Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
File:                     AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft (raw, json)
Hash identifier:          4tiuovwkE5DnpRuMCzOWfmooveVd0PiPTPFbPAzjLJE=
Subject key identifier:   D4:11:D6:F5:A3:11:11:62:B0:98:16:9E:BC:DB:6E:0E:9D:A3:A7:54
Authority key identifier: 00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
Certificate issuer:       /CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Certificate serial:       019D2816EDAC7194393FDAFBC7499EAD8DEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
Manifest number:          1149
Signing time:             Thu 26 Mar 2026 03:01:24 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:24 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:24 +0000
Files and hashes:         1: AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl (hash: 5wBrABylTa700wFIN8icqbBuPdPECgZ9Frv+UntSpdU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 03:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:ed:ac:71:94:39:3f:da:fb:c7:49:9e:ad:8d:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0008589496bf86d2d0f8874b76cac843025bcd3b
        Validity
            Not Before: Mar 26 03:01:24 2026 GMT
            Not After : Mar 27 03:01:24 2026 GMT
        Subject: CN=d411d6f5a3111162b098169ebcdb6e0e9da3a754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:85:f7:3f:ba:b9:63:4c:d7:29:63:0b:65:b7:
                    31:8f:1c:96:cb:35:ce:1b:dd:1e:9c:c5:2e:55:65:
                    8d:95:7a:a2:95:bd:f6:a4:49:72:1b:84:52:ca:a7:
                    29:59:9a:44:95:d9:65:a4:0b:bb:eb:5d:94:fe:a4:
                    0e:90:3b:8f:8c:81:7d:9b:01:d3:19:c4:58:e7:f7:
                    a9:88:3c:5e:a8:aa:38:b6:81:f7:b3:21:97:26:6d:
                    cc:84:30:42:2e:25:5b:b1:91:45:02:d1:18:91:6d:
                    e4:dc:14:67:b9:48:89:bc:93:51:cc:19:5f:59:df:
                    1b:a9:25:20:8c:0a:2d:24:42:0b:5a:27:5a:a2:6c:
                    02:84:48:b8:85:80:5d:8e:ec:2e:54:66:b9:34:04:
                    23:d9:01:9a:93:2b:6d:62:38:e3:e5:0b:1f:14:8e:
                    eb:21:6c:ed:3f:75:87:65:86:47:74:e8:f9:bc:d6:
                    68:4e:4c:f7:d0:05:b7:b0:5d:bf:a4:02:ca:39:87:
                    34:7d:71:02:8e:ac:f6:c0:c2:fa:5b:b5:77:9b:c7:
                    b2:fd:63:aa:50:c8:3e:cd:e2:50:4c:d2:fa:3a:99:
                    c4:91:43:bd:f4:82:0d:1d:79:74:df:d0:d5:01:47:
                    19:db:fd:54:31:85:e8:0b:5f:51:91:08:2c:85:a1:
                    d5:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:11:D6:F5:A3:11:11:62:B0:98:16:9E:BC:DB:6E:0E:9D:A3:A7:54
            X509v3 Authority Key Identifier:
                keyid:00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:75:6d:b2:a2:70:25:76:a9:67:02:d4:6e:21:31:b9:a5:c4:
         0c:8b:f6:e7:14:a3:19:73:e6:6f:93:1c:87:70:b1:dc:6c:2b:
         84:dc:66:24:09:09:de:23:fe:4c:4c:49:38:a5:e0:5e:b4:2e:
         72:df:04:6e:0f:3e:2a:71:5c:ef:11:a1:c9:83:c5:05:b4:6c:
         26:17:1c:d0:57:c6:e2:16:d1:da:5f:3c:ef:78:4e:72:7a:1c:
         f5:70:15:57:04:84:b7:18:b1:f1:f5:38:db:89:28:3a:12:b3:
         39:c2:7d:df:74:fa:82:55:ac:87:f7:c2:42:71:bb:fe:8a:14:
         73:ac:f8:57:c8:ed:78:58:9b:dd:72:46:ce:eb:3d:e9:f2:7c:
         24:45:ce:80:b1:3e:dd:cc:71:1a:f4:2b:a7:cc:8f:fc:ca:4d:
         0c:b5:3f:8a:c2:67:eb:b8:c8:ef:61:9c:7f:05:ca:13:7b:25:
         0d:30:cb:fa:65:6e:be:00:bf:9c:b1:f0:fb:60:50:c9:e9:4a:
         a0:93:6e:f4:8a:c5:97:e5:3a:9c:cb:3a:f3:57:0e:1d:e5:62:
         b3:76:80:0c:9b:da:6b:e3:e7:a5:78:22:9a:ba:54:ae:74:70:
         76:b0:9f:2f:54:8d:af:2b:07:1d:dd:ea:d9:2b:ec:6c:ce:12:
         93:59:9c:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFu2scZQ5P9r7x0merY3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMDg1ODk0OTZiZjg2ZDJkMGY4ODc0Yjc2Y2FjODQzMDI1
YmNkM2IwHhcNMjYwMzI2MDMwMTI0WhcNMjYwMzI3MDMwMTI0WjAzMTEwLwYDVQQD
EyhkNDExZDZmNWEzMTExMTYyYjA5ODE2OWViY2RiNmUwZTlkYTNhNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoX3P7q5Y0zXKWMLZbcxjxyWyzXO
G90enMUuVWWNlXqilb32pElyG4RSyqcpWZpEldllpAu7612U/qQOkDuPjIF9mwHT
GcRY5/epiDxeqKo4toH3syGXJm3MhDBCLiVbsZFFAtEYkW3k3BRnuUiJvJNRzBlf
Wd8bqSUgjAotJEILWidaomwChEi4hYBdjuwuVGa5NAQj2QGakyttYjjj5QsfFI7r
IWztP3WHZYZHdOj5vNZoTkz30AW3sF2/pALKOYc0fXECjqz2wML6W7V3m8ey/WOq
UMg+zeJQTNL6OpnEkUO99IINHXl039DVAUcZ2/1UMYXoC19RkQgshaHV9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQR1vWjERFisJgWnrzbbg6do6dUMB8GA1UdIwQY
MBaAFAAIWJSWv4bS0PiHS3bKyEMCW807MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEt
NmJlMmY0ZDI0Yzk2LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEtNmJlMmY0ZDI0Yzk2
LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXHVtsqJw
JXapZwLUbiExuaXEDIv25xSjGXPmb5Mch3Cx3GwrhNxmJAkJ3iP+TExJOKXgXrQu
ct8Ebg8+KnFc7xGhyYPFBbRsJhcc0FfG4hbR2l8873hOcnoc9XAVVwSEtxix8fU4
24koOhKzOcJ933T6glWsh/fCQnG7/ooUc6z4V8jteFib3XJGzus96fJ8JEXOgLE+
3cxxGvQrp8yP/MpNDLU/isJn67jI72GcfwXKE3slDTDL+mVuvgC/nLHw+2BQyelK
oJNu9IrFl+U6nMs681cOHeVis3aADJvaa+PnpXgimrpUrnRwdrCfL1SNrysHHd3q
2SvsbM4Sk1mcPg==
-----END CERTIFICATE-----