Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          0kPJ5sOVwkmvx7RCzsVKXi4ZskILhUy4Se9Krv8MCKQ=
Subject key identifier:   52:91:FD:91:CD:7B:72:D1:04:83:AB:57:39:CA:66:3D:75:A2:BC:C8
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019D29CE9D638BE82AF1263FFF962887377A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          1486
Signing time:             Thu 26 Mar 2026 11:01:39 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:39 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:39 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: N8E5sMtKCWbALTi7YzwBJUhDgoQTINP/MrhZzAPMXMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:9d:63:8b:e8:2a:f1:26:3f:ff:96:28:87:37:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Mar 26 11:01:39 2026 GMT
            Not After : Mar 27 11:01:39 2026 GMT
        Subject: CN=5291fd91cd7b72d10483ab5739ca663d75a2bcc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:72:4c:ad:6b:9c:d9:fb:45:f5:06:36:64:c5:
                    db:36:4e:57:02:e7:75:b5:96:21:3f:29:e1:03:19:
                    36:a6:3e:07:1c:c8:2f:a8:8b:b8:6d:6c:b3:76:5f:
                    e5:8f:94:aa:78:30:a7:7d:b7:37:b2:05:74:c0:d1:
                    e6:7a:29:fe:a2:4d:84:74:5d:96:1b:8e:b4:ae:9e:
                    49:24:b8:81:f2:54:b8:da:c7:99:11:98:a5:46:61:
                    24:73:4b:48:7d:39:f4:c6:65:68:39:12:24:0d:f8:
                    db:53:04:b9:f0:c1:9e:97:8d:e2:d7:5b:a8:21:54:
                    c5:b5:ce:43:94:28:57:32:4f:0b:9b:23:b2:c2:15:
                    63:03:3e:ea:d6:83:2b:49:90:de:69:93:84:21:5c:
                    a4:85:7a:8f:e0:df:70:03:33:23:f6:19:3e:f1:58:
                    ed:ab:29:14:99:d4:b3:54:be:fd:79:e6:f2:89:f3:
                    80:b9:91:27:0b:3f:c3:bc:9f:15:5a:8c:b8:3a:ab:
                    7e:6f:6d:8f:08:6f:60:f4:b5:51:c0:5f:62:a3:9e:
                    e4:17:08:1b:78:32:ad:df:a5:7c:66:e7:51:98:a8:
                    e4:16:d5:93:70:65:b1:fb:e3:63:7c:08:f5:36:03:
                    ac:29:66:6a:cf:19:32:02:38:23:42:76:33:cd:ab:
                    db:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:91:FD:91:CD:7B:72:D1:04:83:AB:57:39:CA:66:3D:75:A2:BC:C8
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:76:90:5e:ec:1f:db:8b:f7:ab:ef:9b:d6:0a:f1:d3:5f:cb:
         29:5a:16:d8:f5:f0:b5:44:c0:42:1a:90:4d:70:30:53:89:b5:
         5a:a0:b1:e3:e0:52:ea:a8:28:57:62:81:66:6b:dd:84:37:db:
         95:11:a0:b3:8c:8d:9f:24:31:8b:37:cd:14:aa:ba:4d:e6:3e:
         1a:5e:fe:90:8a:17:36:ae:d0:42:97:ab:6e:a4:53:55:9b:4c:
         3c:fa:0a:c6:1c:d5:68:70:86:07:06:69:23:70:33:2d:d1:1d:
         96:ee:f7:3d:3b:b0:14:ba:28:18:c4:8f:c8:71:57:4a:c9:c1:
         e2:62:59:1f:ea:01:17:50:ac:96:80:e3:33:23:40:13:fd:7f:
         87:13:5e:ee:10:f9:c7:e6:b2:66:73:61:09:f4:d4:cb:5b:1b:
         fc:e7:cb:5e:09:7b:26:9f:50:ce:70:8e:53:9a:8d:21:26:21:
         02:40:a9:b7:86:8a:f8:28:09:60:b6:6d:46:d7:a7:24:80:c2:
         17:35:9b:eb:7b:a6:cd:4a:a6:cc:71:0e:7c:59:01:46:16:95:
         2a:10:d3:76:fb:e8:4f:8c:b8:6f:9c:78:da:8d:fc:be:9f:e8:
         91:7b:d2:35:97:60:69:ca:41:6a:06:ab:d0:a4:6b:e4:38:17:
         de:b0:71:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzp1ji+gq8SY//5Yohzd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjYwMzI2MTEwMTM5WhcNMjYwMzI3MTEwMTM5WjAzMTEwLwYDVQQD
Eyg1MjkxZmQ5MWNkN2I3MmQxMDQ4M2FiNTczOWNhNjYzZDc1YTJiY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnJMrWuc2ftF9QY2ZMXbNk5XAud1
tZYhPynhAxk2pj4HHMgvqIu4bWyzdl/lj5SqeDCnfbc3sgV0wNHmein+ok2EdF2W
G460rp5JJLiB8lS42seZEZilRmEkc0tIfTn0xmVoORIkDfjbUwS58MGel43i11uo
IVTFtc5DlChXMk8LmyOywhVjAz7q1oMrSZDeaZOEIVykhXqP4N9wAzMj9hk+8Vjt
qykUmdSzVL79eebyifOAuZEnCz/DvJ8VWoy4Oqt+b22PCG9g9LVRwF9io57kFwgb
eDKt36V8ZudRmKjkFtWTcGWx++NjfAj1NgOsKWZqzxkyAjgjQnYzzavbUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKR/ZHNe3LRBIOrVznKZj11orzIMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeHaQXuwf
24v3q++b1grx01/LKVoW2PXwtUTAQhqQTXAwU4m1WqCx4+BS6qgoV2KBZmvdhDfb
lRGgs4yNnyQxizfNFKq6TeY+Gl7+kIoXNq7QQperbqRTVZtMPPoKxhzVaHCGBwZp
I3AzLdEdlu73PTuwFLooGMSPyHFXSsnB4mJZH+oBF1CsloDjMyNAE/1/hxNe7hD5
x+ayZnNhCfTUy1sb/OfLXgl7Jp9QznCOU5qNISYhAkCpt4aK+CgJYLZtRtenJIDC
FzWb63umzUqmzHEOfFkBRhaVKhDTdvvoT4y4b5x42o38vp/okXvSNZdgacpBagar
0KRr5DgX3rBxLg==
-----END CERTIFICATE-----