Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          9I3yQczlleqgka24kZGutLaalvR85w45QM4yyNAWYkc=
Subject key identifier:   78:CB:96:46:50:00:77:1F:B6:9D:FF:5C:B5:8B:C7:81:AB:9A:B4:56
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       019D2884AEF1882233CEDB1D10662395F4A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          05E8
Signing time:             Thu 26 Mar 2026 05:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 05:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 05:01:17 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: NYhyJMm1XQPsZ91ZJn53P+KcUgPIIeVnPPyfXzEKFEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:ae:f1:88:22:33:ce:db:1d:10:66:23:95:f4:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Mar 26 05:01:17 2026 GMT
            Not After : Mar 27 05:01:17 2026 GMT
        Subject: CN=78cb96465000771fb69dff5cb58bc781ab9ab456
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:8f:80:cb:93:0c:5c:a0:7b:ea:d6:be:23:c3:
                    62:71:8d:2d:61:6f:f7:21:21:42:6b:9a:8e:7c:c4:
                    74:ea:c9:e3:17:a0:6d:20:11:e4:b8:02:1d:2b:12:
                    b8:fc:d5:89:80:9a:d1:68:46:6c:f5:ca:dd:35:09:
                    40:20:91:4f:28:57:00:15:7e:dd:c5:1c:33:27:53:
                    ef:0c:9f:7b:be:7c:aa:57:b6:e3:6f:97:b5:4e:bd:
                    4e:20:9e:59:16:8b:7f:da:5f:23:8d:c4:b5:ad:91:
                    2c:2b:c7:98:2e:80:1b:6c:e4:41:4f:fd:79:13:d5:
                    d4:4e:a5:8c:16:e9:ae:c2:dd:42:b6:5b:bb:ad:b4:
                    25:aa:83:3c:20:4d:87:64:b9:b6:2d:b9:0d:36:e6:
                    27:62:1b:e7:42:23:8b:1c:6c:90:8d:8d:24:d6:2c:
                    15:63:cc:0b:51:69:2d:ed:5b:51:a8:c0:87:4c:04:
                    63:f8:78:24:59:c8:74:f7:40:b4:69:2c:c7:71:00:
                    9d:5b:56:84:ec:12:6c:05:bf:83:f3:43:7f:ae:07:
                    88:6c:bd:7c:8e:04:4c:47:13:59:c9:4e:11:96:37:
                    db:a8:bc:a8:84:c0:18:8b:0e:d2:58:ef:bf:e6:9c:
                    a8:5a:ac:ee:1c:2b:46:76:ee:c4:b7:4d:b6:61:9f:
                    34:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:CB:96:46:50:00:77:1F:B6:9D:FF:5C:B5:8B:C7:81:AB:9A:B4:56
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:66:a5:ac:6d:be:2d:be:e5:d1:cc:61:d3:7b:6d:be:a3:b9:
         f6:b5:a8:20:3c:63:fd:30:ec:7c:9a:df:22:7e:5d:46:90:50:
         92:1f:74:c5:80:e4:64:46:7e:03:32:56:96:54:6b:db:91:35:
         a2:17:81:2f:ea:7a:1d:75:85:70:4c:87:84:9c:3a:d6:26:29:
         71:d5:b0:36:f4:18:79:b4:33:94:8d:36:5a:9c:71:20:c1:1d:
         b2:7a:3a:b7:57:7e:3c:dd:87:cc:5a:42:01:fa:db:9b:b1:15:
         61:a5:82:89:68:4d:01:d0:2e:76:3e:10:f6:4a:94:a0:9e:8b:
         d8:f3:c4:6e:c8:e5:2d:4b:60:da:ae:b4:53:97:88:04:25:80:
         b4:54:6d:17:b9:99:1e:6c:27:d2:91:da:9e:11:1c:39:26:7d:
         b1:12:24:48:15:94:06:ff:ab:dd:a9:fb:a8:ac:e8:05:51:3e:
         32:7d:75:ad:74:1b:e8:16:e3:94:f2:50:37:f9:e9:96:b4:35:
         f7:c6:bd:c4:be:4a:8d:c9:45:fd:73:e3:52:69:53:cf:8d:1c:
         40:6e:76:b4:ba:97:e5:1e:d8:b8:8d:6b:0b:e1:8e:5d:fb:f3:
         ea:39:b8:3e:9a:b7:e0:09:2a:e4:fa:b9:6b:51:58:4b:4f:d4:
         6f:fe:54:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohK7xiCIzztsdEGYjlfSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjYwMzI2MDUwMTE3WhcNMjYwMzI3MDUwMTE3WjAzMTEwLwYDVQQD
Eyg3OGNiOTY0NjUwMDA3NzFmYjY5ZGZmNWNiNThiYzc4MWFiOWFiNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgo+Ay5MMXKB76ta+I8NicY0tYW/3
ISFCa5qOfMR06snjF6BtIBHkuAIdKxK4/NWJgJrRaEZs9crdNQlAIJFPKFcAFX7d
xRwzJ1PvDJ97vnyqV7bjb5e1Tr1OIJ5ZFot/2l8jjcS1rZEsK8eYLoAbbORBT/15
E9XUTqWMFumuwt1Ctlu7rbQlqoM8IE2HZLm2LbkNNuYnYhvnQiOLHGyQjY0k1iwV
Y8wLUWkt7VtRqMCHTARj+HgkWch090C0aSzHcQCdW1aE7BJsBb+D80N/rgeIbL18
jgRMRxNZyU4RljfbqLyohMAYiw7SWO+/5pyoWqzuHCtGdu7Et022YZ80PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjLlkZQAHcftp3/XLWLx4GrmrRWMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkmalrG2+
Lb7l0cxh03ttvqO59rWoIDxj/TDsfJrfIn5dRpBQkh90xYDkZEZ+AzJWllRr25E1
oheBL+p6HXWFcEyHhJw61iYpcdWwNvQYebQzlI02WpxxIMEdsno6t1d+PN2HzFpC
Afrbm7EVYaWCiWhNAdAudj4Q9kqUoJ6L2PPEbsjlLUtg2q60U5eIBCWAtFRtF7mZ
Hmwn0pHanhEcOSZ9sRIkSBWUBv+r3an7qKzoBVE+Mn11rXQb6BbjlPJQN/nplrQ1
98a9xL5KjclF/XPjUmlTz40cQG52tLqX5R7YuI1rC+GOXfvz6jm4Ppq34Akq5Pq5
a1FYS0/Ub/5U/Q==
-----END CERTIFICATE-----