Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
File:                     aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json)
Hash identifier:          dafh69c04H14mNFZqXfuD/d/UGZchdvCjxVXzRP0c50=
Subject key identifier:   98:19:7E:1F:C2:54:24:37:E0:AB:CE:87:3D:C2:E5:F1:BE:77:52:63
Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62
Certificate issuer:       /CN=69a8e68d12ae293af2369043cd59a020dac24062
Certificate serial:       019D9961EE797B9FE0B3F5F95FE8F01F84EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
Manifest number:          0DB3
Signing time:             Fri 17 Apr 2026 03:00:25 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:25 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:25 +0000
Files and hashes:         1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: ym0CIDn/1kbJk1lnXHaaPx28IhbhcA7G5T8Ux1jyoKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:61:ee:79:7b:9f:e0:b3:f5:f9:5f:e8:f0:1f:84:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062
        Validity
            Not Before: Apr 17 03:00:25 2026 GMT
            Not After : Apr 18 03:00:25 2026 GMT
        Subject: CN=98197e1fc2542437e0abce873dc2e5f1be775263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:20:05:e6:a4:c1:e1:f0:80:e0:25:59:aa:fb:
                    0b:fd:ba:7a:82:d2:cc:20:0e:3e:3b:d1:6d:0e:49:
                    59:cb:d2:b9:78:b5:fe:ad:7a:f7:81:23:d9:3d:ff:
                    90:c3:5a:d9:6a:d0:26:5f:9e:25:93:24:bb:38:99:
                    63:66:60:4d:df:ed:e1:a0:08:f5:ba:9e:e7:66:37:
                    81:3e:4f:27:60:c0:2d:b8:a7:37:f9:0a:ab:b8:f0:
                    14:a1:ee:dc:0d:4b:ed:41:3d:fe:ee:c3:fc:87:d3:
                    25:0a:7f:63:a8:28:16:76:ab:c3:88:01:50:64:56:
                    5a:c3:b6:3d:ca:17:59:9c:17:ea:88:63:e3:be:d8:
                    90:dc:4b:92:d2:52:00:8b:b7:e7:12:5b:2f:ff:3b:
                    2c:73:51:72:71:aa:ff:be:07:0b:83:4d:d8:f3:99:
                    99:3a:7c:1f:73:03:85:a7:a1:ff:d4:cc:c8:1c:ea:
                    e3:3f:36:4e:66:af:c1:68:15:2f:89:c6:aa:4f:bf:
                    f8:df:11:e8:d6:ff:f5:45:1c:db:23:58:81:24:6b:
                    49:05:6e:05:fd:f8:9c:83:bc:70:43:c9:2b:c4:84:
                    77:96:84:dc:37:7b:fc:59:21:b4:ba:22:2e:3f:59:
                    83:e0:60:00:59:ee:03:98:eb:1b:54:ac:08:a4:69:
                    33:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:19:7E:1F:C2:54:24:37:E0:AB:CE:87:3D:C2:E5:F1:BE:77:52:63
            X509v3 Authority Key Identifier:
                keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:03:dd:bf:9d:f8:a4:1e:bd:4c:c5:c9:7c:d8:bc:74:9a:4c:
         e8:02:0b:c6:e1:f2:40:50:f9:48:af:3e:75:54:f8:7e:bf:84:
         48:9b:03:4b:3b:14:6d:9a:de:ba:c2:f0:7a:d0:f4:43:6e:3c:
         d4:04:2b:a9:0a:bb:a7:2b:d2:03:0d:7f:8b:47:28:ae:df:60:
         26:83:20:a0:03:df:61:bf:14:9f:22:a0:f3:1e:ed:77:04:6a:
         f9:7f:3f:c5:3f:34:77:f3:12:fa:ba:85:3e:1d:00:23:55:bf:
         50:80:a9:37:d1:b2:e0:59:da:a7:ec:f4:d2:ec:ba:0f:66:2d:
         3f:47:a7:5d:0b:78:36:07:3c:b3:e4:f7:c0:cf:46:22:76:61:
         61:1e:73:75:e4:cc:16:77:1b:64:81:f8:15:4a:9d:ed:b4:eb:
         39:b4:3d:83:fe:b9:34:c5:51:98:9c:62:58:6f:b2:62:5b:b6:
         83:ae:7a:68:df:f2:b6:08:6b:ab:23:bb:b8:4b:83:86:2c:20:
         86:2f:56:53:f8:ef:52:75:ef:8f:a0:c5:0c:70:a9:c1:7a:ee:
         17:e1:d8:aa:fe:ea:c7:0a:2e:29:29:ad:38:20:0d:08:b8:bd:
         47:f0:20:6c:c8:69:e3:32:25:fb:b4:05:79:78:8c:24:ec:e4:
         79:0f:90:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYe55e5/gs/X5X+jwH4TuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj
MjQwNjIwHhcNMjYwNDE3MDMwMDI1WhcNMjYwNDE4MDMwMDI1WjAzMTEwLwYDVQQD
Eyg5ODE5N2UxZmMyNTQyNDM3ZTBhYmNlODczZGMyZTVmMWJlNzc1MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CAF5qTB4fCA4CVZqvsL/bp6gtLM
IA4+O9FtDklZy9K5eLX+rXr3gSPZPf+Qw1rZatAmX54lkyS7OJljZmBN3+3hoAj1
up7nZjeBPk8nYMAtuKc3+QqruPAUoe7cDUvtQT3+7sP8h9MlCn9jqCgWdqvDiAFQ
ZFZaw7Y9yhdZnBfqiGPjvtiQ3EuS0lIAi7fnElsv/zssc1Fycar/vgcLg03Y85mZ
OnwfcwOFp6H/1MzIHOrjPzZOZq/BaBUvicaqT7/43xHo1v/1RRzbI1iBJGtJBW4F
/ficg7xwQ8krxIR3loTcN3v8WSG0uiIuP1mD4GAAWe4DmOsbVKwIpGkzzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgZfh/CVCQ34KvOhz3C5fG+d1JjMB8GA1UdIwQY
MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt
Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj
LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAPdv534
pB69TMXJfNi8dJpM6AILxuHyQFD5SK8+dVT4fr+ESJsDSzsUbZreusLwetD0Q248
1AQrqQq7pyvSAw1/i0cort9gJoMgoAPfYb8UnyKg8x7tdwRq+X8/xT80d/MS+rqF
Ph0AI1W/UICpN9Gy4Fnap+z00uy6D2YtP0enXQt4Ngc8s+T3wM9GInZhYR5zdeTM
FncbZIH4FUqd7bTrObQ9g/65NMVRmJxiWG+yYlu2g656aN/ytghrqyO7uEuDhiwg
hi9WU/jvUnXvj6DFDHCpwXruF+HYqv7qxwouKSmtOCANCLi9R/AgbMhp4zIl+7QF
eXiMJOzkeQ+Qkg==
-----END CERTIFICATE-----