Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          FHN06oiwFlIoeTHgHyCZ3X0PPtOgbeTnWIIOeN/O4J0=
Subject key identifier:   F2:7E:10:03:6D:55:54:32:36:FA:B3:60:3C:55:AA:EC:76:9D:03:36
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       019D39E569ED4A70368AACB360D105F709AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          05F1
Signing time:             Sun 29 Mar 2026 14:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:29 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: y5UAHfFGvOvZbNGLh0XVJd4V6jfsDtPnqBofVtbsgYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:69:ed:4a:70:36:8a:ac:b3:60:d1:05:f7:09:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Mar 29 14:00:29 2026 GMT
            Not After : Mar 30 14:00:29 2026 GMT
        Subject: CN=f27e10036d55543236fab3603c55aaec769d0336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ed:28:c8:bd:22:9f:2c:a9:ae:2c:6c:65:c5:
                    41:ee:1c:3a:38:3c:9c:1b:24:45:5d:07:e3:bc:f0:
                    a6:a9:4b:80:2f:c1:56:8b:d9:e4:f7:4b:3d:34:0f:
                    6d:30:ff:99:ef:d8:8a:59:11:1f:09:1e:0e:ee:ac:
                    79:00:c8:56:98:d1:30:c7:c4:50:04:81:08:98:e2:
                    eb:4c:6f:0b:a4:a6:81:b9:b6:21:21:f5:4a:8e:7d:
                    e8:8b:19:cc:ab:ed:71:46:92:c0:58:88:c4:d1:e1:
                    ce:52:94:b7:a9:47:76:2c:a7:42:0e:e0:0e:ae:84:
                    a7:e2:83:9c:b0:fa:e5:17:22:fd:58:f9:46:b9:81:
                    39:ec:f0:37:37:a0:f6:74:9a:bd:c6:17:33:07:e9:
                    14:92:58:76:d3:c1:c4:fc:35:b1:8b:29:06:9b:18:
                    fa:26:8d:c1:fa:c8:54:b8:e5:e2:40:ca:61:39:b8:
                    36:b0:34:82:33:40:f4:76:45:22:58:35:5d:8b:61:
                    bd:76:ef:0b:5f:a6:61:06:e5:91:52:6c:a4:ea:54:
                    aa:71:30:e1:54:da:cf:56:15:09:9a:70:13:19:4e:
                    31:79:70:8a:30:cc:e9:cc:30:76:35:3b:bb:8e:b2:
                    f0:a4:c0:d5:63:92:8d:64:22:87:18:1e:3f:62:e7:
                    40:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:7E:10:03:6D:55:54:32:36:FA:B3:60:3C:55:AA:EC:76:9D:03:36
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ad:9c:2d:4b:c6:41:0f:cd:9f:8e:ee:ce:92:cb:de:8e:88:
         68:34:eb:6c:65:ee:67:50:28:af:d5:6f:13:0d:21:1a:99:8a:
         02:4a:f5:34:04:1d:61:8c:7a:f6:04:3d:4a:69:34:8a:2d:37:
         9e:ad:b0:6d:85:9f:42:49:47:5f:4b:7c:18:98:4f:7d:5c:b5:
         21:e4:6f:bd:61:0c:cc:1d:ab:91:af:1e:1e:04:27:dc:4d:df:
         1e:3d:d2:93:61:4a:82:08:06:84:95:3a:fc:aa:24:cc:fd:34:
         98:fd:a9:5c:8d:93:b8:f5:e7:e0:75:9a:a1:16:42:5e:67:52:
         88:c9:2b:2a:18:5a:b7:1c:ce:92:36:db:fe:64:d6:77:0c:7e:
         07:20:d8:3b:8d:14:9e:2b:56:2d:84:13:2d:f3:15:4f:0d:4e:
         e9:d7:9e:69:21:fb:95:6b:af:2c:8e:d7:80:3f:36:73:a6:1a:
         35:d4:72:f2:26:32:4f:e2:bc:c2:75:f2:f3:33:e4:58:b8:99:
         84:28:cc:03:56:ba:f0:10:60:c0:1d:65:e4:2c:e8:d5:40:86:
         c8:ba:e3:c9:19:b4:bf:3d:80:13:2a:ed:8b:c9:6b:6a:e3:3e:
         42:1f:e6:d5:b4:9a:42:f2:56:07:d3:36:41:eb:5b:e5:f0:3c:
         91:9a:d7:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055WntSnA2iqyzYNEF9wmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjYwMzI5MTQwMDI5WhcNMjYwMzMwMTQwMDI5WjAzMTEwLwYDVQQD
EyhmMjdlMTAwMzZkNTU1NDMyMzZmYWIzNjAzYzU1YWFlYzc2OWQwMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO0oyL0inyyprixsZcVB7hw6ODyc
GyRFXQfjvPCmqUuAL8FWi9nk90s9NA9tMP+Z79iKWREfCR4O7qx5AMhWmNEwx8RQ
BIEImOLrTG8LpKaBubYhIfVKjn3oixnMq+1xRpLAWIjE0eHOUpS3qUd2LKdCDuAO
roSn4oOcsPrlFyL9WPlGuYE57PA3N6D2dJq9xhczB+kUklh208HE/DWxiykGmxj6
Jo3B+shUuOXiQMphObg2sDSCM0D0dkUiWDVdi2G9du8LX6ZhBuWRUmyk6lSqcTDh
VNrPVhUJmnATGU4xeXCKMMzpzDB2NTu7jrLwpMDVY5KNZCKHGB4/YudASwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJ+EANtVVQyNvqzYDxVqux2nQM2MB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj62cLUvG
QQ/Nn47uzpLL3o6IaDTrbGXuZ1Aor9VvEw0hGpmKAkr1NAQdYYx69gQ9Smk0ii03
nq2wbYWfQklHX0t8GJhPfVy1IeRvvWEMzB2rka8eHgQn3E3fHj3Sk2FKgggGhJU6
/KokzP00mP2pXI2TuPXn4HWaoRZCXmdSiMkrKhhatxzOkjbb/mTWdwx+ByDYO40U
nitWLYQTLfMVTw1O6deeaSH7lWuvLI7XgD82c6YaNdRy8iYyT+K8wnXy8zPkWLiZ
hCjMA1a68BBgwB1l5Czo1UCGyLrjyRm0vz2AEyrti8lrauM+Qh/m1bSaQvJWB9M2
Qetb5fA8kZrXsg==
-----END CERTIFICATE-----