Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          x6EEZ04bxOHl0lH2g6zPrbvtJ6wTBgEYVzn8RNrc/fo=
Subject key identifier:   43:EB:C4:A7:73:EB:84:56:2C:62:87:C3:D7:11:41:01:51:73:29:E8
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019D28F33B82198B2B025FF91E1BE26A9C5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 07:02:02 +0000
Manifest this update:     Thu 26 Mar 2026 07:02:02 +0000
Manifest next update:     Fri 27 Mar 2026 07:02:02 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: m8QFrfigLq2jx3pavcu4DuOPuQMMxMW11C/kOqKZ05A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:3b:82:19:8b:2b:02:5f:f9:1e:1b:e2:6a:9c:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Mar 26 07:02:02 2026 GMT
            Not After : Mar 27 07:02:02 2026 GMT
        Subject: CN=43ebc4a773eb84562c6287c3d7114101517329e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:75:08:40:f4:2b:06:d5:a2:ec:4f:5f:d2:53:
                    ae:79:d2:34:a3:35:0b:1d:21:27:0c:46:82:aa:68:
                    e6:e5:aa:23:06:01:54:f5:66:e7:f2:78:59:78:6c:
                    83:9f:f7:78:17:9d:ec:fb:b7:d6:c6:38:c4:18:0f:
                    18:f0:7a:61:5c:56:0d:a4:ba:2b:31:a0:be:70:85:
                    6f:2f:94:71:01:57:50:51:38:6f:f5:49:15:42:4b:
                    60:9b:c3:70:51:06:f8:c3:bd:f7:a0:e9:0d:3c:99:
                    b9:43:ac:2f:f7:76:4c:c0:80:d7:13:2c:3e:32:59:
                    25:dd:34:de:35:16:40:ed:b0:7c:59:7a:44:bc:31:
                    76:b3:8f:f1:af:15:2f:b3:51:f1:f0:76:c1:5e:99:
                    79:b5:61:f6:dd:dd:f4:85:36:e2:7d:10:83:67:e5:
                    11:51:ec:0b:83:00:9c:12:b2:ae:44:28:3b:d9:29:
                    70:b1:44:3c:4c:b7:c5:33:f0:57:ff:b0:78:9a:43:
                    e7:f6:20:28:3d:51:aa:7e:6e:36:70:83:1c:06:5d:
                    bf:56:02:07:34:bf:b1:58:49:ee:2e:c0:59:63:3f:
                    d3:23:e0:ad:0d:ba:93:b3:23:17:ef:a0:78:ed:61:
                    ba:47:bd:31:a3:5f:ad:c0:f4:a6:42:6f:49:21:e7:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:EB:C4:A7:73:EB:84:56:2C:62:87:C3:D7:11:41:01:51:73:29:E8
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:ca:5a:f7:5a:f3:ef:11:39:31:5c:d6:c6:64:0b:37:24:ad:
         15:26:70:8e:77:db:d4:df:ae:37:a2:ed:1d:e6:64:fe:ea:37:
         9c:1a:84:03:09:3e:9b:e1:b9:c5:b8:55:37:24:19:77:e6:e0:
         12:04:0b:53:dc:69:b9:a3:63:3e:54:38:25:8a:60:5b:23:8c:
         b6:3d:98:2b:9a:bd:42:0d:24:f1:c7:fb:23:79:ab:88:8c:39:
         8d:2d:17:55:2c:7b:eb:48:6f:df:74:3a:1b:42:04:89:d4:e3:
         21:00:6c:93:c1:45:c2:3d:3f:71:1e:d0:e7:a7:73:69:ae:0b:
         c5:eb:ee:a7:3f:8d:4b:9a:7f:2e:cc:60:d8:bb:27:31:af:b6:
         cb:36:ea:39:cb:3b:bd:40:d5:1d:81:2b:33:ad:d7:90:ce:61:
         64:f8:df:2a:66:4c:4c:1d:7f:d0:2a:66:47:7e:37:b5:54:ff:
         8b:65:4d:da:8c:92:9d:1b:e1:be:d9:bf:1a:6e:f2:a4:e9:c8:
         5d:83:dc:8a:6e:45:ad:14:a6:58:0c:9a:a1:4a:70:8d:fd:2a:
         7a:67:c4:65:9e:b6:a1:3b:f8:88:42:8a:fb:4c:d1:bf:b4:e2:
         7a:81:0c:ad:b9:dd:78:c6:3a:df:60:07:a6:c2:f8:22:03:52:
         70:2f:30:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8zuCGYsrAl/5HhviapxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjYwMzI2MDcwMjAyWhcNMjYwMzI3MDcwMjAyWjAzMTEwLwYDVQQD
Eyg0M2ViYzRhNzczZWI4NDU2MmM2Mjg3YzNkNzExNDEwMTUxNzMyOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3UIQPQrBtWi7E9f0lOuedI0ozUL
HSEnDEaCqmjm5aojBgFU9Wbn8nhZeGyDn/d4F53s+7fWxjjEGA8Y8HphXFYNpLor
MaC+cIVvL5RxAVdQUThv9UkVQktgm8NwUQb4w733oOkNPJm5Q6wv93ZMwIDXEyw+
Mlkl3TTeNRZA7bB8WXpEvDF2s4/xrxUvs1Hx8HbBXpl5tWH23d30hTbifRCDZ+UR
UewLgwCcErKuRCg72SlwsUQ8TLfFM/BX/7B4mkPn9iAoPVGqfm42cIMcBl2/VgIH
NL+xWEnuLsBZYz/TI+CtDbqTsyMX76B47WG6R70xo1+twPSmQm9JIedFoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPrxKdz64RWLGKHw9cRQQFRcynoMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcpa91rz
7xE5MVzWxmQLNyStFSZwjnfb1N+uN6LtHeZk/uo3nBqEAwk+m+G5xbhVNyQZd+bg
EgQLU9xpuaNjPlQ4JYpgWyOMtj2YK5q9Qg0k8cf7I3mriIw5jS0XVSx760hv33Q6
G0IEidTjIQBsk8FFwj0/cR7Q56dzaa4Lxevupz+NS5p/Lsxg2LsnMa+2yzbqOcs7
vUDVHYErM63XkM5hZPjfKmZMTB1/0CpmR343tVT/i2VN2oySnRvhvtm/Gm7ypOnI
XYPcim5FrRSmWAyaoUpwjf0qemfEZZ62oTv4iEKK+0zRv7TieoEMrbndeMY632AH
psL4IgNScC8wKQ==
-----END CERTIFICATE-----