Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          lhpQuWHmpdpEilNILfnnxk5q1I0j63Q630Z/PxsQVBI=
Subject key identifier:   A3:E2:9B:A1:60:F6:79:BF:ED:52:59:08:E6:40:86:FF:73:E2:4F:25
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019D9B50F5BACDC075A2D6EAE289D02510DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0E39
Signing time:             Fri 17 Apr 2026 12:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:07 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: kInDpiTIphsasfiS9dE9bbbTgfisTACBqQ5ytv7EvEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:f5:ba:cd:c0:75:a2:d6:ea:e2:89:d0:25:10:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Apr 17 12:01:07 2026 GMT
            Not After : Apr 18 12:01:07 2026 GMT
        Subject: CN=a3e29ba160f679bfed525908e64086ff73e24f25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7f:2f:73:aa:89:2f:95:65:c0:19:11:1f:3d:
                    ba:c4:f5:4a:55:c3:4a:cc:e6:5d:21:5e:e5:be:7e:
                    e8:a6:b5:9a:1e:b8:be:27:3c:9e:09:2d:79:20:84:
                    e2:b8:f4:a5:0e:fb:48:24:40:1a:0a:21:7c:3c:ad:
                    cb:d5:19:12:4f:96:55:a6:16:ed:76:73:9e:56:50:
                    a3:85:9d:e6:15:0a:0b:35:1a:a2:15:c2:49:b5:7c:
                    96:22:9c:1b:ea:3e:f0:0a:e3:3b:a2:33:0c:80:70:
                    16:a3:e6:79:d9:56:99:b5:83:91:21:7b:15:c6:43:
                    1e:95:06:25:67:cb:1d:fa:8f:38:e4:38:e2:66:71:
                    ef:20:0d:70:e1:fb:d4:e7:14:46:da:25:ce:c8:49:
                    cc:67:34:37:21:03:de:89:8f:5c:09:a7:4a:cb:c2:
                    57:d2:99:e8:2b:2a:35:1e:07:17:01:02:e1:a3:4f:
                    62:6a:ea:76:6a:35:32:75:06:46:34:61:ba:1f:30:
                    3e:5f:99:d6:6e:23:fc:be:4c:85:df:9c:88:2f:e8:
                    11:06:fe:37:3a:bd:4f:37:f4:1c:23:3d:e9:f8:98:
                    ec:67:e5:5d:bc:b9:ce:d9:26:4c:37:8f:4d:87:dd:
                    20:13:91:d8:ce:eb:eb:b4:4f:4e:0d:13:56:10:f4:
                    13:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:E2:9B:A1:60:F6:79:BF:ED:52:59:08:E6:40:86:FF:73:E2:4F:25
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:4b:83:f1:e4:fd:47:de:c9:63:04:2d:16:1f:bc:b1:c6:d0:
         9c:0e:ca:17:ce:cb:ca:bb:69:53:98:e5:98:b0:66:a6:bb:8c:
         30:90:ad:d6:94:4c:64:6f:81:a7:e9:e5:af:d1:70:6f:80:f4:
         c7:84:56:17:0f:d0:7f:cd:49:58:35:3e:0b:3a:06:c8:16:65:
         a3:37:94:46:5a:4a:a1:cc:22:0d:16:8b:13:16:cd:d8:3f:93:
         13:9d:ef:86:e5:89:df:85:0c:88:03:25:01:4d:05:63:0b:30:
         0c:36:d6:70:39:ba:4c:13:f3:e9:cd:a2:0b:60:ca:2b:7f:4f:
         55:18:c0:1c:06:e5:b4:27:9e:10:e3:59:f0:f2:3e:d0:0d:46:
         23:dd:1e:c0:95:b9:14:db:21:f4:1d:3f:fa:35:38:aa:03:71:
         d6:a4:8a:c2:d7:bf:d1:9d:1b:a5:4e:39:a6:44:3d:74:6d:df:
         87:91:8f:7f:82:42:14:5d:62:bf:17:37:18:be:40:7d:08:f4:
         41:a0:7a:b2:ff:f9:20:5b:94:2f:cf:db:8c:1b:67:07:94:95:
         aa:7f:a3:58:4c:23:4e:61:a6:a5:b5:fc:88:99:49:0a:d8:dc:
         2a:1e:87:f2:0d:cc:6c:3e:c6:4b:5b:64:d1:15:a4:e4:55:af:
         a6:b6:a6:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUPW6zcB1otbq4onQJRDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjYwNDE3MTIwMTA3WhcNMjYwNDE4MTIwMTA3WjAzMTEwLwYDVQQD
EyhhM2UyOWJhMTYwZjY3OWJmZWQ1MjU5MDhlNjQwODZmZjczZTI0ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn8vc6qJL5VlwBkRHz26xPVKVcNK
zOZdIV7lvn7oprWaHri+JzyeCS15IITiuPSlDvtIJEAaCiF8PK3L1RkST5ZVphbt
dnOeVlCjhZ3mFQoLNRqiFcJJtXyWIpwb6j7wCuM7ojMMgHAWo+Z52VaZtYORIXsV
xkMelQYlZ8sd+o845DjiZnHvIA1w4fvU5xRG2iXOyEnMZzQ3IQPeiY9cCadKy8JX
0pnoKyo1HgcXAQLho09iaup2ajUydQZGNGG6HzA+X5nWbiP8vkyF35yIL+gRBv43
Or1PN/QcIz3p+JjsZ+VdvLnO2SZMN49Nh90gE5HYzuvrtE9ODRNWEPQTOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPim6Fg9nm/7VJZCOZAhv9z4k8lMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACEuD8eT9
R97JYwQtFh+8scbQnA7KF87LyrtpU5jlmLBmpruMMJCt1pRMZG+Bp+nlr9Fwb4D0
x4RWFw/Qf81JWDU+CzoGyBZlozeURlpKocwiDRaLExbN2D+TE53vhuWJ34UMiAMl
AU0FYwswDDbWcDm6TBPz6c2iC2DKK39PVRjAHAbltCeeEONZ8PI+0A1GI90ewJW5
FNsh9B0/+jU4qgNx1qSKwte/0Z0bpU45pkQ9dG3fh5GPf4JCFF1ivxc3GL5AfQj0
QaB6sv/5IFuUL8/bjBtnB5SVqn+jWEwjTmGmpbX8iJlJCtjcKh6H8g3MbD7GS1tk
0RWk5FWvpramBA==
-----END CERTIFICATE-----