Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          LEnU9ncrl0mroWs4OFTw4Brph9o/RU66/ZmN7WHMtDo=
Subject key identifier:   E2:3C:77:21:26:A5:8D:43:D5:A1:B4:EE:32:8B:C9:6B:BF:0D:F5:CA
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019E1E350D2022994D4B95C0462ADB767583
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          113C
Signing time:             Tue 12 May 2026 22:00:53 +0000
Manifest this update:     Tue 12 May 2026 22:00:53 +0000
Manifest next update:     Wed 13 May 2026 22:00:53 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: e3DHLV/iSghNgD1fPg21qERo73se+tEgAT1Agnv4z7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:0d:20:22:99:4d:4b:95:c0:46:2a:db:76:75:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: May 12 22:00:53 2026 GMT
            Not After : May 13 22:00:53 2026 GMT
        Subject: CN=e23c772126a58d43d5a1b4ee328bc96bbf0df5ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a5:a2:d6:3c:5e:49:fd:1e:ed:05:c7:8b:90:
                    64:5c:e8:87:d1:a9:56:b3:da:b6:8c:10:11:6a:73:
                    b6:c7:b8:a4:6b:85:8b:7c:f2:c4:e5:17:40:f7:7d:
                    50:5f:e5:e6:ba:88:f1:8e:3d:d9:0e:9e:b6:a2:10:
                    18:0e:11:f6:f7:a0:31:7b:96:a3:70:a8:94:05:22:
                    62:fd:72:8a:3c:7b:76:fb:a2:9d:93:f7:55:0b:a7:
                    0a:4f:5f:2d:30:22:d2:28:10:ef:96:09:71:80:ef:
                    5e:36:fc:b0:7e:e9:04:09:8a:3e:6d:0a:6c:bf:b3:
                    0c:ab:8a:07:c3:86:f7:77:f4:33:45:11:3c:87:dc:
                    8d:6a:99:be:36:86:9c:b9:33:41:a7:c0:b2:0d:83:
                    b0:41:bf:1f:99:17:fa:bf:9f:df:30:65:ca:27:23:
                    bd:be:57:41:67:9f:75:ba:da:d5:31:86:03:c9:c4:
                    b9:cd:d4:f0:a3:c0:02:3e:19:3b:73:a5:ad:98:bd:
                    5a:6e:74:d4:a4:49:1f:66:ed:36:37:37:3b:73:e1:
                    78:be:9c:9e:09:a4:20:38:1d:b8:c7:29:00:5b:3e:
                    55:1a:2d:be:8e:6b:df:6a:4c:6f:17:e1:10:8b:d0:
                    b0:5b:08:ff:dc:86:2b:45:9c:0c:71:6c:e6:97:ff:
                    69:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:3C:77:21:26:A5:8D:43:D5:A1:B4:EE:32:8B:C9:6B:BF:0D:F5:CA
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:5c:53:8a:f5:7b:c6:8d:fd:91:fe:6d:d3:3d:ea:4c:0f:5e:
         36:3c:d7:9b:a6:61:b1:73:fa:63:8a:56:86:08:b7:3d:f3:1a:
         cf:26:12:e4:a1:a5:d2:13:0a:cd:18:c3:a3:2a:76:0b:91:38:
         bc:f4:90:d6:9e:64:2a:30:c7:6e:cd:34:f9:70:a4:ee:1f:30:
         dc:3d:d7:02:5c:cc:86:cd:d8:32:b9:6a:1b:f8:06:1c:57:5f:
         9d:4c:25:94:a3:47:dc:bc:2d:a5:8e:b9:fa:cf:36:4d:ea:2b:
         37:f0:78:63:f9:4d:10:8e:65:dd:d4:d6:10:76:66:36:cd:94:
         23:2e:a6:94:b2:18:d0:4e:e7:93:ea:6e:4b:3a:c3:0c:da:43:
         81:a2:a4:39:6f:6f:39:ac:3e:c3:a4:ae:df:f8:47:ca:69:52:
         30:73:69:72:c0:7c:16:3a:aa:a0:3b:b4:5c:1b:2b:78:45:50:
         97:33:03:a1:7e:b0:fa:92:13:07:e8:2f:45:92:93:31:5e:af:
         d3:5c:82:20:1b:4c:5e:6e:4b:c2:1c:1c:cf:34:2d:13:ce:e5:
         21:be:ef:17:f2:d9:88:9a:f2:27:f0:3e:f1:3d:6c:46:c5:43:
         ef:7c:91:bc:3c:1c:2e:f9:ef:1f:c5:c1:ba:f0:c8:f1:d6:98:
         0d:ed:bf:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNQ0gIplNS5XARirbdnWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjYwNTEyMjIwMDUzWhcNMjYwNTEzMjIwMDUzWjAzMTEwLwYDVQQD
EyhlMjNjNzcyMTI2YTU4ZDQzZDVhMWI0ZWUzMjhiYzk2YmJmMGRmNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaWi1jxeSf0e7QXHi5BkXOiH0alW
s9q2jBARanO2x7ika4WLfPLE5RdA931QX+Xmuojxjj3ZDp62ohAYDhH296Axe5aj
cKiUBSJi/XKKPHt2+6Kdk/dVC6cKT18tMCLSKBDvlglxgO9eNvywfukECYo+bQps
v7MMq4oHw4b3d/QzRRE8h9yNapm+NoacuTNBp8CyDYOwQb8fmRf6v5/fMGXKJyO9
vldBZ591utrVMYYDycS5zdTwo8ACPhk7c6WtmL1abnTUpEkfZu02Nzc7c+F4vpye
CaQgOB24xykAWz5VGi2+jmvfakxvF+EQi9CwWwj/3IYrRZwMcWzml/9pNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI8dyEmpY1D1aG07jKLyWu/DfXKMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAelxTivV7
xo39kf5t0z3qTA9eNjzXm6ZhsXP6Y4pWhgi3PfMazyYS5KGl0hMKzRjDoyp2C5E4
vPSQ1p5kKjDHbs00+XCk7h8w3D3XAlzMhs3YMrlqG/gGHFdfnUwllKNH3LwtpY65
+s82TeorN/B4Y/lNEI5l3dTWEHZmNs2UIy6mlLIY0E7nk+puSzrDDNpDgaKkOW9v
Oaw+w6Su3/hHymlSMHNpcsB8FjqqoDu0XBsreEVQlzMDoX6w+pITB+gvRZKTMV6v
01yCIBtMXm5LwhwczzQtE87lIb7vF/LZiJryJ/A+8T1sRsVD73yRvDwcLvnvH8XB
uvDI8daYDe2/iQ==
-----END CERTIFICATE-----