Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          HajJBUBpmhMnsD9TXheynkJAI6wPyqnIF/L9FdFFl+4=
Subject key identifier:   BA:66:32:B2:CB:AB:32:A7:EA:3C:DA:EB:91:2A:75:85:D2:71:A8:89
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019D375263B0FF13D4910CBE644B41D503F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0E2A
Signing time:             Sun 29 Mar 2026 02:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:39 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: 6jVmNnhMSxHqymU/Pdjw0aaEvmqy20mjHosifgdewWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:63:b0:ff:13:d4:91:0c:be:64:4b:41:d5:03:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Mar 29 02:00:39 2026 GMT
            Not After : Mar 30 02:00:39 2026 GMT
        Subject: CN=ba6632b2cbab32a7ea3cdaeb912a7585d271a889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8e:5d:3e:5b:49:42:06:f4:8b:19:e8:97:26:
                    16:c1:88:6a:cd:1f:a0:c4:5e:87:ae:a1:53:eb:7a:
                    53:e9:9d:d2:95:e8:a0:4e:ca:17:8b:b4:a4:9f:3b:
                    e7:81:cc:d3:5b:2c:f0:76:09:d6:fa:f8:42:7c:59:
                    e8:ea:9b:e1:de:1d:55:e7:e2:76:41:5a:1d:3f:8f:
                    d2:e1:5f:06:39:69:0a:97:c6:f8:9e:62:37:db:f6:
                    ae:3d:d5:3f:1a:86:0d:dc:39:83:ee:45:ba:0e:86:
                    69:95:43:0f:aa:fd:cf:cb:bf:c4:8c:ec:ec:0b:d6:
                    62:63:9e:f3:08:7f:fd:26:e2:d5:61:b6:a9:d4:b3:
                    41:52:a3:db:d8:41:7f:a6:f9:9d:08:08:f3:7b:7d:
                    c6:05:9c:b1:93:6c:25:25:67:3d:87:3b:a8:99:97:
                    92:77:0b:db:a9:ff:b1:5b:ff:41:62:f7:72:a4:70:
                    c9:cf:6f:58:1c:2c:aa:99:60:65:bb:67:b6:e2:79:
                    05:3a:ff:70:8a:48:67:b2:b7:3f:d4:56:b6:9a:dc:
                    13:fe:9e:31:60:67:e8:99:2c:53:88:a3:55:e0:1d:
                    47:05:9d:5b:57:30:45:22:b1:95:15:ee:84:90:45:
                    d2:cd:19:97:93:e1:10:da:e6:fb:db:34:2a:18:1a:
                    0f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:66:32:B2:CB:AB:32:A7:EA:3C:DA:EB:91:2A:75:85:D2:71:A8:89
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:c4:8f:81:36:f4:f5:a1:59:b1:9b:5c:dc:02:bb:46:8b:94:
         a7:6a:b2:51:e0:f5:93:fb:f0:57:c1:c3:25:08:76:67:f2:a2:
         f3:65:dc:5c:9d:91:b7:bf:1f:a8:a7:ba:4b:99:d5:7b:73:52:
         e4:f4:8e:26:5a:da:d4:21:6a:0f:9a:a1:ed:9c:23:18:fe:c9:
         02:19:aa:44:6b:1f:96:6c:f9:4e:45:dc:f7:d2:a9:e1:df:66:
         6d:47:06:7c:3d:e8:9d:9d:c4:92:ae:f3:f5:88:f0:ea:50:e3:
         84:9f:54:59:e2:df:ca:71:17:91:2b:63:b5:bc:08:03:c2:63:
         e2:9d:83:2d:69:ae:51:9d:74:ec:55:cc:8b:67:73:78:a6:8d:
         5b:b3:82:0b:64:65:57:b3:0d:81:69:b1:e9:a6:17:e5:8b:23:
         29:c4:9d:6b:49:fe:88:f3:eb:df:c6:b8:20:8b:67:cd:77:19:
         40:0d:bd:92:a2:b6:c5:56:d7:d1:27:61:70:4b:f4:61:97:a9:
         c5:5c:a0:3d:5c:a0:08:7b:c9:aa:34:ab:cb:28:2b:b1:c9:7d:
         f8:08:20:ee:e3:03:7a:2c:13:b1:dc:83:f8:c8:6d:f8:8d:33:
         ca:25:a3:b1:9a:f4:d8:d5:19:11:6a:68:d6:ae:84:19:e7:60:
         b0:92:51:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UmOw/xPUkQy+ZEtB1QPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjYwMzI5MDIwMDM5WhcNMjYwMzMwMDIwMDM5WjAzMTEwLwYDVQQD
EyhiYTY2MzJiMmNiYWIzMmE3ZWEzY2RhZWI5MTJhNzU4NWQyNzFhODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw45dPltJQgb0ixnolyYWwYhqzR+g
xF6HrqFT63pT6Z3SleigTsoXi7SknzvngczTWyzwdgnW+vhCfFno6pvh3h1V5+J2
QVodP4/S4V8GOWkKl8b4nmI32/auPdU/GoYN3DmD7kW6DoZplUMPqv3Py7/EjOzs
C9ZiY57zCH/9JuLVYbap1LNBUqPb2EF/pvmdCAjze33GBZyxk2wlJWc9hzuomZeS
dwvbqf+xW/9BYvdypHDJz29YHCyqmWBlu2e24nkFOv9wikhnsrc/1Fa2mtwT/p4x
YGfomSxTiKNV4B1HBZ1bVzBFIrGVFe6EkEXSzRmXk+EQ2ub72zQqGBoPawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpmMrLLqzKn6jza65EqdYXScaiJMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzcSPgTb0
9aFZsZtc3AK7RouUp2qyUeD1k/vwV8HDJQh2Z/Ki82XcXJ2Rt78fqKe6S5nVe3NS
5PSOJlra1CFqD5qh7ZwjGP7JAhmqRGsflmz5TkXc99Kp4d9mbUcGfD3onZ3Ekq7z
9Yjw6lDjhJ9UWeLfynEXkStjtbwIA8Jj4p2DLWmuUZ107FXMi2dzeKaNW7OCC2Rl
V7MNgWmx6aYX5YsjKcSda0n+iPPr38a4IItnzXcZQA29kqK2xVbX0SdhcEv0YZep
xVygPVygCHvJqjSryygrscl9+Agg7uMDeiwTsdyD+Mht+I0zyiWjsZr02NUZEWpo
1q6EGedgsJJRNg==
-----END CERTIFICATE-----