Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
File:                     AOezY1s9V4VgNwpYMDz81c2SkQU.mft (raw, json)
Hash identifier:          FfvBTS8XESF76aiset8BASWt+lLy/3Yyrp4blZLY3Gs=
Subject key identifier:   43:62:01:25:9C:B4:78:AF:BA:CE:89:BA:DC:84:E4:CF:7A:99:B8:FE
Authority key identifier: 00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05
Certificate issuer:       /CN=00e7b3635b3d578560370a58303cfcd5cd929105
Certificate serial:       019D420D9FCEE7E60F95EE2E30E91858A2F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
Manifest number:          0FA6
Signing time:             Tue 31 Mar 2026 04:01:22 +0000
Manifest this update:     Tue 31 Mar 2026 04:01:22 +0000
Manifest next update:     Wed 01 Apr 2026 04:01:22 +0000
Files and hashes:         1: AOezY1s9V4VgNwpYMDz81c2SkQU.crl (hash: HofYBjGq8f+O5rtnNTtlvGmIeBAUsZMiAeL47OTZQ9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 31 Mar 2026 23:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:42:0d:9f:ce:e7:e6:0f:95:ee:2e:30:e9:18:58:a2:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e7b3635b3d578560370a58303cfcd5cd929105
        Validity
            Not Before: Mar 31 04:01:22 2026 GMT
            Not After : Apr  1 04:01:22 2026 GMT
        Subject: CN=436201259cb478afbace89badc84e4cf7a99b8fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:63:f7:0a:34:db:30:fa:f5:db:05:25:a6:5d:
                    4d:a4:5b:33:86:9d:4a:b3:2b:ad:93:10:d9:96:fa:
                    b1:b0:38:39:9c:5c:0c:9c:cf:4a:34:33:59:87:3a:
                    53:b5:e8:0f:e6:68:ca:3f:10:7f:78:d2:b7:c7:c6:
                    66:7d:00:01:8b:e1:76:80:83:1d:5d:2c:4f:3e:12:
                    c9:97:85:1e:03:ba:f1:fd:8f:62:c0:3f:0a:73:a5:
                    92:80:82:9d:46:27:5a:84:38:52:d3:e0:4e:35:38:
                    0a:0a:f7:f7:68:e2:5b:cc:c7:59:dd:35:58:04:be:
                    48:ce:23:56:97:7b:64:6f:ec:0f:96:24:17:63:4d:
                    1d:ea:8b:af:17:12:4e:1d:7d:8b:62:ef:26:32:8e:
                    ab:60:82:af:d3:53:35:da:89:47:9b:44:20:f9:84:
                    8e:ba:79:db:e2:e5:f5:71:c1:ae:f5:da:e8:cd:ea:
                    43:3a:7e:8f:28:11:fd:9c:1b:16:7f:63:f7:55:74:
                    58:7c:13:85:8f:6f:09:c7:d5:b7:0a:78:85:d7:57:
                    aa:dc:6b:81:6d:0d:63:5a:cc:9d:5f:4c:88:78:3b:
                    6d:d3:c9:d6:91:92:e4:82:40:7a:20:4a:3d:f4:97:
                    39:13:1e:a9:0f:1e:7d:3c:f6:e8:ef:b7:05:00:b1:
                    ca:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:62:01:25:9C:B4:78:AF:BA:CE:89:BA:DC:84:E4:CF:7A:99:B8:FE
            X509v3 Authority Key Identifier:
                keyid:00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:8f:42:f4:99:90:bf:d2:74:63:70:67:9f:b1:27:bc:28:8b:
         0a:cc:e6:1e:b7:af:b7:e8:64:7d:c4:9d:3b:d4:5b:1a:c2:83:
         74:af:5f:15:22:44:7a:3a:5c:fb:fc:a7:40:1b:ae:30:25:70:
         33:cb:e2:a1:be:ca:00:fd:ad:ff:d4:6a:b8:75:4a:59:85:d8:
         2d:8f:99:3b:26:5d:73:a4:0d:22:04:5d:51:31:77:d3:29:65:
         a0:19:67:9b:fe:f2:52:f9:e9:3a:72:ca:36:ec:6f:ab:16:01:
         4a:ef:99:86:0b:1a:e0:d0:06:b5:8a:d8:9e:97:2b:33:f5:6d:
         4f:b8:12:b7:98:9a:89:f2:a0:66:d0:f0:77:00:7b:7f:33:62:
         b0:08:8a:c9:b6:27:92:02:37:d1:e8:c5:ea:fb:68:62:55:92:
         5f:7a:3b:a7:60:cd:9e:89:88:42:ce:4f:c2:3b:04:86:9b:56:
         f8:7a:7f:98:3c:3e:6d:ef:db:5a:59:7e:d3:87:ab:17:c9:3e:
         3d:a4:82:1e:02:4b:a2:1f:c7:47:a8:b6:c2:67:8f:6f:01:c4:
         dc:b3:61:3f:42:62:da:01:44:11:0d:e8:98:d9:31:b0:48:15:
         e6:67:12:d5:10:4b:bf:7e:4e:a8:59:f1:97:56:8a:0e:9a:ff:
         05:6b:44:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1CDZ/O5+YPle4uMOkYWKL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTdiMzYzNWIzZDU3ODU2MDM3MGE1ODMwM2NmY2Q1Y2Q5
MjkxMDUwHhcNMjYwMzMxMDQwMTIyWhcNMjYwNDAxMDQwMTIyWjAzMTEwLwYDVQQD
Eyg0MzYyMDEyNTljYjQ3OGFmYmFjZTg5YmFkYzg0ZTRjZjdhOTliOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmP3CjTbMPr12wUlpl1NpFszhp1K
syutkxDZlvqxsDg5nFwMnM9KNDNZhzpTtegP5mjKPxB/eNK3x8ZmfQABi+F2gIMd
XSxPPhLJl4UeA7rx/Y9iwD8Kc6WSgIKdRidahDhS0+BONTgKCvf3aOJbzMdZ3TVY
BL5IziNWl3tkb+wPliQXY00d6ouvFxJOHX2LYu8mMo6rYIKv01M12olHm0Qg+YSO
unnb4uX1ccGu9drozepDOn6PKBH9nBsWf2P3VXRYfBOFj28Jx9W3CniF11eq3GuB
bQ1jWsydX0yIeDtt08nWkZLkgkB6IEo99Jc5Ex6pDx59PPbo77cFALHKfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENiASWctHivus6JutyE5M96mbj+MB8GA1UdIwQY
MBaAFADns2NbPVeFYDcKWDA8/NXNkpEFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDct
YTBjZDE0MTUxM2NiLzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDctYTBjZDE0MTUxM2Ni
LzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWY9C9JmQ
v9J0Y3Bnn7EnvCiLCszmHrevt+hkfcSdO9RbGsKDdK9fFSJEejpc+/ynQBuuMCVw
M8viob7KAP2t/9RquHVKWYXYLY+ZOyZdc6QNIgRdUTF30ylloBlnm/7yUvnpOnLK
NuxvqxYBSu+Zhgsa4NAGtYrYnpcrM/VtT7gSt5iaifKgZtDwdwB7fzNisAiKybYn
kgI30ejF6vtoYlWSX3o7p2DNnomIQs5PwjsEhptW+Hp/mDw+be/bWll+04erF8k+
PaSCHgJLoh/HR6i2wmePbwHE3LNhP0Ji2gFEEQ3omNkxsEgV5mcS1RBLv35OqFnx
l1aKDpr/BWtEsQ==
-----END CERTIFICATE-----