Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          UZgOHXn/j7WzCxnpzjF4LNL4Mx1Nxuv043i9AVXFyW8=
Subject key identifier:   1D:90:8E:E0:46:13:9A:67:33:7C:35:CC:F2:09:68:4F:5F:96:65:15
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       019D3909F5B981FF2F923A32D4E0649003DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          0938
Signing time:             Sun 29 Mar 2026 10:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:47 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: Lw/qCtvTuPugYdaUvG7E7TSSzssdyVoP0xhJ7HXOZNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:f5:b9:81:ff:2f:92:3a:32:d4:e0:64:90:03:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Mar 29 10:00:47 2026 GMT
            Not After : Mar 30 10:00:47 2026 GMT
        Subject: CN=1d908ee046139a67337c35ccf209684f5f966515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:54:43:6f:ce:71:65:3d:42:e7:3f:1a:b8:b2:
                    70:ec:45:33:b0:3a:c3:4f:2e:a1:c1:6e:8a:bb:9a:
                    39:71:e0:aa:bd:03:dd:b5:07:4e:f0:c7:d2:3f:1a:
                    63:b1:3e:3b:31:2e:35:f1:a0:0a:8c:03:5a:64:f4:
                    e8:3a:8e:e4:92:47:25:a5:b5:70:dc:45:38:0c:7b:
                    43:3e:71:e3:ee:12:21:0f:60:93:65:72:cc:f3:fe:
                    c9:0d:67:1d:40:83:77:cb:7d:26:da:f7:de:3b:0f:
                    8e:0c:25:9f:98:b0:6f:f6:be:ed:eb:8b:58:1c:81:
                    97:d9:5c:c7:9d:86:dc:5b:c6:af:60:fd:ec:29:bc:
                    17:10:84:e4:45:ef:63:87:0a:1b:2b:0e:00:2d:de:
                    97:76:d9:2b:27:78:da:08:72:e0:bf:d2:4b:2e:84:
                    67:51:57:99:1c:7c:3d:32:37:fd:af:57:10:36:1a:
                    be:fb:cb:24:d1:7d:eb:7c:a3:cb:c9:b3:95:6f:c4:
                    38:7d:04:2c:b5:05:e1:e5:37:d0:a0:89:4c:51:f5:
                    16:47:ee:b1:eb:7e:8d:7b:3e:71:72:8a:c9:76:ec:
                    bf:ca:7c:89:6f:51:1e:23:9d:c2:38:4f:d5:84:9d:
                    96:1a:e3:a5:65:7c:ef:f8:e1:33:42:19:a9:c7:3d:
                    13:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:90:8E:E0:46:13:9A:67:33:7C:35:CC:F2:09:68:4F:5F:96:65:15
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:25:5c:d7:98:5c:81:30:e7:9f:2a:35:a0:8d:4f:94:60:fb:
         00:44:0d:f8:9e:96:37:54:49:a0:b8:ab:e7:23:35:4f:56:12:
         a6:c7:34:d1:79:4b:e2:bd:ca:10:e2:64:64:f7:84:27:4f:27:
         85:31:59:96:01:1d:37:ec:b9:29:00:b9:3e:31:fb:50:68:62:
         cc:24:46:90:6c:b1:a4:d1:df:f9:45:eb:e5:f7:9a:78:9c:f8:
         4b:0a:57:c9:35:5d:ef:b9:ad:a8:9a:c4:59:18:79:cb:bb:c0:
         87:81:26:c4:0f:e2:fb:b7:97:26:0b:2d:52:36:74:ff:d8:c3:
         ad:21:82:96:9e:80:dc:95:bc:5f:f2:9d:b5:30:78:82:36:10:
         22:17:25:fc:c2:f6:47:75:90:ec:f4:7b:20:68:6e:49:df:02:
         41:8f:88:22:b8:aa:02:d2:4d:74:15:6b:0d:ef:91:81:e5:d9:
         fa:1e:fe:10:d1:9b:e7:3f:60:af:bf:7b:5b:63:44:fb:cd:ab:
         d9:e1:90:1a:4f:a9:c5:24:3e:1f:00:b7:db:94:12:0d:20:4f:
         b9:08:8a:1a:71:40:af:ba:dd:96:e8:bf:38:6d:3a:b1:c0:a8:
         52:4f:80:cd:b3:19:4b:2a:27:77:28:b2:b1:a8:b9:d0:2e:26:
         74:2e:e8:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CfW5gf8vkjoy1OBkkAPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjYwMzI5MTAwMDQ3WhcNMjYwMzMwMTAwMDQ3WjAzMTEwLwYDVQQD
EygxZDkwOGVlMDQ2MTM5YTY3MzM3YzM1Y2NmMjA5Njg0ZjVmOTY2NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVRDb85xZT1C5z8auLJw7EUzsDrD
Ty6hwW6Ku5o5ceCqvQPdtQdO8MfSPxpjsT47MS418aAKjANaZPToOo7kkkclpbVw
3EU4DHtDPnHj7hIhD2CTZXLM8/7JDWcdQIN3y30m2vfeOw+ODCWfmLBv9r7t64tY
HIGX2VzHnYbcW8avYP3sKbwXEITkRe9jhwobKw4ALd6XdtkrJ3jaCHLgv9JLLoRn
UVeZHHw9Mjf9r1cQNhq++8sk0X3rfKPLybOVb8Q4fQQstQXh5TfQoIlMUfUWR+6x
636Nez5xcorJduy/ynyJb1EeI53COE/VhJ2WGuOlZXzv+OEzQhmpxz0TWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2QjuBGE5pnM3w1zPIJaE9flmUVMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSVc15hc
gTDnnyo1oI1PlGD7AEQN+J6WN1RJoLir5yM1T1YSpsc00XlL4r3KEOJkZPeEJ08n
hTFZlgEdN+y5KQC5PjH7UGhizCRGkGyxpNHf+UXr5feaeJz4SwpXyTVd77mtqJrE
WRh5y7vAh4EmxA/i+7eXJgstUjZ0/9jDrSGClp6A3JW8X/KdtTB4gjYQIhcl/ML2
R3WQ7PR7IGhuSd8CQY+IIriqAtJNdBVrDe+RgeXZ+h7+ENGb5z9gr797W2NE+82r
2eGQGk+pxSQ+HwC325QSDSBPuQiKGnFAr7rdlui/OG06scCoUk+AzbMZSyondyiy
sai50C4mdC7oLg==
-----END CERTIFICATE-----