Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
File:                     aQMR37ZbZZViGO_0cZep65akB9s.mft (raw, json)
Hash identifier:          ly2nXot3UmCfR4V4rQEZh2Rb71pno/1cCH9DpwaaAjM=
Subject key identifier:   B3:E2:E5:F5:D5:4D:AD:A4:15:5A:A7:71:CC:79:6D:56:AA:6E:C5:31
Authority key identifier: 69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB
Certificate issuer:       /CN=690311dfb65b65956218eff47197a9eb96a407db
Certificate serial:       019D2AE0FD3B768B12B196032959FA845389
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 16:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:21 +0000
Files and hashes:         1: aQMR37ZbZZViGO_0cZep65akB9s.crl (hash: bM21KLZK7yprARezi81t3V0yKGhIv2NSkYdgUuf5xQE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:fd:3b:76:8b:12:b1:96:03:29:59:fa:84:53:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=690311dfb65b65956218eff47197a9eb96a407db
        Validity
            Not Before: Mar 26 16:01:21 2026 GMT
            Not After : Mar 27 16:01:21 2026 GMT
        Subject: CN=b3e2e5f5d54dada4155aa771cc796d56aa6ec531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:41:4d:3f:50:9e:01:cf:a5:5c:23:9a:ed:e7:
                    11:31:13:67:d2:91:7c:17:bb:03:4d:c1:ab:f6:05:
                    41:8f:a8:05:7c:57:0c:1c:f1:7e:e8:e9:4d:91:de:
                    cb:af:9f:9e:85:d1:06:4b:28:f6:03:0f:c7:02:31:
                    b1:6b:fa:bc:10:80:f6:94:b4:30:f8:74:c2:00:b3:
                    03:88:4c:55:ca:fb:bf:a6:bb:a4:6e:96:3d:0a:44:
                    cf:7c:ee:0e:69:64:61:49:ce:29:fe:5e:21:7a:30:
                    0a:50:3b:35:88:5e:6a:b8:d5:03:2f:55:ae:b0:fd:
                    33:b9:75:5c:a7:77:3b:0c:9b:1c:cc:3b:01:d5:60:
                    60:c4:8d:17:fa:88:3a:a2:4a:1e:e8:e0:93:82:7b:
                    60:b0:00:bc:d2:26:3b:4b:43:3b:4d:80:e3:70:29:
                    be:4d:4e:86:3d:82:dc:aa:67:1f:7c:d2:75:5f:eb:
                    bc:84:e1:dd:ab:46:e9:0b:a9:a7:08:0d:3f:5d:d5:
                    04:73:a7:ba:99:df:80:f6:25:12:a0:e7:14:ee:37:
                    c4:a4:1f:80:96:d1:c6:82:3b:7b:0a:a8:ab:66:11:
                    8b:5f:c0:73:c3:62:c0:3c:c2:66:9a:18:93:6b:aa:
                    56:3c:0b:eb:56:af:5e:2b:0d:d5:d7:ca:a1:6f:68:
                    3a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:E2:E5:F5:D5:4D:AD:A4:15:5A:A7:71:CC:79:6D:56:AA:6E:C5:31
            X509v3 Authority Key Identifier:
                keyid:69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:b5:fd:39:32:e0:81:93:b7:2c:8d:17:18:d1:00:6f:81:a0:
         27:bb:d8:c0:98:e2:5f:5e:bc:43:00:61:6e:44:8c:0f:7e:74:
         fc:72:36:b0:e8:46:a5:32:89:e1:6e:d4:8b:23:c0:d3:5f:45:
         36:be:d9:ab:5d:5b:f7:a4:52:15:f8:61:14:69:cd:b0:7b:93:
         ee:af:f5:81:0d:21:2d:78:fc:b4:e1:36:30:d9:19:a6:4c:f5:
         54:fd:4f:1a:61:ac:83:d5:87:cf:70:93:61:90:38:46:1a:b5:
         dc:7f:76:f4:ea:d3:9f:b6:26:d2:1c:d6:35:4e:bc:3d:4f:8d:
         7b:4b:f2:92:5c:44:aa:f6:8d:49:f4:0d:16:58:2c:17:df:73:
         39:97:52:84:c1:af:70:dd:5c:6c:38:d5:ae:f2:c6:44:a4:6b:
         67:d3:13:9e:80:0b:5d:6b:35:98:78:8e:aa:63:9b:88:f0:d3:
         8b:81:cc:2e:f4:f2:e0:c8:40:64:1b:37:b5:84:a7:31:2b:ca:
         c6:18:2b:df:17:d4:3c:87:07:6e:73:e8:ce:30:27:ee:cb:81:
         8e:1b:ae:82:47:b2:f5:55:e1:1b:f6:2d:84:27:7d:7f:c6:6d:
         05:8c:13:11:a8:14:a2:a6:f5:18:10:87:de:74:c7:4f:13:9e:
         72:76:01:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4P07dosSsZYDKVn6hFOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDMxMWRmYjY1YjY1OTU2MjE4ZWZmNDcxOTdhOWViOTZh
NDA3ZGIwHhcNMjYwMzI2MTYwMTIxWhcNMjYwMzI3MTYwMTIxWjAzMTEwLwYDVQQD
EyhiM2UyZTVmNWQ1NGRhZGE0MTU1YWE3NzFjYzc5NmQ1NmFhNmVjNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60FNP1CeAc+lXCOa7ecRMRNn0pF8
F7sDTcGr9gVBj6gFfFcMHPF+6OlNkd7Lr5+ehdEGSyj2Aw/HAjGxa/q8EID2lLQw
+HTCALMDiExVyvu/prukbpY9CkTPfO4OaWRhSc4p/l4hejAKUDs1iF5quNUDL1Wu
sP0zuXVcp3c7DJsczDsB1WBgxI0X+og6okoe6OCTgntgsAC80iY7S0M7TYDjcCm+
TU6GPYLcqmcffNJ1X+u8hOHdq0bpC6mnCA0/XdUEc6e6md+A9iUSoOcU7jfEpB+A
ltHGgjt7CqirZhGLX8Bzw2LAPMJmmhiTa6pWPAvrVq9eKw3V18qhb2g6KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPi5fXVTa2kFVqnccx5bVaqbsUxMB8GA1UdIwQY
MBaAFGkDEd+2W2WVYhjv9HGXqeuWpAfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQt
YTQ1NmUzNjRjYjBlLzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQtYTQ1NmUzNjRjYjBl
LzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmbX9OTLg
gZO3LI0XGNEAb4GgJ7vYwJjiX168QwBhbkSMD350/HI2sOhGpTKJ4W7UiyPA019F
Nr7Zq11b96RSFfhhFGnNsHuT7q/1gQ0hLXj8tOE2MNkZpkz1VP1PGmGsg9WHz3CT
YZA4Rhq13H929OrTn7Ym0hzWNU68PU+Ne0vyklxEqvaNSfQNFlgsF99zOZdShMGv
cN1cbDjVrvLGRKRrZ9MTnoALXWs1mHiOqmObiPDTi4HMLvTy4MhAZBs3tYSnMSvK
xhgr3xfUPIcHbnPozjAn7suBjhuugkey9VXhG/YthCd9f8ZtBYwTEagUoqb1GBCH
3nTHTxOecnYBTA==
-----END CERTIFICATE-----