Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
File:                     AOezY1s9V4VgNwpYMDz81c2SkQU.mft (raw, json)
Hash identifier:          6r16NZlxm9m5qpdmdn+saimOimLz/C8YKDMmLO8CWH0=
Subject key identifier:   04:3B:A3:E0:AE:B7:C9:5D:12:BC:FE:DB:3B:AA:0D:E6:0F:C2:E5:9A
Authority key identifier: 00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05
Certificate issuer:       /CN=00e7b3635b3d578560370a58303cfcd5cd929105
Certificate serial:       019E3184F945621F3A8738C9A72B72EFB531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
Manifest number:          1022
Signing time:             Sat 16 May 2026 16:00:58 +0000
Manifest this update:     Sat 16 May 2026 16:00:58 +0000
Manifest next update:     Sun 17 May 2026 16:00:58 +0000
Files and hashes:         1: AOezY1s9V4VgNwpYMDz81c2SkQU.crl (hash: l71m3t3GWTtLOio4cp4wWLRHo1YNZ7KL2eaUG1+F7RE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:84:f9:45:62:1f:3a:87:38:c9:a7:2b:72:ef:b5:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e7b3635b3d578560370a58303cfcd5cd929105
        Validity
            Not Before: May 16 16:00:58 2026 GMT
            Not After : May 17 16:00:58 2026 GMT
        Subject: CN=043ba3e0aeb7c95d12bcfedb3baa0de60fc2e59a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e7:5d:fc:2c:9f:80:95:41:55:0d:c5:4e:bc:
                    a4:e1:20:d7:c7:9e:0c:65:8b:2d:53:71:2e:3d:9a:
                    89:8a:24:11:aa:83:c1:2a:14:38:8f:3b:a8:c6:e1:
                    e5:13:c4:94:c3:45:be:16:d4:25:b8:c6:cb:12:8e:
                    18:28:23:9a:85:6b:d8:c8:46:8b:64:29:0f:fd:e0:
                    ff:82:a2:e2:0b:59:86:4c:91:10:b3:b3:e3:f6:4b:
                    19:51:16:fc:34:55:f3:b5:f9:5f:74:62:49:ba:05:
                    76:3f:51:f3:7b:22:88:1c:bc:3a:b1:8e:07:60:7b:
                    6b:06:f2:ea:49:91:d8:c3:2b:cf:65:77:e0:12:25:
                    3f:1e:70:53:6c:ef:45:06:1f:5a:03:ad:b0:f4:b7:
                    79:c6:63:02:63:fe:0b:11:be:b6:4d:e0:d9:05:a7:
                    9b:2c:3d:40:5d:dc:13:b2:5a:22:a1:cf:fd:b7:58:
                    c1:9c:b1:a6:0d:1a:37:a0:0c:45:0e:53:2d:04:45:
                    04:3f:ea:03:6f:d3:a0:6c:72:d1:e3:4f:82:da:4a:
                    a4:96:2e:25:34:59:46:1d:b5:58:08:c5:96:7e:c3:
                    5a:b1:ba:53:24:bf:f2:39:7c:62:d0:b5:bb:d8:53:
                    82:b7:84:35:96:b0:b8:eb:2a:5e:5e:d9:50:a5:8c:
                    9c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:3B:A3:E0:AE:B7:C9:5D:12:BC:FE:DB:3B:AA:0D:E6:0F:C2:E5:9A
            X509v3 Authority Key Identifier:
                keyid:00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:dc:97:0d:0b:fb:56:06:36:30:00:c0:1b:bc:22:8b:99:70:
         fe:28:b4:83:8d:43:cb:11:70:79:56:4f:0c:26:7c:74:5c:67:
         b3:66:13:aa:2c:5b:52:75:a6:b9:44:43:f2:7a:a3:fa:9f:7b:
         8e:de:bb:f4:79:e1:d4:53:ec:af:04:cd:0b:4f:e1:e6:b8:5c:
         3a:2d:d2:a3:af:f5:6e:86:59:ce:94:6e:aa:2f:97:71:9c:5b:
         39:c5:f0:22:19:29:f5:89:2c:0e:06:75:2e:ac:ae:2b:9e:19:
         c9:3b:93:28:14:b1:56:f7:ae:75:95:ca:ac:5d:3c:af:11:e3:
         43:70:7c:68:5f:03:41:ef:93:49:43:f8:dc:6a:ae:42:f2:e9:
         c4:32:10:a8:5d:4e:d7:83:2e:cc:56:b8:f3:6a:38:94:a5:28:
         33:31:da:26:c4:2f:7b:5e:2f:f1:54:71:e1:30:7b:90:10:9f:
         96:29:f8:2b:a1:6d:bd:be:77:05:85:6f:08:d7:c2:70:52:79:
         02:17:a1:0a:c6:5f:40:cb:da:e9:ca:78:cb:9f:16:d1:ff:0e:
         32:76:c5:44:ed:ee:a4:94:ef:cd:1c:3c:ff:86:df:8c:82:67:
         95:5f:fb:db:77:71:4b:cd:34:71:fa:8c:bc:fc:b7:6c:74:a2:
         90:04:31:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhPlFYh86hzjJpyty77UxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTdiMzYzNWIzZDU3ODU2MDM3MGE1ODMwM2NmY2Q1Y2Q5
MjkxMDUwHhcNMjYwNTE2MTYwMDU4WhcNMjYwNTE3MTYwMDU4WjAzMTEwLwYDVQQD
EygwNDNiYTNlMGFlYjdjOTVkMTJiY2ZlZGIzYmFhMGRlNjBmYzJlNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOdd/CyfgJVBVQ3FTryk4SDXx54M
ZYstU3EuPZqJiiQRqoPBKhQ4jzuoxuHlE8SUw0W+FtQluMbLEo4YKCOahWvYyEaL
ZCkP/eD/gqLiC1mGTJEQs7Pj9ksZURb8NFXztflfdGJJugV2P1HzeyKIHLw6sY4H
YHtrBvLqSZHYwyvPZXfgEiU/HnBTbO9FBh9aA62w9Ld5xmMCY/4LEb62TeDZBaeb
LD1AXdwTsloioc/9t1jBnLGmDRo3oAxFDlMtBEUEP+oDb9OgbHLR40+C2kqkli4l
NFlGHbVYCMWWfsNasbpTJL/yOXxi0LW72FOCt4Q1lrC46ypeXtlQpYyc6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQ7o+Cut8ldErz+2zuqDeYPwuWaMB8GA1UdIwQY
MBaAFADns2NbPVeFYDcKWDA8/NXNkpEFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDct
YTBjZDE0MTUxM2NiLzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDctYTBjZDE0MTUxM2Ni
LzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqdyXDQv7
VgY2MADAG7wii5lw/ii0g41DyxFweVZPDCZ8dFxns2YTqixbUnWmuURD8nqj+p97
jt679Hnh1FPsrwTNC0/h5rhcOi3So6/1boZZzpRuqi+XcZxbOcXwIhkp9YksDgZ1
LqyuK54ZyTuTKBSxVveudZXKrF08rxHjQ3B8aF8DQe+TSUP43GquQvLpxDIQqF1O
14MuzFa482o4lKUoMzHaJsQve14v8VRx4TB7kBCflin4K6Ftvb53BYVvCNfCcFJ5
AhehCsZfQMva6cp4y58W0f8OMnbFRO3upJTvzRw8/4bfjIJnlV/723dxS800cfqM
vPy3bHSikAQx9A==
-----END CERTIFICATE-----