Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          Al8voD8czZi2uCbj2ZiaX2lTWXFm+OzAlIt8kHWql/g=
Subject key identifier:   42:A8:60:2F:04:F6:03:21:44:62:6B:89:DF:DD:BF:AF:83:21:C0:32
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019F18314717CF28A5577E09AFADBE718EB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0F23
Signing time:             Tue 30 Jun 2026 11:01:50 +0000
Manifest this update:     Tue 30 Jun 2026 11:01:50 +0000
Manifest next update:     Wed 01 Jul 2026 11:01:50 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: bmN1cfO3I1T7jeXDpP8ogFvdPve2o4gcALnF+hmvqu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 11:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:31:47:17:cf:28:a5:57:7e:09:af:ad:be:71:8e:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Jun 30 11:01:50 2026 GMT
            Not After : Jul  1 11:01:50 2026 GMT
        Subject: CN=42a8602f04f6032144626b89dfddbfaf8321c032
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:e3:cc:26:e0:1d:6a:0f:fc:79:2d:1a:ca:5c:
                    ec:f6:35:48:4e:53:47:60:44:db:42:75:29:a4:d4:
                    3a:f9:fa:e0:05:97:c6:59:7c:3e:1c:f5:3e:0d:7d:
                    48:ba:0c:5f:bb:28:41:29:b2:80:f7:f9:da:5b:67:
                    72:ad:1c:14:05:5d:dc:60:4c:de:79:3b:4c:10:f6:
                    8e:c0:cd:fe:58:62:7a:d8:17:24:dc:dd:9d:d8:c4:
                    73:6b:e2:0e:2f:1a:ca:af:dd:8a:13:71:03:a5:a5:
                    ed:6e:d3:5e:43:43:21:1d:c8:5c:de:be:20:5a:21:
                    01:df:f1:50:6a:33:db:c1:b5:59:cb:9a:2c:2f:20:
                    5d:83:54:a5:90:42:f2:96:1d:54:ae:f6:8f:5a:bd:
                    1f:1e:ef:d8:74:50:e8:e9:41:22:a7:71:5b:cb:0e:
                    0a:d3:d7:ab:07:15:db:a6:f3:7f:3b:55:73:00:83:
                    79:a6:9b:77:72:ee:be:fe:da:85:65:08:09:84:0c:
                    1c:e2:b1:b6:9a:58:a4:37:70:53:fe:43:26:98:1a:
                    3a:53:d9:01:61:67:6a:60:c4:0f:95:1f:25:db:98:
                    cf:72:fb:0b:90:77:1f:b1:66:ec:23:81:8f:44:79:
                    b3:1e:89:e4:d1:ec:a7:52:18:73:a1:63:e2:d9:17:
                    3f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A8:60:2F:04:F6:03:21:44:62:6B:89:DF:DD:BF:AF:83:21:C0:32
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:cb:48:1c:53:86:7f:27:41:2d:18:c6:f8:ee:f2:9a:ec:98:
         a0:ff:c5:c7:89:ac:5c:55:02:44:ea:28:6d:cf:d4:15:b0:ca:
         cb:f7:36:99:d2:41:c3:4e:b1:5b:e0:08:14:24:2c:7d:37:c5:
         5a:12:a5:f8:c1:a2:e3:c0:5f:43:9e:f4:6e:a3:97:52:8f:c4:
         c2:6e:cb:10:13:a1:c4:d1:8e:61:fd:b7:8f:05:69:d8:24:0c:
         c3:06:bd:b3:c0:8d:c6:ef:7b:5d:96:e5:99:bf:e0:43:04:87:
         ac:6e:1b:ac:27:9f:1e:d5:20:be:13:ba:16:2e:a2:5d:62:7e:
         a7:26:c3:82:c0:e1:a3:5b:ec:b9:35:07:88:4d:21:81:b9:90:
         8d:f2:59:70:1d:07:bc:b2:8d:36:d0:0b:ab:e7:42:70:5a:16:
         4a:35:9c:78:22:4f:d2:49:54:1a:21:da:c8:9d:dd:e5:28:3d:
         8d:0c:db:5e:e0:11:f2:8c:49:5b:37:b5:77:d6:2e:cc:ac:f7:
         91:82:36:2f:11:5d:f8:ac:b7:14:74:ba:35:2f:1b:a0:ec:c9:
         d9:2f:cf:5a:2d:45:6d:01:32:44:e4:fe:82:f1:fe:4e:7a:bf:
         88:8c:38:d7:b4:cc:54:6c:15:b5:55:db:ce:d1:84:ed:d3:cf:
         b1:e7:f0:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YMUcXzyilV34Jr62+cY6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjYwNjMwMTEwMTUwWhcNMjYwNzAxMTEwMTUwWjAzMTEwLwYDVQQD
Eyg0MmE4NjAyZjA0ZjYwMzIxNDQ2MjZiODlkZmRkYmZhZjgzMjFjMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+PMJuAdag/8eS0aylzs9jVITlNH
YETbQnUppNQ6+frgBZfGWXw+HPU+DX1IugxfuyhBKbKA9/naW2dyrRwUBV3cYEze
eTtMEPaOwM3+WGJ62Bck3N2d2MRza+IOLxrKr92KE3EDpaXtbtNeQ0MhHchc3r4g
WiEB3/FQajPbwbVZy5osLyBdg1SlkELylh1UrvaPWr0fHu/YdFDo6UEip3Fbyw4K
09erBxXbpvN/O1VzAIN5ppt3cu6+/tqFZQgJhAwc4rG2mlikN3BT/kMmmBo6U9kB
YWdqYMQPlR8l25jPcvsLkHcfsWbsI4GPRHmzHonk0eynUhhzoWPi2Rc/wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKoYC8E9gMhRGJrid/dv6+DIcAyMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEctIHFOG
fydBLRjG+O7ymuyYoP/Fx4msXFUCROoobc/UFbDKy/c2mdJBw06xW+AIFCQsfTfF
WhKl+MGi48BfQ570bqOXUo/Ewm7LEBOhxNGOYf23jwVp2CQMwwa9s8CNxu97XZbl
mb/gQwSHrG4brCefHtUgvhO6Fi6iXWJ+pybDgsDho1vsuTUHiE0hgbmQjfJZcB0H
vLKNNtALq+dCcFoWSjWceCJP0klUGiHayJ3d5Sg9jQzbXuAR8oxJWze1d9YuzKz3
kYI2LxFd+Ky3FHS6NS8boOzJ2S/PWi1FbQEyROT+gvH+Tnq/iIw417TMVGwVtVXb
ztGE7dPPsefw6A==
-----END CERTIFICATE-----