Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          Gm0fSQ76UuddhGznSKioOWlkbeoz23qY/sV8x0jz1ko=
Subject key identifier:   23:34:9C:6F:BC:3D:69:58:E5:BC:B4:AF:55:49:A3:EE:6B:1D:62:FF
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       019D284E0C87678ED0E47E03816407976EFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          144A
Signing time:             Thu 26 Mar 2026 04:01:36 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:36 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:36 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: 5RjYb7ytR4kUhXlBgfz35ZRb9vNueUhq55MDjSTPkbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:0c:87:67:8e:d0:e4:7e:03:81:64:07:97:6e:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Mar 26 04:01:36 2026 GMT
            Not After : Mar 27 04:01:36 2026 GMT
        Subject: CN=23349c6fbc3d6958e5bcb4af5549a3ee6b1d62ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b9:56:85:4f:ae:0b:cc:ce:86:87:8d:1c:e0:
                    60:48:2b:19:b8:1e:9a:77:f8:84:40:8d:37:6a:c9:
                    95:e0:d8:0d:e7:0a:dc:3d:8b:5e:8a:76:62:b9:29:
                    f2:da:be:a1:2a:8b:5e:a1:da:ed:bc:11:f5:18:ee:
                    84:ea:c8:23:0a:12:1e:ef:ab:91:00:ea:15:91:1b:
                    e4:ba:76:2f:fb:b0:6e:e5:24:c1:b7:e8:8b:d1:fa:
                    d3:61:24:d4:c5:c4:f5:29:36:e8:d9:75:2e:ba:97:
                    82:d7:e1:96:a1:92:97:ce:97:ab:23:9a:93:28:c5:
                    b9:b2:52:ec:12:1f:6f:bc:3f:27:f3:83:6e:b0:a1:
                    4a:46:60:64:69:7c:3f:3d:3e:65:1c:6e:c2:b6:f8:
                    25:0e:d4:f3:30:24:64:ec:6b:03:40:67:d2:d6:cd:
                    44:21:44:87:c3:c6:c0:20:0f:1b:d7:e5:7a:5b:16:
                    b2:ab:1a:a8:7e:ad:31:5d:73:2b:d7:d7:a2:9d:d8:
                    af:fb:cc:3a:a2:ae:7a:7d:13:aa:28:6b:23:60:61:
                    d0:8e:fe:de:9d:02:5a:d8:68:f6:63:57:6d:c0:d0:
                    5d:76:f7:cf:11:6f:9c:1e:d8:b6:f9:46:d4:bb:bb:
                    e9:a5:bf:86:7b:ba:2e:e3:c6:8b:ef:f7:55:90:99:
                    12:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:34:9C:6F:BC:3D:69:58:E5:BC:B4:AF:55:49:A3:EE:6B:1D:62:FF
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:15:a5:f3:3d:93:a0:b4:17:4f:2f:43:1f:89:ea:9b:fc:d1:
         af:3a:fe:41:e3:74:03:7b:7f:fd:cd:52:b1:7e:02:5d:14:17:
         68:a4:df:80:e6:c1:f7:f6:08:88:6c:bc:da:0d:db:f8:52:c0:
         47:16:68:c8:53:eb:97:14:7e:3a:20:76:4c:fe:11:2a:c6:5e:
         33:30:7c:6b:68:b2:0d:15:80:3d:d0:c8:9c:71:d9:3b:5a:36:
         45:04:28:c7:c4:1b:87:5d:66:26:c8:10:6a:c9:62:f1:af:c0:
         2e:99:9c:0a:86:cd:79:0f:d5:80:65:88:63:0b:9d:de:95:05:
         c7:85:b5:cd:00:64:a0:40:b3:c8:28:5a:99:86:4d:54:c8:ed:
         47:06:53:7d:14:2f:ff:95:97:97:d6:ca:61:1c:2e:8b:49:fb:
         6c:15:d7:32:de:ef:2c:bb:c7:a6:dc:dc:61:27:5a:6f:bc:f1:
         b6:41:78:38:06:a3:c9:f1:a0:5b:6c:ea:f1:58:a3:3b:e7:48:
         e0:59:0f:e5:5f:ee:b1:d8:7d:57:72:ea:19:0d:92:d7:0f:38:
         d3:bd:15:2a:e9:8c:0a:56:44:7a:a4:ff:69:c3:7b:17:02:fa:
         ab:6d:69:ac:7f:0d:cf:b6:da:61:76:75:51:67:17:32:20:54:
         fa:62:e0:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTgyHZ47Q5H4DgWQHl278MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjYwMzI2MDQwMTM2WhcNMjYwMzI3MDQwMTM2WjAzMTEwLwYDVQQD
EygyMzM0OWM2ZmJjM2Q2OTU4ZTViY2I0YWY1NTQ5YTNlZTZiMWQ2MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LlWhU+uC8zOhoeNHOBgSCsZuB6a
d/iEQI03asmV4NgN5wrcPYteinZiuSny2r6hKoteodrtvBH1GO6E6sgjChIe76uR
AOoVkRvkunYv+7Bu5STBt+iL0frTYSTUxcT1KTbo2XUuupeC1+GWoZKXzperI5qT
KMW5slLsEh9vvD8n84NusKFKRmBkaXw/PT5lHG7CtvglDtTzMCRk7GsDQGfS1s1E
IUSHw8bAIA8b1+V6Wxayqxqofq0xXXMr19eindiv+8w6oq56fROqKGsjYGHQjv7e
nQJa2Gj2Y1dtwNBddvfPEW+cHti2+UbUu7vppb+Ge7ou48aL7/dVkJkS3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCM0nG+8PWlY5by0r1VJo+5rHWL/MB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhWl8z2T
oLQXTy9DH4nqm/zRrzr+QeN0A3t//c1SsX4CXRQXaKTfgObB9/YIiGy82g3b+FLA
RxZoyFPrlxR+OiB2TP4RKsZeMzB8a2iyDRWAPdDInHHZO1o2RQQox8Qbh11mJsgQ
asli8a/ALpmcCobNeQ/VgGWIYwud3pUFx4W1zQBkoECzyChamYZNVMjtRwZTfRQv
/5WXl9bKYRwui0n7bBXXMt7vLLvHptzcYSdab7zxtkF4OAajyfGgW2zq8VijO+dI
4FkP5V/usdh9V3LqGQ2S1w84070VKumMClZEeqT/acN7FwL6q21prH8Nz7baYXZ1
UWcXMiBU+mLglQ==
-----END CERTIFICATE-----