Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft
File:                     pk-aIUfxp5IRyWIBilHj7aKCI2A.mft (raw, json)
Hash identifier:          cI8Kry5qopMm8qHR3HPN6vVP4hX1ITMKNgz/Wgciv5Q=
Subject key identifier:   3B:5A:7A:E4:6B:C4:52:78:6A:BC:BF:B7:5E:75:33:37:40:45:E3:25
Authority key identifier: A6:4F:9A:21:47:F1:A7:92:11:C9:62:01:8A:51:E3:ED:A2:82:23:60
Certificate issuer:       /CN=a64f9a2147f1a79211c962018a51e3eda2822360
Certificate serial:       019D3A5409DFB263A1BA5D4EA68F691BCB3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pk-aIUfxp5IRyWIBilHj7aKCI2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft
Manifest number:          27
Signing time:             Sun 29 Mar 2026 16:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:19 +0000
Files and hashes:         1: pk-aIUfxp5IRyWIBilHj7aKCI2A.crl (hash: ilJg6sLLouOoxr405nW9J9gEJpBYINXk5BbOjP8Pguo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pk-aIUfxp5IRyWIBilHj7aKCI2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:09:df:b2:63:a1:ba:5d:4e:a6:8f:69:1b:cb:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a64f9a2147f1a79211c962018a51e3eda2822360
        Validity
            Not Before: Mar 29 16:01:19 2026 GMT
            Not After : Mar 30 16:01:19 2026 GMT
        Subject: CN=3b5a7ae46bc452786abcbfb75e7533374045e325
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:58:bc:ae:14:11:c3:58:09:ac:f6:99:18:e0:
                    03:45:bc:3d:31:75:cd:f7:cf:0b:6b:54:4d:8b:0e:
                    06:2b:c4:dd:5b:a5:09:8e:30:76:16:7f:79:f0:b0:
                    3d:41:ec:1e:a1:c4:b1:49:4a:46:6e:f0:e7:19:4d:
                    6c:9d:8f:1f:7c:7a:4b:c0:17:ae:b2:f4:8a:de:b0:
                    73:30:8c:69:e0:2e:1c:1a:5f:17:ed:ee:dc:ac:26:
                    02:2a:3a:94:8d:ea:76:cb:ae:c1:50:f4:87:8d:fa:
                    80:a1:91:3f:c5:7a:d9:98:37:ee:d6:1c:60:e2:f5:
                    e3:f8:a8:42:8d:20:24:06:3a:d4:98:fc:1c:d8:9e:
                    01:52:57:1b:dc:ea:6c:86:db:7c:25:7a:e8:54:87:
                    08:3c:ad:1c:74:cc:0d:07:00:8a:00:3f:92:ab:fd:
                    0a:86:30:1d:0f:59:87:5a:43:64:a0:de:bd:db:4b:
                    9d:78:56:3a:f4:ea:cd:fc:6d:74:9b:02:db:cd:8f:
                    90:05:58:2d:57:c3:31:5c:b9:97:59:b2:76:b5:45:
                    4a:79:60:f2:33:06:3d:42:92:74:5a:0c:9a:8c:85:
                    be:65:a0:53:62:2d:b0:ee:04:0a:9d:6b:1c:b1:3e:
                    13:b2:4d:d2:ef:cf:50:c4:8e:40:72:42:08:ae:cc:
                    75:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:5A:7A:E4:6B:C4:52:78:6A:BC:BF:B7:5E:75:33:37:40:45:E3:25
            X509v3 Authority Key Identifier:
                keyid:A6:4F:9A:21:47:F1:A7:92:11:C9:62:01:8A:51:E3:ED:A2:82:23:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pk-aIUfxp5IRyWIBilHj7aKCI2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:a1:5d:f1:e9:7a:1d:d0:2a:6e:98:b7:36:81:68:69:29:a7:
         fc:c0:66:66:e9:26:aa:bb:27:83:05:7d:9c:f3:28:8c:15:44:
         fe:d3:7e:e1:37:07:5d:32:54:df:24:37:36:c1:61:d2:1a:b8:
         bd:bc:ff:a7:e5:9d:4d:cc:f2:42:81:1b:32:8f:51:66:6b:b9:
         bb:c0:f5:c1:c0:d9:94:a0:3a:24:33:46:c8:95:9d:b9:6a:c4:
         ab:2b:c1:b1:7e:cd:ac:c5:d5:b8:0d:2b:4a:93:4e:73:24:6f:
         11:c8:cb:29:b1:30:8f:be:32:19:cc:18:b4:19:a4:79:b0:89:
         cd:fb:03:1b:a5:ea:a3:4e:c2:ae:24:65:b2:42:c2:db:d8:b0:
         9d:ec:99:67:56:eb:20:cc:c1:80:58:37:d3:73:67:05:a4:b9:
         65:fd:c3:02:13:ae:75:d9:f6:3a:4e:ee:ac:d1:50:a6:ac:32:
         72:d4:4d:25:04:04:08:ec:72:75:d6:d3:0d:b1:88:e9:76:d9:
         44:f0:8f:47:e4:dd:55:e3:25:2d:74:4f:cd:7c:88:3b:16:76:
         44:64:0b:7e:e1:40:46:52:29:d9:7a:09:5a:f9:a1:05:4d:d1:
         5b:18:2d:55:fe:64:9f:7b:b4:98:0a:06:60:81:02:4f:df:0c:
         b5:7b:51:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VAnfsmOhul1Opo9pG8s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NGY5YTIxNDdmMWE3OTIxMWM5NjIwMThhNTFlM2VkYTI4
MjIzNjAwHhcNMjYwMzI5MTYwMTE5WhcNMjYwMzMwMTYwMTE5WjAzMTEwLwYDVQQD
EygzYjVhN2FlNDZiYzQ1Mjc4NmFiY2JmYjc1ZTc1MzMzNzQwNDVlMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1i8rhQRw1gJrPaZGOADRbw9MXXN
988La1RNiw4GK8TdW6UJjjB2Fn958LA9QeweocSxSUpGbvDnGU1snY8ffHpLwBeu
svSK3rBzMIxp4C4cGl8X7e7crCYCKjqUjep2y67BUPSHjfqAoZE/xXrZmDfu1hxg
4vXj+KhCjSAkBjrUmPwc2J4BUlcb3Opshtt8JXroVIcIPK0cdMwNBwCKAD+Sq/0K
hjAdD1mHWkNkoN6920udeFY69OrN/G10mwLbzY+QBVgtV8MxXLmXWbJ2tUVKeWDy
MwY9QpJ0WgyajIW+ZaBTYi2w7gQKnWscsT4Tsk3S789QxI5AckIIrsx19QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtaeuRrxFJ4ary/t151MzdAReMlMB8GA1UdIwQY
MBaAFKZPmiFH8aeSEcliAYpR4+2igiNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGstYUlVZnhwNUlSeVdJQmlsSGo3YUtDSTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS83Njg0YzQtZDRjNC00NTQ2LWI1NTUt
OGViYmM4NzY5Zjg0LzEvcGstYUlVZnhwNUlSeVdJQmlsSGo3YUtDSTJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS83Njg0YzQtZDRjNC00NTQ2LWI1NTUtOGViYmM4NzY5Zjg0
LzEvcGstYUlVZnhwNUlSeVdJQmlsSGo3YUtDSTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXaFd8el6
HdAqbpi3NoFoaSmn/MBmZukmqrsngwV9nPMojBVE/tN+4TcHXTJU3yQ3NsFh0hq4
vbz/p+WdTczyQoEbMo9RZmu5u8D1wcDZlKA6JDNGyJWduWrEqyvBsX7NrMXVuA0r
SpNOcyRvEcjLKbEwj74yGcwYtBmkebCJzfsDG6Xqo07CriRlskLC29iwneyZZ1br
IMzBgFg303NnBaS5Zf3DAhOuddn2Ok7urNFQpqwyctRNJQQECOxyddbTDbGI6XbZ
RPCPR+TdVeMlLXRPzXyIOxZ2RGQLfuFARlIp2XoJWvmhBU3RWxgtVf5kn3u0mAoG
YIECT98MtXtRBw==
-----END CERTIFICATE-----