Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/62d5a8-6669-403f-b00f-7aca98638958/1/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.mft
File:                     Aj0FQiEIUMvGY5Y4z3__vPuvHlc.mft (raw, json)
Hash identifier:          8285JSaq/R8E7aI8QFoycj9S4033FkB+3vSv0PHK+Mc=
Subject key identifier:   29:45:A4:3E:CE:C7:1D:13:02:15:C9:5C:61:70:6D:CC:9D:29:B3:03
Authority key identifier: 02:3D:05:42:21:08:50:CB:C6:63:96:38:CF:7F:FF:BC:FB:AF:1E:57
Certificate issuer:       /CN=023d0542210850cbc6639638cf7fffbcfbaf1e57
Certificate serial:       019D329AE6760BAC60C82496A9BA1030878A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/62d5a8-6669-403f-b00f-7aca98638958/1/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.mft
Manifest number:          7F
Signing time:             Sat 28 Mar 2026 04:01:45 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:45 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:45 +0000
Files and hashes:         1: Aj0FQiEIUMvGY5Y4z3__vPuvHlc.crl (hash: 6unG/G8v0OeGzupnUrp/W3y/BsiFXAdnuU1ZPgDJ78Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/62d5a8-6669-403f-b00f-7aca98638958/1/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/62d5a8-6669-403f-b00f-7aca98638958/1/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:e6:76:0b:ac:60:c8:24:96:a9:ba:10:30:87:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=023d0542210850cbc6639638cf7fffbcfbaf1e57
        Validity
            Not Before: Mar 28 04:01:45 2026 GMT
            Not After : Mar 29 04:01:45 2026 GMT
        Subject: CN=2945a43ecec71d130215c95c61706dcc9d29b303
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:5d:2c:79:3f:40:9e:b7:63:54:12:ac:30:05:
                    1a:a7:cf:4d:3e:8a:93:dd:e2:b4:a6:30:3a:3c:aa:
                    d4:c5:ef:da:0b:e8:33:0a:98:db:37:f6:83:c6:e1:
                    e4:ae:c3:df:fe:e5:d1:b9:79:a6:5f:5a:25:70:e3:
                    03:06:28:7d:a5:33:52:f6:6b:5b:37:7b:d4:af:df:
                    e8:90:8a:b0:27:50:05:73:78:b5:5f:22:ed:85:05:
                    5c:e8:34:50:c0:d3:c1:3b:4f:8c:2d:46:cc:68:91:
                    27:12:bb:6c:a1:2d:41:87:9b:8f:bc:6d:93:1a:38:
                    de:ef:c1:be:fa:2c:59:ad:df:0d:c7:79:81:21:22:
                    36:88:cd:54:7d:1a:a1:31:e3:85:0d:4b:b6:be:d4:
                    ee:6a:9a:91:66:91:58:f0:e7:17:26:43:ef:9e:dd:
                    d3:c2:67:dd:5e:cc:bb:7b:f6:37:47:d8:cb:13:b9:
                    99:a6:98:25:0f:8b:29:09:de:3a:c2:e1:bd:b7:1b:
                    11:f8:33:7d:30:5c:81:c2:c7:27:46:e5:53:3d:24:
                    69:ba:7f:77:b6:a7:d6:32:ee:77:db:0d:af:88:a6:
                    66:a7:7d:1b:a7:dc:bf:7c:b7:9b:50:52:e0:79:f7:
                    6a:ed:3d:61:a3:94:29:9e:d6:ef:06:00:98:85:28:
                    80:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:45:A4:3E:CE:C7:1D:13:02:15:C9:5C:61:70:6D:CC:9D:29:B3:03
            X509v3 Authority Key Identifier:
                keyid:02:3D:05:42:21:08:50:CB:C6:63:96:38:CF:7F:FF:BC:FB:AF:1E:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/62d5a8-6669-403f-b00f-7aca98638958/1/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/62d5a8-6669-403f-b00f-7aca98638958/1/Aj0FQiEIUMvGY5Y4z3__vPuvHlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:2b:6e:48:65:4a:04:9b:c1:da:ca:80:f8:70:40:4a:03:ea:
         cc:a3:a6:8b:9c:13:a3:07:dc:7f:a3:61:7d:a6:69:66:fb:0d:
         5e:45:ce:48:60:64:24:2a:8f:61:cf:44:b7:21:6f:de:d0:36:
         79:51:bd:37:63:a5:6b:83:a7:3a:e2:5b:c1:28:34:76:92:0a:
         09:f6:cd:c2:2c:54:5b:97:cf:5b:dd:e4:4c:b1:11:6d:33:0a:
         ee:95:c6:4b:68:46:14:a7:73:71:6b:68:22:e3:fa:f1:9f:d3:
         84:02:cc:54:19:bc:34:41:1a:7d:e0:94:47:84:9a:cc:bc:2e:
         6b:51:dd:c1:e6:63:73:f5:cc:c6:ee:2c:c4:ff:1d:c2:e0:ef:
         d4:b3:c8:17:76:c3:58:57:ce:37:bb:a3:75:85:7b:92:9e:5a:
         8d:80:c8:33:bd:81:17:17:97:9a:45:49:38:7a:85:4f:16:61:
         4d:c2:4d:e0:92:7a:78:74:25:ad:b8:0b:73:be:78:99:66:49:
         13:90:6b:98:0a:d4:ed:37:a6:16:d2:22:3e:6f:1c:3e:6e:48:
         aa:2b:84:ee:09:cf:a8:fb:58:be:83:a5:02:69:7d:15:49:f6:
         48:47:b4:ae:cc:51:76:1e:b7:a1:8b:b7:7d:c2:b4:be:4b:8e:
         dc:70:05:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymuZ2C6xgyCSWqboQMIeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyM2QwNTQyMjEwODUwY2JjNjYzOTYzOGNmN2ZmZmJjZmJh
ZjFlNTcwHhcNMjYwMzI4MDQwMTQ1WhcNMjYwMzI5MDQwMTQ1WjAzMTEwLwYDVQQD
EygyOTQ1YTQzZWNlYzcxZDEzMDIxNWM5NWM2MTcwNmRjYzlkMjliMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF0seT9AnrdjVBKsMAUap89NPoqT
3eK0pjA6PKrUxe/aC+gzCpjbN/aDxuHkrsPf/uXRuXmmX1olcOMDBih9pTNS9mtb
N3vUr9/okIqwJ1AFc3i1XyLthQVc6DRQwNPBO0+MLUbMaJEnErtsoS1Bh5uPvG2T
Gjje78G++ixZrd8Nx3mBISI2iM1UfRqhMeOFDUu2vtTuapqRZpFY8OcXJkPvnt3T
wmfdXsy7e/Y3R9jLE7mZppglD4spCd46wuG9txsR+DN9MFyBwscnRuVTPSRpun93
tqfWMu532w2viKZmp30bp9y/fLebUFLgefdq7T1ho5QpntbvBgCYhSiAOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClFpD7Oxx0TAhXJXGFwbcydKbMDMB8GA1UdIwQY
MBaAFAI9BUIhCFDLxmOWOM9//7z7rx5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWowRlFpRUlVTXZHWTVZNHozX192UHV2SGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82MmQ1YTgtNjY2OS00MDNmLWIwMGYt
N2FjYTk4NjM4OTU4LzEvQWowRlFpRUlVTXZHWTVZNHozX192UHV2SGxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82MmQ1YTgtNjY2OS00MDNmLWIwMGYtN2FjYTk4NjM4OTU4
LzEvQWowRlFpRUlVTXZHWTVZNHozX192UHV2SGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCtuSGVK
BJvB2sqA+HBASgPqzKOmi5wTowfcf6NhfaZpZvsNXkXOSGBkJCqPYc9EtyFv3tA2
eVG9N2Ola4OnOuJbwSg0dpIKCfbNwixUW5fPW93kTLERbTMK7pXGS2hGFKdzcWto
IuP68Z/ThALMVBm8NEEafeCUR4SazLwua1HdweZjc/XMxu4sxP8dwuDv1LPIF3bD
WFfON7ujdYV7kp5ajYDIM72BFxeXmkVJOHqFTxZhTcJN4JJ6eHQlrbgLc754mWZJ
E5BrmArU7TemFtIiPm8cPm5IqiuE7gnPqPtYvoOlAml9FUn2SEe0rsxRdh63oYu3
fcK0vkuO3HAF+A==
-----END CERTIFICATE-----