Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          p7NKZZnq65zXt2Xsa5cEcmRDT/72WLn8smZCXM51Rvs=
Subject key identifier:   AB:60:AA:13:6F:A9:4C:BB:35:E1:3D:E5:03:31:9C:F8:E9:4A:44:86
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       019D390A0E50F4E90CFC07D34FB4EC688BBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          07EE
Signing time:             Sun 29 Mar 2026 10:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:53 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: +LpiIMZUAlpOZUcUckK5SBs+X5cDQd8bi6YxXDdnTwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:0e:50:f4:e9:0c:fc:07:d3:4f:b4:ec:68:8b:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Mar 29 10:00:53 2026 GMT
            Not After : Mar 30 10:00:53 2026 GMT
        Subject: CN=ab60aa136fa94cbb35e13de503319cf8e94a4486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:17:3a:b4:e7:bc:a6:95:42:fd:91:84:a8:7e:
                    02:f9:a8:c1:f6:59:81:f4:01:a5:c9:b9:51:ec:5e:
                    45:2f:2a:27:c9:8b:6a:91:f4:ad:ea:21:d1:0f:d8:
                    3d:7c:3b:92:09:5f:f7:5f:db:6d:51:c3:a8:e6:62:
                    1b:ec:05:f4:76:3e:e0:dd:59:a1:5d:3e:c1:ea:a0:
                    f8:d9:aa:3a:12:01:e9:c0:6c:6a:be:36:d2:cb:61:
                    8d:24:62:29:f8:fd:ef:79:ce:75:8f:74:63:4b:28:
                    6c:0b:c4:bc:ca:79:5a:5d:a9:aa:8b:91:63:5c:67:
                    fe:fc:11:a0:4b:31:49:01:3e:9b:dc:8d:38:e7:3b:
                    a5:52:54:95:0d:21:b1:e1:96:94:97:42:a0:43:86:
                    3b:d3:a8:ff:f6:66:df:24:2c:e2:4b:2e:02:30:98:
                    dc:9a:0b:35:a0:72:dc:ce:06:18:b0:9e:c2:3b:2e:
                    54:40:83:85:85:bf:e1:b0:59:29:34:08:bc:68:a7:
                    b5:e5:1e:92:34:cf:8f:26:2c:f1:e1:4c:5a:e4:bc:
                    3f:1e:1d:2e:bc:de:0f:35:10:ec:c3:e0:8f:30:58:
                    10:76:e8:e6:7d:e9:cf:a0:09:75:b8:69:b3:02:81:
                    c4:4d:5f:ec:b2:75:92:5f:f8:59:01:82:f3:66:6f:
                    7e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:60:AA:13:6F:A9:4C:BB:35:E1:3D:E5:03:31:9C:F8:E9:4A:44:86
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:14:3c:33:d7:b2:cc:64:d3:1a:69:be:b1:dd:9f:11:7e:5c:
         d5:4f:0a:80:09:fc:12:31:62:da:92:ef:f3:26:4d:23:0f:a9:
         d6:9f:1c:8a:97:29:e1:bf:be:e9:ab:5c:6a:7f:f3:f3:b4:6b:
         79:f2:40:14:1d:d9:93:36:10:df:ff:9d:78:d2:91:c6:ae:a8:
         2d:e8:25:a4:a4:0e:21:97:75:c8:0d:e1:f4:83:7a:1b:7a:8c:
         c3:52:07:d6:d8:73:97:e7:60:d7:d4:08:e7:52:73:6b:88:ff:
         6e:db:76:7a:2b:ec:c1:db:1d:11:91:00:cb:91:c0:a1:f2:3c:
         48:fc:13:eb:93:c9:74:ed:08:46:39:f3:e2:5a:c4:09:73:1f:
         25:28:31:01:c1:cc:e8:97:ce:d4:10:a0:30:9f:be:00:21:a2:
         52:ac:3b:67:96:1a:5b:ea:95:56:3c:67:97:b8:bf:16:e7:e7:
         4a:d7:1c:ea:b4:ef:1c:dc:91:91:79:16:4a:e9:3d:ba:75:72:
         59:d3:53:92:d6:b7:9c:eb:48:cd:9d:a6:ce:44:86:75:5c:96:
         af:6f:fd:19:1a:09:07:1d:52:15:c4:6b:2c:3e:e1:82:68:55:
         b8:63:c3:a0:ed:88:b9:28:2a:ad:b1:9d:35:c4:5d:8e:04:01:
         63:82:14:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cg5Q9OkM/AfTT7TsaIu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjYwMzI5MTAwMDUzWhcNMjYwMzMwMTAwMDUzWjAzMTEwLwYDVQQD
EyhhYjYwYWExMzZmYTk0Y2JiMzVlMTNkZTUwMzMxOWNmOGU5NGE0NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxc6tOe8ppVC/ZGEqH4C+ajB9lmB
9AGlyblR7F5FLyonyYtqkfSt6iHRD9g9fDuSCV/3X9ttUcOo5mIb7AX0dj7g3Vmh
XT7B6qD42ao6EgHpwGxqvjbSy2GNJGIp+P3vec51j3RjSyhsC8S8ynlaXamqi5Fj
XGf+/BGgSzFJAT6b3I045zulUlSVDSGx4ZaUl0KgQ4Y706j/9mbfJCziSy4CMJjc
mgs1oHLczgYYsJ7COy5UQIOFhb/hsFkpNAi8aKe15R6SNM+PJizx4Uxa5Lw/Hh0u
vN4PNRDsw+CPMFgQdujmfenPoAl1uGmzAoHETV/ssnWSX/hZAYLzZm9+pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtgqhNvqUy7NeE95QMxnPjpSkSGMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBQ8M9ey
zGTTGmm+sd2fEX5c1U8KgAn8EjFi2pLv8yZNIw+p1p8cipcp4b++6atcan/z87Rr
efJAFB3ZkzYQ3/+deNKRxq6oLeglpKQOIZd1yA3h9IN6G3qMw1IH1thzl+dg19QI
51Jza4j/btt2eivswdsdEZEAy5HAofI8SPwT65PJdO0IRjnz4lrECXMfJSgxAcHM
6JfO1BCgMJ++ACGiUqw7Z5YaW+qVVjxnl7i/FufnStcc6rTvHNyRkXkWSuk9unVy
WdNTkta3nOtIzZ2mzkSGdVyWr2/9GRoJBx1SFcRrLD7hgmhVuGPDoO2IuSgqrbGd
NcRdjgQBY4IUNw==
-----END CERTIFICATE-----