Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          PUkLPSovl+e+kBPacSnZBKYAH31J6Za0OprNGB3jW0I=
Subject key identifier:   7A:B3:1F:20:FD:CA:FB:F7:B2:7E:68:D6:D7:4E:E0:13:A4:13:BA:84
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019D27E039F420F5A2148C16ECE687EA16E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0E22
Signing time:             Thu 26 Mar 2026 02:01:39 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:39 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:39 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: uXIJ0s/MegSidtFXZ5rHti4m6RSmv0UZMaOzDb+l2TE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:39:f4:20:f5:a2:14:8c:16:ec:e6:87:ea:16:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Mar 26 02:01:39 2026 GMT
            Not After : Mar 27 02:01:39 2026 GMT
        Subject: CN=7ab31f20fdcafbf7b27e68d6d74ee013a413ba84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a6:4b:58:b1:16:69:ae:10:df:d0:7b:c9:e0:
                    8c:2a:3d:3a:d6:4d:cf:a9:96:23:f1:d6:aa:2c:9b:
                    c0:eb:0a:62:e7:bd:3a:76:b8:e5:57:8e:df:d8:4a:
                    f0:17:50:f4:4b:57:61:d4:c2:6b:a3:a5:08:cf:d0:
                    d1:0d:32:7e:cd:6f:68:7c:06:a4:16:10:7f:03:67:
                    bb:4d:fc:f7:82:d1:b0:4c:24:1f:e8:4b:60:32:40:
                    fe:e6:60:eb:bc:b7:a1:6f:a4:a7:7b:54:d2:25:df:
                    40:70:d3:65:b6:f5:8c:f5:0b:93:99:a8:fb:58:45:
                    21:eb:4a:dc:6b:aa:3f:85:e8:ef:05:23:49:d5:9f:
                    81:f8:5b:13:5b:6a:9d:17:11:00:db:68:25:f3:1f:
                    ec:09:59:d1:41:95:32:60:63:75:32:7f:53:88:e0:
                    5e:ef:e0:86:b6:52:4d:c1:cd:d4:f1:80:aa:45:e3:
                    2a:79:bf:7b:9c:6b:5d:8b:ec:97:cb:18:34:47:ea:
                    2e:27:00:68:3f:33:6b:76:61:f8:88:1f:63:9f:56:
                    1a:d1:c2:b8:db:a7:bf:ff:77:1e:bc:0e:99:47:97:
                    25:c2:a8:b5:a7:e3:56:4b:81:19:77:57:f3:2a:68:
                    ef:33:7a:19:3a:b7:96:2b:44:9b:3e:aa:9d:9b:96:
                    27:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:B3:1F:20:FD:CA:FB:F7:B2:7E:68:D6:D7:4E:E0:13:A4:13:BA:84
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:72:ff:5b:76:1c:f3:5b:bf:1c:da:c2:79:62:47:91:58:85:
         f1:29:e8:af:9f:57:62:66:36:8f:e4:dc:e3:f7:8f:f6:8a:a1:
         55:eb:0f:8b:8c:ad:8f:8d:72:b5:bc:0c:49:2e:69:ca:83:47:
         c5:a0:06:76:47:b3:4d:cb:e2:bd:ed:23:d9:84:0a:20:1f:80:
         fa:db:17:c7:02:48:fd:ea:98:40:8a:53:39:6f:37:63:76:ce:
         77:2b:79:f1:d3:1a:46:43:0b:23:29:64:13:e4:72:13:2c:81:
         07:fe:e6:50:d9:3e:fa:02:2f:32:70:cd:3f:1c:58:a0:ef:3e:
         cb:e6:cf:9c:b2:04:b2:ab:27:d7:30:d4:c8:7a:bf:d4:16:98:
         bb:9c:08:d2:83:53:5a:ec:db:dc:bb:42:4c:a7:bd:6c:9b:a4:
         a9:db:fd:5c:0b:2b:d3:32:83:59:11:db:1b:0b:66:d3:4c:cb:
         13:37:e2:98:5e:75:ef:94:9d:20:2e:6e:b1:84:27:36:a5:ee:
         aa:41:3e:d7:6b:66:e6:15:ec:0b:a0:e1:26:fa:46:e4:17:66:
         a1:de:a2:76:1d:cd:c9:94:2b:4f:06:a1:a0:38:8f:97:a5:d1:
         d7:e6:b1:14:87:9e:d7:19:36:b6:56:6b:f7:2b:40:63:db:b7:
         59:19:b3:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4Dn0IPWiFIwW7OaH6hblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjYwMzI2MDIwMTM5WhcNMjYwMzI3MDIwMTM5WjAzMTEwLwYDVQQD
Eyg3YWIzMWYyMGZkY2FmYmY3YjI3ZTY4ZDZkNzRlZTAxM2E0MTNiYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6ZLWLEWaa4Q39B7yeCMKj061k3P
qZYj8daqLJvA6wpi5706drjlV47f2ErwF1D0S1dh1MJro6UIz9DRDTJ+zW9ofAak
FhB/A2e7Tfz3gtGwTCQf6EtgMkD+5mDrvLehb6Sne1TSJd9AcNNltvWM9QuTmaj7
WEUh60rca6o/hejvBSNJ1Z+B+FsTW2qdFxEA22gl8x/sCVnRQZUyYGN1Mn9TiOBe
7+CGtlJNwc3U8YCqReMqeb97nGtdi+yXyxg0R+ouJwBoPzNrdmH4iB9jn1Ya0cK4
26e//3cevA6ZR5clwqi1p+NWS4EZd1fzKmjvM3oZOreWK0SbPqqdm5YnpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHqzHyD9yvv3sn5o1tdO4BOkE7qEMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADHL/W3Yc
81u/HNrCeWJHkViF8Snor59XYmY2j+Tc4/eP9oqhVesPi4ytj41ytbwMSS5pyoNH
xaAGdkezTcvive0j2YQKIB+A+tsXxwJI/eqYQIpTOW83Y3bOdyt58dMaRkMLIylk
E+RyEyyBB/7mUNk++gIvMnDNPxxYoO8+y+bPnLIEsqsn1zDUyHq/1BaYu5wI0oNT
Wuzb3LtCTKe9bJukqdv9XAsr0zKDWRHbGwtm00zLEzfimF5175SdIC5usYQnNqXu
qkE+12tm5hXsC6DhJvpG5Bdmod6idh3NyZQrTwahoDiPl6XR1+axFIee1xk2tlZr
9ytAY9u3WRmzVQ==
-----END CERTIFICATE-----