Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          q+f9FB6WsADfOFTmWTGdi02q7bhPK8s2F6sStQnpiwo=
Subject key identifier:   1C:49:83:69:A2:EC:3B:89:25:10:CA:6E:80:38:42:49:6E:5B:AD:C3
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019E1D22F3554CB26E51AFF9659F5C2FBA1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0EA1
Signing time:             Tue 12 May 2026 17:01:30 +0000
Manifest this update:     Tue 12 May 2026 17:01:30 +0000
Manifest next update:     Wed 13 May 2026 17:01:30 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: hvCqxPbGKztkMP1JvvGnHqLJLhDW6LVU9e9RpGqGv3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:22:f3:55:4c:b2:6e:51:af:f9:65:9f:5c:2f:ba:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: May 12 17:01:30 2026 GMT
            Not After : May 13 17:01:30 2026 GMT
        Subject: CN=1c498369a2ec3b892510ca6e803842496e5badc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6d:ad:d2:2a:97:03:d8:03:1c:57:f4:e5:e3:
                    2d:13:a6:d3:ca:09:d0:d1:30:1e:57:6b:7f:fa:68:
                    9b:88:ee:92:58:a2:d2:09:37:d8:f7:b5:d5:2f:84:
                    db:da:ca:a5:b1:fa:8f:4e:0c:18:05:80:20:f0:0f:
                    0a:4a:d2:a1:e1:3e:df:09:a0:d0:ee:c2:4e:0f:44:
                    6e:77:1c:c9:02:24:71:cc:97:97:3b:3f:84:35:43:
                    4a:8b:02:72:f4:c1:6e:9e:54:a2:5a:63:46:fd:f4:
                    11:b4:60:1b:37:87:e1:3b:6e:e0:25:21:5a:5e:e3:
                    30:ce:9e:c1:43:fc:dc:ef:47:62:04:10:95:38:34:
                    99:4a:ae:73:d6:5a:8d:67:34:56:f9:db:32:cd:0b:
                    f0:9c:b1:46:d4:f4:05:ef:80:92:7a:3b:e5:fe:9c:
                    59:77:6d:61:da:ec:43:58:4c:f0:5e:af:80:5b:e6:
                    41:bd:a1:1f:e0:fe:85:fd:b0:9e:8c:4c:a5:7e:9e:
                    21:1f:0c:50:b0:00:bb:cb:d1:7d:13:fa:f0:bc:79:
                    86:b0:be:42:66:4e:a3:7d:fa:22:f5:31:f8:4a:1d:
                    1c:2d:bb:e4:21:a9:20:0e:b1:18:04:e5:bd:81:5b:
                    fb:f4:28:30:bf:50:1d:a8:e9:fe:27:19:28:54:ac:
                    a2:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:49:83:69:A2:EC:3B:89:25:10:CA:6E:80:38:42:49:6E:5B:AD:C3
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:cf:b2:d4:06:be:a3:a1:7a:99:40:94:87:70:0c:48:e4:61:
         58:33:84:a9:3f:9d:81:af:9f:b2:78:29:30:98:11:c6:fc:48:
         57:f7:88:06:7d:a8:e1:cd:1d:8e:2b:05:7c:d4:6a:53:4d:68:
         53:68:6a:b5:bc:f4:86:a2:67:1e:bd:64:b8:0a:30:52:ff:64:
         f7:e8:27:dc:9a:2b:48:35:62:55:4a:66:99:bb:67:a0:5b:eb:
         b1:da:0b:1e:91:6f:a0:44:bf:19:61:f0:e9:16:b5:74:c2:d3:
         d0:e9:e7:33:17:a8:22:07:a2:08:ab:4c:bd:0e:52:27:c9:3f:
         e3:3e:4c:31:2e:46:d5:69:1f:97:8c:0d:d7:96:78:58:db:26:
         33:44:4e:b1:42:9e:bf:26:15:87:5c:83:75:0c:f6:2c:fd:bf:
         b7:7f:e0:b4:3d:70:ee:f3:aa:47:60:1e:97:dc:04:67:e7:33:
         b3:70:dc:28:b5:22:90:ad:37:74:ac:eb:35:ef:1b:ae:d1:c8:
         02:b3:e8:21:8b:11:46:7f:f8:34:e8:33:66:16:a8:dc:dc:3a:
         87:1d:55:c2:50:60:d2:9c:9a:8d:af:6b:8d:2d:17:cd:7b:6f:
         0a:57:36:44:be:25:14:0b:1e:da:60:c8:b9:59:f0:e7:7d:cf:
         1d:ac:3c:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dIvNVTLJuUa/5ZZ9cL7ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjYwNTEyMTcwMTMwWhcNMjYwNTEzMTcwMTMwWjAzMTEwLwYDVQQD
EygxYzQ5ODM2OWEyZWMzYjg5MjUxMGNhNmU4MDM4NDI0OTZlNWJhZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx22t0iqXA9gDHFf05eMtE6bTygnQ
0TAeV2t/+mibiO6SWKLSCTfY97XVL4Tb2sqlsfqPTgwYBYAg8A8KStKh4T7fCaDQ
7sJOD0RudxzJAiRxzJeXOz+ENUNKiwJy9MFunlSiWmNG/fQRtGAbN4fhO27gJSFa
XuMwzp7BQ/zc70diBBCVODSZSq5z1lqNZzRW+dsyzQvwnLFG1PQF74CSejvl/pxZ
d21h2uxDWEzwXq+AW+ZBvaEf4P6F/bCejEylfp4hHwxQsAC7y9F9E/rwvHmGsL5C
Zk6jffoi9TH4Sh0cLbvkIakgDrEYBOW9gVv79Cgwv1AdqOn+JxkoVKyiiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxJg2mi7DuJJRDKboA4QkluW63DMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABM+y1Aa+
o6F6mUCUh3AMSORhWDOEqT+dga+fsngpMJgRxvxIV/eIBn2o4c0djisFfNRqU01o
U2hqtbz0hqJnHr1kuAowUv9k9+gn3JorSDViVUpmmbtnoFvrsdoLHpFvoES/GWHw
6Ra1dMLT0OnnMxeoIgeiCKtMvQ5SJ8k/4z5MMS5G1Wkfl4wN15Z4WNsmM0ROsUKe
vyYVh1yDdQz2LP2/t3/gtD1w7vOqR2Ael9wEZ+czs3DcKLUikK03dKzrNe8brtHI
ArPoIYsRRn/4NOgzZhao3Nw6hx1VwlBg0pyaja9rjS0XzXtvClc2RL4lFAse2mDI
uVnw533PHaw8qA==
-----END CERTIFICATE-----