b:93:a9:be:3c:
                    e5:52:f2:5a:5d:7e:7d:63:dd:b2:f9:a8:3f:ad:c3:
                    6a:2c:18:0c:0c:d8:21:98:a5:11:13:5d:88:83:4a:
                    49:89:be:b4:ce:ea:4b:e2:78:6c:43:e7:66:98:59:
                    3a:63:31:26:b7:49:18:54:bc:bf:ee:cc:32:0c:0b:
                    63:93:99:f0:6f:ad:68:5b:32:a2:67:95:78:61:57:
                    e3:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:08:53:D6:19:88:D5:39:64:56:E5:44:C5:74:8D:F5:67:7C:63:1E
            X509v3 Authority Key Identifier:
                keyid:6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:01:43:3b:3c:a2:d2:b6:2b:60:74:62:93:fb:e4:04:73:a0:
         82:85:d8:ad:2a:6b:97:76:ff:5e:aa:64:ed:27:b8:7a:bf:c7:
         7f:3d:c0:06:40:fa:92:ba:52:86:6c:16:5f:5f:78:d5:c2:97:
         b7:85:dc:fb:d0:31:8c:05:d2:7e:6a:db:67:04:45:49:af:29:
         6d:bd:6a:af:e3:0a:93:d5:fa:32:53:9a:1d:8c:21:81:2a:fe:
         6e:7c:2e:e9:3c:92:62:a8:28:12:84:99:c0:e4:a9:5a:34:26:
         87:9d:f3:6a:33:25:b8:09:6d:b6:4e:97:67:25:f9:e3:6c:ee:
         4c:30:77:61:1f:26:9f:fd:d2:53:aa:ac:34:8a:bb:60:a1:46:
         d5:2c:88:b2:c4:b5:e0:bd:b5:b6:5f:da:32:e7:ce:d7:57:33:
         e2:d9:77:b7:8b:df:a6:c3:c1:3c:f8:94:b5:33:08:ff:c3:25:
         93:32:1a:f2:57:82:38:5c:9f:2c:5c:90:d1:41:02:65:5b:bc:
         6a:7d:fe:4b:4b:64:76:30:9a:0d:1d:5a:67:f1:ac:39:38:3a:
         9a:02:45:34:45:81:93:bc:36:0c:4d:fe:45:3c:87:95:91:c2:
         a1:d4:c8:c4:e6:76:9a:fa:f0:f6:cb:a3:df:6d:7f:85:f2:4f:
         9c:cb:ce:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wBRKJD4HK8v+IirbqLIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhODk5MzYyNzZhZDJkMTg3MTA3ZGZiNzQwMDc5MzAwM2Fj
MTQ5YTcwHhcNMjYwMzI5MDQwMDI4WhcNMjYwMzMwMDQwMDI4WjAzMTEwLwYDVQQD
EyhhODA4NTNkNjE5ODhkNTM5NjQ1NmU1NDRjNTc0OGRmNTY3N2M2MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY+7xQn4uDA7SHaZy6Bm+7hBaorr
LKjasjcPoA/t04+rl2JOHr/Koa0lOfJM/MX9fth2F9hrQfKS5QcXkj8NTS/xPaiF
g2KfqsRPqw8RHfRyh5lXSANFwwt97O6o2fLih/UGVFHGJPVL5kRD05hxXs6yhg6c
cLd9NNT0QmlqGrS10t4BZmJOHHQw8RbP7d8NdD4MuEqYCnOuBzoJ05qgHoYuFoNu
uM4A0D4k4ZtGm5OpvjzlUvJaXX59Y92y+ag/rcNqLBgMDNghmKURE12Ig0pJib60
zupL4nhsQ+dmmFk6YzEmt0kYVLy/7swyDAtjk5nwb61oWzKiZ5V4YVfjpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgIU9YZiNU5ZFblRMV0jfVnfGMeMB8GA1UdIwQY
MBaAFGqJk2J2rS0YcQfft0AHkwA6wUmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEt
NzNhN2E0NzM2MDM4LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEtNzNhN2E0NzM2MDM4
LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjAFDOzyi
0rYrYHRik/vkBHOggoXYrSprl3b/Xqpk7Se4er/Hfz3ABkD6krpShmwWX1941cKX
t4Xc+9AxjAXSfmrbZwRFSa8pbb1qr+MKk9X6MlOaHYwhgSr+bnwu6TySYqgoEoSZ
wOSpWjQmh53zajMluAlttk6XZyX542zuTDB3YR8mn/3SU6qsNIq7YKFG1SyIssS1
4L21tl/aMufO11cz4tl3t4vfpsPBPPiUtTMI/8MlkzIa8leCOFyfLFyQ0UECZVu8
an3+S0tkdjCaDR1aZ/GsOTg6mgJFNEWBk7w2DE3+RTyHlZHCodTIxOZ2mvrw9suj
321/hfJPnMvOIg==
-----END CERTIFICATE-----