Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
File:                     rrlJQmajhxkETYKaSgqPF6QHBOg.mft (raw, json)
Hash identifier:          fzAEv5uT938OCCGtkhmVGEPnSiuYYpV/ecrTS5eM8F8=
Subject key identifier:   2A:64:8D:4F:44:09:B3:6A:E2:8D:77:0A:3C:30:E0:52:CC:A3:1F:3F
Authority key identifier: AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8
Certificate issuer:       /CN=aeb9494266a38719044d829a4a0a8f17a40704e8
Certificate serial:       019D27046CE0666BF0F6ACA00572B032CD69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:01:34 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:34 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:34 +0000
Files and hashes:         1: rrlJQmajhxkETYKaSgqPF6QHBOg.crl (hash: agvImliJKhz/JbGtkTsCFUTIXVXOalYurkQ0/pdnw2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:6c:e0:66:6b:f0:f6:ac:a0:05:72:b0:32:cd:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb9494266a38719044d829a4a0a8f17a40704e8
        Validity
            Not Before: Mar 25 22:01:34 2026 GMT
            Not After : Mar 26 22:01:34 2026 GMT
        Subject: CN=2a648d4f4409b36ae28d770a3c30e052cca31f3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9a:99:9c:7d:98:a9:42:a2:a4:31:92:fd:c7:
                    9e:a7:c3:65:30:45:6c:f7:cb:ff:ad:ef:df:da:58:
                    ae:b6:2b:36:91:f7:95:b3:03:0e:d8:51:92:d7:dd:
                    d6:86:d2:5c:6a:e0:da:28:b4:f7:14:94:67:f1:74:
                    49:86:da:35:86:12:7b:23:7d:b5:06:1c:46:ef:60:
                    d5:63:d5:e8:ba:79:89:e8:6e:17:c1:81:0d:e1:cf:
                    9a:98:7c:e6:bf:0a:51:01:0c:34:ab:ba:b9:97:b3:
                    22:61:86:aa:d6:6c:80:55:95:05:2c:62:e9:d9:99:
                    d0:01:1a:db:5c:50:53:8d:7c:bc:ce:6f:6e:66:13:
                    d1:27:48:bf:08:8a:68:63:b5:23:14:bd:5c:7a:be:
                    0a:d6:39:ce:cc:82:ea:20:4a:1f:ef:39:92:2f:bf:
                    b7:17:9d:d2:89:9d:d5:b0:3b:f8:6e:4f:54:6e:79:
                    ab:d5:ab:07:b1:55:6b:bf:93:14:da:ba:f2:34:cc:
                    f7:c5:b5:a1:e6:39:e9:b8:db:5f:c9:d2:e1:dc:a7:
                    50:d9:35:6b:1e:2e:1b:5f:9b:62:ba:c4:70:ef:d0:
                    e9:04:c5:ed:18:9b:e9:fe:95:6f:5b:e2:9e:b3:5d:
                    de:f6:ff:90:fb:43:f3:f9:56:14:45:fb:df:35:bc:
                    1d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:64:8D:4F:44:09:B3:6A:E2:8D:77:0A:3C:30:E0:52:CC:A3:1F:3F
            X509v3 Authority Key Identifier:
                keyid:AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:3b:ec:b3:4b:58:66:e7:c2:a4:0d:1b:19:91:84:61:58:2a:
         e9:9a:81:db:cd:7f:c7:6a:1a:16:25:bf:73:10:c3:bc:6a:c1:
         0a:64:50:7e:20:09:69:c7:1d:a5:f1:3a:b0:cd:4c:0e:13:2d:
         d8:83:70:b5:46:79:1f:f4:d9:98:65:17:44:3b:20:38:92:2a:
         96:18:bd:9c:3c:45:4c:4e:0c:81:56:1e:ef:d4:0e:8a:cb:1f:
         00:e8:e7:21:10:19:fa:dd:aa:ac:2f:37:bf:f6:2d:f2:58:6b:
         3b:80:20:1e:b7:f6:ee:86:16:87:6a:ac:6b:4a:7a:4f:c3:1c:
         2d:de:42:c6:bb:32:7d:c1:09:b6:20:b3:7c:b7:f1:2e:32:85:
         ed:e4:72:ca:7e:a1:f0:aa:ba:0e:2b:e4:1f:92:02:bb:e7:94:
         6b:df:3b:5f:69:5f:c5:90:09:c8:76:0a:eb:7e:a8:76:f1:a5:
         83:5d:2f:c6:b7:ba:89:48:34:5d:69:83:83:70:e9:ff:ac:07:
         f2:01:2e:ba:88:cd:15:7e:4f:dd:f2:2c:fe:10:5a:af:82:67:
         0e:88:6c:94:30:75:c6:fc:a3:b3:43:4e:a8:a0:c6:42:93:29:
         35:d7:ed:bc:6b:7f:3b:8c:06:bb:ea:d1:37:46:c5:29:e4:9e:
         46:21:11:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBGzgZmvw9qygBXKwMs1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjk0OTQyNjZhMzg3MTkwNDRkODI5YTRhMGE4ZjE3YTQw
NzA0ZTgwHhcNMjYwMzI1MjIwMTM0WhcNMjYwMzI2MjIwMTM0WjAzMTEwLwYDVQQD
EygyYTY0OGQ0ZjQ0MDliMzZhZTI4ZDc3MGEzYzMwZTA1MmNjYTMxZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpqZnH2YqUKipDGS/ceep8NlMEVs
98v/re/f2liutis2kfeVswMO2FGS193WhtJcauDaKLT3FJRn8XRJhto1hhJ7I321
BhxG72DVY9XounmJ6G4XwYEN4c+amHzmvwpRAQw0q7q5l7MiYYaq1myAVZUFLGLp
2ZnQARrbXFBTjXy8zm9uZhPRJ0i/CIpoY7UjFL1cer4K1jnOzILqIEof7zmSL7+3
F53SiZ3VsDv4bk9Ubnmr1asHsVVrv5MU2rryNMz3xbWh5jnpuNtfydLh3KdQ2TVr
Hi4bX5tiusRw79DpBMXtGJvp/pVvW+Kes13e9v+Q+0Pz+VYURfvfNbwdUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpkjU9ECbNq4o13Cjww4FLMox8/MB8GA1UdIwQY
MBaAFK65SUJmo4cZBE2CmkoKjxekBwToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUt
MmE3YjU4YmRmOTQ1LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUtMmE3YjU4YmRmOTQ1
LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYjvss0tY
ZufCpA0bGZGEYVgq6ZqB281/x2oaFiW/cxDDvGrBCmRQfiAJaccdpfE6sM1MDhMt
2INwtUZ5H/TZmGUXRDsgOJIqlhi9nDxFTE4MgVYe79QOissfAOjnIRAZ+t2qrC83
v/Yt8lhrO4AgHrf27oYWh2qsa0p6T8McLd5CxrsyfcEJtiCzfLfxLjKF7eRyyn6h
8Kq6DivkH5ICu+eUa987X2lfxZAJyHYK636odvGlg10vxre6iUg0XWmDg3Dp/6wH
8gEuuojNFX5P3fIs/hBar4JnDohslDB1xvyjs0NOqKDGQpMpNdftvGt/O4wGu+rR
N0bFKeSeRiERtw==
-----END CERTIFICATE-----