Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft
File:                     aPgE6F8ICkuVFSbfi3IwEAe37es.mft (raw, json)
Hash identifier:          fF3B9/mlFEwbrMqLeGn5EZzO2b3cz2Vi4R/69iKcLAg=
Subject key identifier:   AC:79:E4:01:AE:EE:7A:F7:22:F4:46:D9:2F:8F:10:60:DB:F4:A6:DB
Authority key identifier: 68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB
Certificate issuer:       /CN=68f804e85f080a4b951526df8b72301007b7edeb
Certificate serial:       019D26CCF8E7244EAF6B1C8A62C07F76DB10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft
Manifest number:          0139
Signing time:             Wed 25 Mar 2026 21:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 21:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 21:01:00 +0000
Files and hashes:         1: aPgE6F8ICkuVFSbfi3IwEAe37es.crl (hash: i73PrTfQ4ZDol0vupGEVNuL/argIPZ1FCk5LW6cdvTs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:f8:e7:24:4e:af:6b:1c:8a:62:c0:7f:76:db:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68f804e85f080a4b951526df8b72301007b7edeb
        Validity
            Not Before: Mar 25 21:01:00 2026 GMT
            Not After : Mar 26 21:01:00 2026 GMT
        Subject: CN=ac79e401aeee7af722f446d92f8f1060dbf4a6db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a3:bf:21:9e:3b:2a:48:bc:07:07:e5:1a:f6:
                    52:ac:03:69:e5:48:3b:9d:cf:65:6f:06:a2:61:de:
                    ab:12:f5:da:45:62:56:ae:79:d4:3b:45:50:e2:94:
                    a1:49:49:f9:fa:1b:7d:c8:45:1d:df:ac:f4:2a:30:
                    26:9a:a4:b1:98:47:d4:ed:1a:8d:c0:b5:3a:0e:db:
                    95:ec:ee:20:9a:de:00:39:f9:22:e5:d7:48:e3:91:
                    83:4d:64:46:1d:6b:01:45:77:06:4d:af:e8:b2:a8:
                    64:ec:d4:1d:09:4d:12:f6:d8:c7:63:6e:2b:1b:f0:
                    19:50:f9:9c:92:84:72:99:be:e1:82:9d:a4:3c:38:
                    8e:db:10:6b:25:75:54:45:09:22:95:42:eb:10:f6:
                    ee:20:3a:82:eb:6a:8d:61:00:2b:24:6a:42:90:56:
                    e8:25:66:c1:45:0b:a7:29:30:43:bc:19:5f:ec:16:
                    b2:61:98:1e:fa:b4:45:cf:2f:3e:1a:6c:53:5d:2d:
                    80:df:ac:bf:49:e9:17:80:2a:38:0b:37:4c:f3:c5:
                    1a:f7:4a:e2:6c:76:47:d1:46:87:83:ef:c8:b6:67:
                    4a:c1:36:54:74:1b:ab:35:65:47:4b:4c:bc:f8:b1:
                    e5:bd:f9:3f:53:de:4e:ad:77:cc:81:56:5a:63:54:
                    3a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:79:E4:01:AE:EE:7A:F7:22:F4:46:D9:2F:8F:10:60:DB:F4:A6:DB
            X509v3 Authority Key Identifier:
                keyid:68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:9e:91:65:b7:f3:51:c0:70:30:25:33:8c:62:27:a7:0e:b4:
         df:fc:4e:c2:62:fb:98:93:35:e3:38:17:25:11:6c:d7:c3:c2:
         92:42:82:40:3f:c7:0c:3a:57:93:61:e5:80:e6:2d:e8:b9:91:
         94:e1:a4:01:dc:c9:76:e7:b0:1e:3f:03:58:e8:58:ee:4e:c8:
         3f:53:48:de:2f:c3:93:f4:5f:12:3d:af:4b:2e:e5:6f:a0:81:
         69:25:31:dc:fa:5f:56:04:e7:b7:a4:3b:39:35:32:d9:99:c9:
         da:79:01:02:20:5f:30:47:1b:b6:8c:88:3d:84:b7:80:0b:38:
         d7:57:f9:f9:88:c7:75:d6:34:cd:a0:48:96:ac:24:75:31:eb:
         f4:7b:d7:bb:39:20:ce:6b:27:b3:54:d4:98:95:86:15:c6:b2:
         6b:9d:eb:f4:7e:3c:15:2b:1c:3b:12:24:29:3b:6d:aa:c7:4a:
         b5:cc:3f:aa:e4:fc:cb:e2:54:73:31:a7:05:37:8b:bd:0d:63:
         ad:ca:61:05:ff:cb:d3:f8:07:01:3e:d9:c6:ad:e6:81:02:00:
         f2:92:77:cf:5d:70:14:fc:42:6f:64:d1:ef:72:51:ae:68:0e:
         b5:13:ff:6f:1d:a3:33:a4:d8:2c:6b:a2:5f:9d:c6:5f:26:31:
         31:0b:5d:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzPjnJE6vaxyKYsB/dtsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjgwNGU4NWYwODBhNGI5NTE1MjZkZjhiNzIzMDEwMDdi
N2VkZWIwHhcNMjYwMzI1MjEwMTAwWhcNMjYwMzI2MjEwMTAwWjAzMTEwLwYDVQQD
EyhhYzc5ZTQwMWFlZWU3YWY3MjJmNDQ2ZDkyZjhmMTA2MGRiZjRhNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aO/IZ47Kki8BwflGvZSrANp5Ug7
nc9lbwaiYd6rEvXaRWJWrnnUO0VQ4pShSUn5+ht9yEUd36z0KjAmmqSxmEfU7RqN
wLU6DtuV7O4gmt4AOfki5ddI45GDTWRGHWsBRXcGTa/osqhk7NQdCU0S9tjHY24r
G/AZUPmckoRymb7hgp2kPDiO2xBrJXVURQkilULrEPbuIDqC62qNYQArJGpCkFbo
JWbBRQunKTBDvBlf7BayYZge+rRFzy8+GmxTXS2A36y/SekXgCo4CzdM88Ua90ri
bHZH0UaHg+/ItmdKwTZUdBurNWVHS0y8+LHlvfk/U95OrXfMgVZaY1Q65QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKx55AGu7nr3IvRG2S+PEGDb9KbbMB8GA1UdIwQY
MBaAFGj4BOhfCApLlRUm34tyMBAHt+3rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUt
ODlhZjFmMjYyOGU2LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUtODlhZjFmMjYyOGU2
LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPp6RZbfz
UcBwMCUzjGInpw603/xOwmL7mJM14zgXJRFs18PCkkKCQD/HDDpXk2HlgOYt6LmR
lOGkAdzJduewHj8DWOhY7k7IP1NI3i/Dk/RfEj2vSy7lb6CBaSUx3PpfVgTnt6Q7
OTUy2ZnJ2nkBAiBfMEcbtoyIPYS3gAs411f5+YjHddY0zaBIlqwkdTHr9HvXuzkg
zmsns1TUmJWGFcaya53r9H48FSscOxIkKTttqsdKtcw/quT8y+JUczGnBTeLvQ1j
rcphBf/L0/gHAT7Zxq3mgQIA8pJ3z11wFPxCb2TR73JRrmgOtRP/bx2jM6TYLGui
X53GXyYxMQtdYw==
-----END CERTIFICATE-----