Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          zwR7twNnMS85XOrdyYSwPSwegHhmraqP7+e+PfsCcSc=
Subject key identifier:   96:92:44:D1:4F:9B:C7:54:11:9E:BB:B1:9B:A4:82:58:22:A0:E6:9C
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       019D3A5479E7CD99D239E00A9808B7971382
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          103B
Signing time:             Sun 29 Mar 2026 16:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:47 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: wvCBGAMwbzODkCw40ZKt1J4rr6cEercAejOzjocbyKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:79:e7:cd:99:d2:39:e0:0a:98:08:b7:97:13:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Mar 29 16:01:47 2026 GMT
            Not After : Mar 30 16:01:47 2026 GMT
        Subject: CN=969244d14f9bc754119ebbb19ba4825822a0e69c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d0:86:d5:1d:7f:d8:f7:af:b5:86:be:e4:37:
                    90:80:3c:91:ef:28:e4:50:97:87:f9:9c:9f:20:7f:
                    77:13:27:6d:87:58:2e:e0:f6:d2:80:6c:7a:4f:a5:
                    03:83:d9:dc:46:4b:4a:4b:d2:ef:63:76:a3:3b:9b:
                    fe:cb:cf:d3:c0:0f:72:4c:75:d6:d6:29:d8:b6:a2:
                    f7:4c:46:4d:d7:9b:04:9c:14:be:a7:06:3c:80:a9:
                    cd:90:37:2c:66:55:8f:48:dd:07:ff:9f:d8:52:89:
                    77:df:c0:fe:2e:f0:e7:82:be:d7:5f:e5:51:d6:17:
                    54:47:6d:f2:63:00:1c:b4:5c:29:b5:55:5b:9f:42:
                    73:b3:c5:56:70:12:eb:01:df:b5:60:a1:87:f5:d3:
                    c4:35:93:f7:ff:a1:8d:a1:f8:b7:c1:ea:40:3d:2a:
                    4a:fe:fe:72:a5:0f:a2:c9:3c:b2:f7:79:d3:03:19:
                    8f:4a:0d:73:bc:2f:67:70:b7:6d:8d:18:ec:2b:be:
                    ff:87:ba:85:c3:5b:68:51:61:3c:00:2b:ed:73:cd:
                    25:7e:17:4a:4e:85:d9:2c:7c:d5:03:8b:84:7b:75:
                    f3:b8:2d:d0:19:59:32:ee:8b:ed:0f:fd:68:c9:e9:
                    fa:6d:86:7f:ad:67:92:ed:fd:6f:61:19:82:5b:8c:
                    ee:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:92:44:D1:4F:9B:C7:54:11:9E:BB:B1:9B:A4:82:58:22:A0:E6:9C
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:7b:75:4c:a5:57:a8:92:65:9a:50:99:d7:42:3b:28:99:87:
         52:91:39:f0:a2:d2:9c:38:8c:d2:4a:b1:5c:33:ff:6e:0a:ec:
         db:a1:08:44:7a:28:7d:be:9b:0c:55:1a:6f:7a:db:85:94:13:
         28:85:06:8b:65:72:f6:70:d1:bb:dc:2c:3a:d9:e8:9b:b2:67:
         46:c5:68:54:9d:b0:09:83:67:d0:86:48:a1:03:63:bc:90:9b:
         90:e4:e2:48:4d:56:44:35:6b:ca:83:35:52:63:53:14:1f:f4:
         d5:21:09:f1:ed:7f:a5:58:25:69:ab:28:a3:aa:30:3b:6b:70:
         a8:cf:f3:ce:90:29:01:cf:9e:fc:6d:42:15:38:88:3c:63:74:
         76:ac:c3:1f:d4:0d:21:05:60:b8:b0:6f:6e:97:77:b5:f2:e8:
         c1:30:d5:95:f1:52:76:24:1f:18:47:9d:9c:dd:64:71:5f:82:
         00:25:2e:75:af:52:95:e8:92:32:4c:d3:53:98:59:0c:24:f0:
         e9:32:43:87:59:80:17:39:be:35:2e:69:00:80:41:1d:33:26:
         2e:29:c7:75:b7:e0:c3:ac:59:10:a1:fc:ff:08:8e:ae:de:0b:
         69:9e:56:b2:5c:2c:18:0b:e2:0e:41:57:fe:4d:ac:33:90:e1:
         56:91:a7:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VHnnzZnSOeAKmAi3lxOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjYwMzI5MTYwMTQ3WhcNMjYwMzMwMTYwMTQ3WjAzMTEwLwYDVQQD
Eyg5NjkyNDRkMTRmOWJjNzU0MTE5ZWJiYjE5YmE0ODI1ODIyYTBlNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dCG1R1/2PevtYa+5DeQgDyR7yjk
UJeH+ZyfIH93Eydth1gu4PbSgGx6T6UDg9ncRktKS9LvY3ajO5v+y8/TwA9yTHXW
1inYtqL3TEZN15sEnBS+pwY8gKnNkDcsZlWPSN0H/5/YUol338D+LvDngr7XX+VR
1hdUR23yYwActFwptVVbn0Jzs8VWcBLrAd+1YKGH9dPENZP3/6GNofi3wepAPSpK
/v5ypQ+iyTyy93nTAxmPSg1zvC9ncLdtjRjsK77/h7qFw1toUWE8ACvtc80lfhdK
ToXZLHzVA4uEe3XzuC3QGVky7ovtD/1oyen6bYZ/rWeS7f1vYRmCW4zuWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJaSRNFPm8dUEZ67sZukglgioOacMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXt1TKVX
qJJlmlCZ10I7KJmHUpE58KLSnDiM0kqxXDP/bgrs26EIRHoofb6bDFUab3rbhZQT
KIUGi2Vy9nDRu9wsOtnom7JnRsVoVJ2wCYNn0IZIoQNjvJCbkOTiSE1WRDVryoM1
UmNTFB/01SEJ8e1/pVglaasoo6owO2twqM/zzpApAc+e/G1CFTiIPGN0dqzDH9QN
IQVguLBvbpd3tfLowTDVlfFSdiQfGEednN1kcV+CACUuda9SleiSMkzTU5hZDCTw
6TJDh1mAFzm+NS5pAIBBHTMmLinHdbfgw6xZEKH8/wiOrt4LaZ5WslwsGAviDkFX
/k2sM5DhVpGnNA==
-----END CERTIFICATE-----