Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File:                     pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier:          MCyRb4UsfjWijZmJwCaSpgToNjWqbYDUA74BDIw+QO8=
Subject key identifier:   F4:07:FD:58:7B:94:43:1C:DE:52:D3:97:F3:55:B8:AB:27:8F:A3:DA
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer:       /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial:       019D98BD928F7E804E6B29AECFA51D9C5699
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number:          15BE
Signing time:             Fri 17 Apr 2026 00:00:53 +0000
Manifest this update:     Fri 17 Apr 2026 00:00:53 +0000
Manifest next update:     Sat 18 Apr 2026 00:00:53 +0000
Files and hashes:         1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: ZpDAMZJdjkm/FhvbHSb4v4bLflqu5Pb5VULqil+jRzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:92:8f:7e:80:4e:6b:29:ae:cf:a5:1d:9c:56:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
        Validity
            Not Before: Apr 17 00:00:53 2026 GMT
            Not After : Apr 18 00:00:53 2026 GMT
        Subject: CN=f407fd587b94431cde52d397f355b8ab278fa3da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:34:ef:4d:7d:20:a2:8c:ec:6e:d0:57:a7:a0:
                    c2:df:bc:ad:5b:0e:0a:ae:ba:fa:88:6b:d7:ae:80:
                    89:19:53:7d:7e:7b:23:d3:a9:b2:2d:08:87:b1:09:
                    de:be:eb:46:48:10:be:6e:29:8c:80:62:f8:c0:22:
                    57:5f:1d:68:8e:6e:d9:90:f9:57:be:98:dc:06:2b:
                    b7:e4:6d:69:a1:5f:24:5a:0d:3c:a8:3e:29:16:c0:
                    46:3c:1c:85:ac:6a:18:07:dd:ff:fb:c3:97:f1:14:
                    52:f4:d5:1f:df:5c:54:4c:15:11:fa:db:23:2a:0b:
                    68:12:0d:b9:58:6e:65:53:68:dc:55:4d:f4:c1:e7:
                    a0:9e:d9:5c:84:90:cc:62:cc:42:5e:27:e1:68:54:
                    25:1c:d3:d2:8f:71:ef:7b:36:ce:3c:85:07:e0:1d:
                    5d:23:ee:b3:bf:f6:d6:fc:7a:87:d1:80:40:5a:2f:
                    ca:26:df:71:35:32:14:d7:82:88:fe:8c:26:62:ab:
                    76:69:96:30:2d:e7:30:68:4f:2e:24:2f:e7:fb:40:
                    11:83:da:32:72:73:1b:2a:7f:8f:d5:e6:de:df:01:
                    16:95:38:bf:42:f4:5e:49:8e:72:35:86:9e:b7:1c:
                    47:d8:9f:ae:78:b3:87:cd:bf:31:63:fd:01:85:3a:
                    84:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:07:FD:58:7B:94:43:1C:DE:52:D3:97:F3:55:B8:AB:27:8F:A3:DA
            X509v3 Authority Key Identifier:
                keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:56:41:c7:9c:e8:c7:7e:4d:86:d5:95:97:af:83:eb:c0:1f:
         28:28:d4:5a:29:19:ce:b6:7d:cc:f7:78:51:0a:72:5d:36:d4:
         af:a3:ed:92:d4:17:6a:af:05:b3:61:89:e8:7a:26:c8:5f:84:
         a5:43:d7:ff:fc:99:f0:d5:06:a2:67:77:d2:81:bc:24:96:11:
         e8:d5:34:fd:39:e8:d3:cd:b8:7a:64:77:90:1f:81:5c:f9:61:
         c9:f2:aa:69:62:42:da:a5:27:36:a1:fd:12:97:d8:c1:9e:7e:
         ca:3b:0b:1f:7e:b0:87:2f:26:87:d2:df:09:49:db:51:9f:f3:
         e9:cc:9d:71:61:e2:73:75:3a:65:c3:3c:4f:b8:a5:b1:d5:5b:
         7e:e7:d1:fe:f0:43:2c:ee:26:2e:89:6d:d7:e9:85:7f:62:4d:
         5a:14:29:68:57:c5:c9:9e:56:00:9f:4a:8e:82:49:bc:1d:03:
         8b:49:08:cb:e4:78:73:e3:c8:1a:bd:86:29:13:04:2b:2c:0d:
         f9:e7:2d:5f:2f:b3:8f:53:f0:a9:0d:08:77:ba:38:4c:e6:f2:
         11:ff:25:0e:73:51:db:9a:14:f0:b9:3a:32:89:d4:db:49:b0:
         63:ed:68:fc:85:34:92:60:a9:e1:70:23:3b:6d:3e:6e:ee:e8:
         b0:d7:64:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvZKPfoBOaymuz6UdnFaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjYwNDE3MDAwMDUzWhcNMjYwNDE4MDAwMDUzWjAzMTEwLwYDVQQD
EyhmNDA3ZmQ1ODdiOTQ0MzFjZGU1MmQzOTdmMzU1YjhhYjI3OGZhM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzTvTX0goozsbtBXp6DC37ytWw4K
rrr6iGvXroCJGVN9fnsj06myLQiHsQnevutGSBC+bimMgGL4wCJXXx1ojm7ZkPlX
vpjcBiu35G1poV8kWg08qD4pFsBGPByFrGoYB93/+8OX8RRS9NUf31xUTBUR+tsj
KgtoEg25WG5lU2jcVU30weegntlchJDMYsxCXifhaFQlHNPSj3HvezbOPIUH4B1d
I+6zv/bW/HqH0YBAWi/KJt9xNTIU14KI/owmYqt2aZYwLecwaE8uJC/n+0ARg9oy
cnMbKn+P1ebe3wEWlTi/QvReSY5yNYaetxxH2J+ueLOHzb8xY/0BhTqEWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQH/Vh7lEMc3lLTl/NVuKsnj6PaMB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQFZBx5zo
x35NhtWVl6+D68AfKCjUWikZzrZ9zPd4UQpyXTbUr6PtktQXaq8Fs2GJ6HomyF+E
pUPX//yZ8NUGomd30oG8JJYR6NU0/Tno0824emR3kB+BXPlhyfKqaWJC2qUnNqH9
EpfYwZ5+yjsLH36why8mh9LfCUnbUZ/z6cydcWHic3U6ZcM8T7ilsdVbfufR/vBD
LO4mLolt1+mFf2JNWhQpaFfFyZ5WAJ9KjoJJvB0Di0kIy+R4c+PIGr2GKRMEKywN
+ectXy+zj1PwqQ0Id7o4TObyEf8lDnNR25oU8Lk6MonU20mwY+1o/IU0kmCp4XAj
O20+bu7osNdk3g==
-----END CERTIFICATE-----