Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          43iS/cnE2f+6MR+IhWepbdrWxXIlEQHogsAnR6dCKL4=
Subject key identifier:   03:48:A5:1E:83:E0:91:F2:A5:D3:35:B2:50:71:3C:B7:CB:C7:01:AD
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       019D25BA1B4BE1C99B5E3DC5639F02B6F7C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          07E4
Signing time:             Wed 25 Mar 2026 16:00:46 +0000
Manifest this update:     Wed 25 Mar 2026 16:00:46 +0000
Manifest next update:     Thu 26 Mar 2026 16:00:46 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: wv8CPuZAaDmDhNhEy9ZVwmbXA1OimvjUfbpmnfDDHJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:1b:4b:e1:c9:9b:5e:3d:c5:63:9f:02:b6:f7:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Mar 25 16:00:46 2026 GMT
            Not After : Mar 26 16:00:46 2026 GMT
        Subject: CN=0348a51e83e091f2a5d335b250713cb7cbc701ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8a:1a:fa:00:6e:95:b0:9e:3a:9c:a8:92:dc:
                    21:d5:b5:db:58:6a:ca:f0:6f:93:10:9e:67:05:d9:
                    b3:67:df:0e:45:61:87:b0:9f:09:f4:03:df:4f:32:
                    a8:f0:a6:59:31:76:f5:b9:81:be:ac:ac:87:f1:8c:
                    b2:6d:e1:57:3d:e9:68:f8:2d:d6:b7:9d:11:91:f3:
                    4e:ec:04:56:ce:4c:b0:61:2d:d0:4f:ec:0c:d0:6e:
                    5a:ca:c0:6d:35:97:84:b5:27:36:df:d5:f3:2e:93:
                    15:a2:2c:8d:da:51:5b:06:76:83:61:44:e8:f6:de:
                    84:e5:ea:1a:ee:76:6c:db:17:01:ae:3e:74:38:41:
                    54:32:32:ff:c7:6f:0e:65:7e:ef:27:35:3d:84:44:
                    25:e3:46:2b:48:a6:27:6c:d1:b9:aa:6f:59:2e:f2:
                    a5:09:f7:ad:a5:20:fc:ae:2c:23:0b:41:87:35:b4:
                    ea:f2:ff:56:03:35:41:47:4a:03:a3:05:4f:4c:dd:
                    78:c5:04:f6:d5:ba:d8:e7:39:dc:09:aa:9b:00:42:
                    60:17:f7:6b:95:18:f6:45:6b:6f:5f:5f:ff:e9:8a:
                    13:b1:b6:fb:6d:85:29:e4:28:cc:c7:36:36:99:b2:
                    25:06:39:2e:f0:e6:61:f3:f2:29:15:4d:d1:f6:26:
                    eb:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:48:A5:1E:83:E0:91:F2:A5:D3:35:B2:50:71:3C:B7:CB:C7:01:AD
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:c7:ec:1a:f0:6f:20:ae:f3:cf:8a:6c:aa:35:b8:37:84:43:
         95:d0:9e:43:5e:43:da:e8:2f:fb:e0:55:21:ad:3e:68:ce:70:
         a6:6f:d7:9f:f7:b7:65:1b:2b:44:f7:ff:17:35:5c:00:95:27:
         77:41:70:44:42:22:57:fd:86:b3:49:fc:a3:65:0f:fb:cc:da:
         9e:d1:2e:37:6b:ce:8e:fd:c7:82:89:e0:38:7a:f4:63:b2:e5:
         89:63:f1:15:94:91:d2:15:43:e2:3a:cd:b3:77:1b:3a:47:c2:
         ef:ff:72:c2:63:b9:d8:b0:92:39:b7:9e:43:16:b5:d9:57:dc:
         ff:f1:65:3c:d2:87:29:fc:01:4d:7a:70:89:88:b5:42:db:78:
         22:8d:f6:65:29:bc:b5:5e:a1:a3:01:1d:cf:9d:aa:2f:09:ff:
         cc:02:68:b1:8f:be:58:4a:b3:e5:3b:e7:c7:1b:fc:d3:63:b8:
         ad:22:76:a7:07:d4:db:04:27:77:76:a0:45:90:19:9e:17:7b:
         dc:6a:83:9d:52:5d:3d:f8:16:f6:db:2f:ac:64:51:f1:6d:d7:
         c8:ea:89:89:52:71:56:f2:30:b6:76:82:95:93:1e:fe:73:1c:
         f5:0c:32:76:7d:ed:80:c5:4c:6e:6a:1e:aa:39:c8:0b:c4:4b:
         76:37:87:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luhtL4cmbXj3FY58CtvfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjYwMzI1MTYwMDQ2WhcNMjYwMzI2MTYwMDQ2WjAzMTEwLwYDVQQD
EygwMzQ4YTUxZTgzZTA5MWYyYTVkMzM1YjI1MDcxM2NiN2NiYzcwMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsooa+gBulbCeOpyoktwh1bXbWGrK
8G+TEJ5nBdmzZ98ORWGHsJ8J9APfTzKo8KZZMXb1uYG+rKyH8YyybeFXPelo+C3W
t50RkfNO7ARWzkywYS3QT+wM0G5aysBtNZeEtSc239XzLpMVoiyN2lFbBnaDYUTo
9t6E5eoa7nZs2xcBrj50OEFUMjL/x28OZX7vJzU9hEQl40YrSKYnbNG5qm9ZLvKl
CfetpSD8riwjC0GHNbTq8v9WAzVBR0oDowVPTN14xQT21brY5zncCaqbAEJgF/dr
lRj2RWtvX1//6YoTsbb7bYUp5CjMxzY2mbIlBjku8OZh8/IpFU3R9ibrLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANIpR6D4JHypdM1slBxPLfLxwGtMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhcfsGvBv
IK7zz4psqjW4N4RDldCeQ15D2ugv++BVIa0+aM5wpm/Xn/e3ZRsrRPf/FzVcAJUn
d0FwREIiV/2Gs0n8o2UP+8zantEuN2vOjv3HgongOHr0Y7LliWPxFZSR0hVD4jrN
s3cbOkfC7/9ywmO52LCSObeeQxa12Vfc//FlPNKHKfwBTXpwiYi1Qtt4Io32ZSm8
tV6howEdz52qLwn/zAJosY++WEqz5Tvnxxv802O4rSJ2pwfU2wQnd3agRZAZnhd7
3GqDnVJdPfgW9tsvrGRR8W3XyOqJiVJxVvIwtnaClZMe/nMc9Qwydn3tgMVMbmoe
qjnIC8RLdjeHeQ==
-----END CERTIFICATE-----