Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft
File:                     a2NBovdF2amQDhaaHlGypxruOyQ.mft (raw, json)
Hash identifier:          jN/MnrHEAI6W28BDvQZ1gxym6950NfDvm503YLThQlY=
Subject key identifier:   A8:FE:38:95:65:05:A0:90:68:80:21:77:B5:0B:A9:75:94:79:6C:E8
Authority key identifier: 6B:63:41:A2:F7:45:D9:A9:90:0E:16:9A:1E:51:B2:A7:1A:EE:3B:24
Certificate issuer:       /CN=6b6341a2f745d9a9900e169a1e51b2a71aee3b24
Certificate serial:       019D27A8C9F7D3B58BE427498215A3A1C81E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2NBovdF2amQDhaaHlGypxruOyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft
Manifest number:          0142
Signing time:             Thu 26 Mar 2026 01:01:06 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:06 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:06 +0000
Files and hashes:         1: a2NBovdF2amQDhaaHlGypxruOyQ.crl (hash: XiVaDFuMe0FW9gZ8Sv4475BlCLKSQ4g/shuchEnkV8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2NBovdF2amQDhaaHlGypxruOyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:c9:f7:d3:b5:8b:e4:27:49:82:15:a3:a1:c8:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6341a2f745d9a9900e169a1e51b2a71aee3b24
        Validity
            Not Before: Mar 26 01:01:06 2026 GMT
            Not After : Mar 27 01:01:06 2026 GMT
        Subject: CN=a8fe38956505a09068802177b50ba97594796ce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:12:e2:a9:2c:33:2c:36:e0:0a:ee:3d:77:a8:
                    db:ff:a4:8f:f0:f0:64:f9:f9:db:a1:1b:7d:d7:7e:
                    94:3b:49:6c:4e:9f:92:45:fe:f6:db:00:1b:6c:63:
                    ad:a5:63:62:2d:72:c6:a2:b9:c6:75:c4:bc:3d:fe:
                    b6:4d:e6:7f:dc:70:6d:76:9a:78:ca:c8:0b:91:f7:
                    e7:d0:44:cc:a9:25:8f:ef:d9:3f:c0:06:cb:b6:f2:
                    f4:9b:4b:97:08:17:ae:00:a1:1b:f0:c9:6e:2b:f0:
                    c5:22:7f:57:08:f3:0b:1f:6c:5c:40:e8:d2:b5:d0:
                    52:01:7f:a0:a9:6d:3e:75:cf:fb:15:5e:64:57:5a:
                    09:37:47:c2:e9:37:20:44:b2:db:2c:0c:35:08:8c:
                    78:16:23:67:10:12:03:16:eb:32:fc:97:b3:e7:33:
                    41:a1:a5:d4:e5:e3:30:01:d0:7b:34:b0:d5:a8:a6:
                    94:f7:ba:a0:04:ca:dd:c7:03:01:e2:66:23:b3:8f:
                    14:74:b7:93:d3:ff:e8:1f:3e:d9:06:c2:89:39:7c:
                    c7:36:2b:bd:88:af:a4:d8:84:ef:ef:7b:ad:9d:d9:
                    4a:55:34:24:f4:9b:65:19:29:da:a9:38:2c:4b:5a:
                    67:1f:a4:96:f8:e2:de:5c:c2:d8:6a:4e:3d:13:39:
                    bb:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:FE:38:95:65:05:A0:90:68:80:21:77:B5:0B:A9:75:94:79:6C:E8
            X509v3 Authority Key Identifier:
                keyid:6B:63:41:A2:F7:45:D9:A9:90:0E:16:9A:1E:51:B2:A7:1A:EE:3B:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2NBovdF2amQDhaaHlGypxruOyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:c2:f5:40:55:a7:57:b3:37:f5:6d:0b:11:5e:ca:ec:1d:9c:
         28:61:80:c6:49:ea:d9:ca:87:52:3e:4f:71:10:f6:89:9d:df:
         49:2c:b9:7b:2a:94:b8:a6:36:83:34:02:d3:f8:b4:9f:c8:f4:
         ac:2a:6a:e7:99:7b:f3:0b:8c:59:d7:0d:0c:95:b3:14:f1:96:
         3c:6e:f7:aa:00:06:cb:db:d9:a2:58:7c:74:8f:ce:eb:81:72:
         17:bd:89:24:a6:0d:c5:f1:4e:f6:ff:11:19:dd:e7:78:04:ef:
         84:b0:a2:96:63:9d:b9:0e:fb:74:5a:16:c0:ae:d8:40:01:25:
         b4:ab:30:87:9f:2d:35:58:c9:39:8e:65:2a:29:9c:35:65:3a:
         5e:ac:ac:d9:2f:b8:62:be:91:c4:e7:8e:0e:b9:38:d4:82:07:
         f4:93:60:21:c8:50:c7:00:7e:ea:0b:e3:15:bb:d1:2f:fc:9f:
         1d:94:d4:33:4a:42:b3:62:ed:d3:38:66:ae:78:39:04:2d:30:
         72:cd:5f:88:dd:96:0c:7f:75:c3:00:f5:ad:33:27:b3:4b:80:
         7c:87:25:04:ce:61:a5:00:19:e8:a9:0e:6d:f6:c7:2f:4a:e6:
         1e:e1:55:ae:cd:b3:ab:bb:df:f5:16:5b:e8:81:37:f4:c5:ef:
         36:d4:fb:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqMn307WL5CdJghWjocgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNjM0MWEyZjc0NWQ5YTk5MDBlMTY5YTFlNTFiMmE3MWFl
ZTNiMjQwHhcNMjYwMzI2MDEwMTA2WhcNMjYwMzI3MDEwMTA2WjAzMTEwLwYDVQQD
EyhhOGZlMzg5NTY1MDVhMDkwNjg4MDIxNzdiNTBiYTk3NTk0Nzk2Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRLiqSwzLDbgCu49d6jb/6SP8PBk
+fnboRt9136UO0lsTp+SRf722wAbbGOtpWNiLXLGornGdcS8Pf62TeZ/3HBtdpp4
ysgLkffn0ETMqSWP79k/wAbLtvL0m0uXCBeuAKEb8MluK/DFIn9XCPMLH2xcQOjS
tdBSAX+gqW0+dc/7FV5kV1oJN0fC6TcgRLLbLAw1CIx4FiNnEBIDFusy/Jez5zNB
oaXU5eMwAdB7NLDVqKaU97qgBMrdxwMB4mYjs48UdLeT0//oHz7ZBsKJOXzHNiu9
iK+k2ITv73utndlKVTQk9JtlGSnaqTgsS1pnH6SW+OLeXMLYak49Ezm7+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKj+OJVlBaCQaIAhd7ULqXWUeWzoMB8GA1UdIwQY
MBaAFGtjQaL3RdmpkA4Wmh5Rsqca7jskMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJOQm92ZEYyYW1RRGhhYUhsR3lweHJ1T3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82NTViY2EtNTU1MC00YzdhLTlmMTYt
ZDc4YjNlMWNhYmIxLzEvYTJOQm92ZEYyYW1RRGhhYUhsR3lweHJ1T3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82NTViY2EtNTU1MC00YzdhLTlmMTYtZDc4YjNlMWNhYmIx
LzEvYTJOQm92ZEYyYW1RRGhhYUhsR3lweHJ1T3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACcL1QFWn
V7M39W0LEV7K7B2cKGGAxknq2cqHUj5PcRD2iZ3fSSy5eyqUuKY2gzQC0/i0n8j0
rCpq55l78wuMWdcNDJWzFPGWPG73qgAGy9vZolh8dI/O64FyF72JJKYNxfFO9v8R
Gd3neATvhLCilmOduQ77dFoWwK7YQAEltKswh58tNVjJOY5lKimcNWU6Xqys2S+4
Yr6RxOeODrk41IIH9JNgIchQxwB+6gvjFbvRL/yfHZTUM0pCs2Lt0zhmrng5BC0w
cs1fiN2WDH91wwD1rTMns0uAfIclBM5hpQAZ6KkObfbHL0rmHuFVrs2zq7vf9RZb
6IE39MXvNtT7xw==
-----END CERTIFICATE-----