Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          cgDRX/JzrMC1tKQaTXvcoAEn4e9TcDZqWd3/RYZ+Pww=
Subject key identifier:   59:B8:88:10:C6:2A:39:D3:98:5A:AF:4F:72:F1:0F:D7:0E:F2:13:15
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       019CAC471603FAA5FF4C693210FECFC1670B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          0A04
Signing time:             Mon 02 Mar 2026 02:01:05 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:05 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:05 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: BVWwt+uXAXxRI4dO6LGIq29CAaZvmFVqxLtdc/0RCI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:16:03:fa:a5:ff:4c:69:32:10:fe:cf:c1:67:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: Mar  2 02:01:05 2026 GMT
            Not After : Mar  3 02:01:05 2026 GMT
        Subject: CN=59b88810c62a39d3985aaf4f72f10fd70ef21315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:bf:3f:36:06:51:34:3e:80:d3:7a:6a:5e:e6:
                    cb:a3:73:b7:60:27:7d:2a:ee:b5:df:37:5d:42:09:
                    3d:db:1e:54:91:74:be:17:88:6c:66:19:20:34:92:
                    c4:ba:d1:19:f5:da:1b:5b:b0:2e:ee:61:ca:a4:e8:
                    e0:04:65:5f:0b:a3:20:d7:e0:82:1a:70:67:1d:ae:
                    fc:31:58:48:c7:14:4a:89:7d:8f:c3:ba:c2:d5:b7:
                    cb:ba:d6:1e:a1:1f:39:f6:8b:80:8e:6b:e5:5b:6b:
                    52:13:a1:83:cd:e0:46:d8:9b:72:d7:70:5b:f7:6e:
                    e1:e0:2b:5b:ac:b0:fe:93:67:04:37:ef:93:ae:6d:
                    5b:ff:cd:29:4a:99:c9:47:9a:b8:ec:11:02:49:01:
                    d9:c9:d1:48:4b:49:25:03:d1:39:21:95:17:7a:66:
                    d0:15:ad:10:e2:dc:29:ff:59:ba:d1:7a:5d:06:3e:
                    4f:01:31:a6:f1:47:8c:85:0c:f9:f8:47:02:00:ce:
                    1c:f8:41:38:6e:0d:74:4a:f1:5a:44:0d:88:69:97:
                    cb:cf:0e:7d:41:c7:2a:88:b2:d0:30:bb:4a:a9:06:
                    27:da:f0:00:f1:b7:c0:b6:d4:b3:f6:ac:b7:5f:a9:
                    8a:9e:6b:c7:de:11:e9:4b:20:a7:89:b3:bd:f8:3b:
                    29:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B8:88:10:C6:2A:39:D3:98:5A:AF:4F:72:F1:0F:D7:0E:F2:13:15
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:37:95:04:20:78:ac:9d:59:b5:9a:00:04:fd:cf:39:75:bb:
         ae:b4:dc:16:d9:92:98:a1:1f:d3:b5:42:66:cb:77:5e:fb:7d:
         69:9f:d4:67:d7:c4:ff:bb:b2:33:8b:e0:c8:bd:29:50:c1:a5:
         a4:89:48:01:6c:7d:04:95:c8:4f:47:41:21:cf:67:2a:61:5f:
         e7:d0:37:11:34:24:2a:2b:b7:6e:84:0d:94:fd:09:80:77:f4:
         41:20:96:03:20:aa:3b:9a:cc:01:35:88:ae:36:33:bb:c5:cc:
         05:74:f4:2c:cb:6a:61:8f:0b:70:d5:53:ca:33:a6:b8:01:2f:
         66:c6:01:fc:43:67:e4:94:f8:c9:90:6e:96:48:22:65:44:66:
         d7:53:ce:79:68:a2:45:cf:c4:7d:93:20:c5:78:71:e5:98:cd:
         7b:af:df:21:35:0a:2c:7b:24:86:44:db:db:de:75:ba:c6:73:
         a0:37:2e:2d:37:9d:4b:3b:0f:a0:b4:1f:94:8b:07:55:c5:e7:
         82:e7:70:e7:50:cc:0c:58:b3:ac:8b:d1:ef:ad:42:d5:c7:6d:
         5e:42:4a:ea:9d:d9:d3:85:b5:3b:e2:e0:1d:4b:73:2e:12:64:
         8e:10:00:70:11:0a:36:b6:0c:fa:74:12:77:36:3e:4f:bc:ae:
         be:88:96:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRxYD+qX/TGkyEP7PwWcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjYwMzAyMDIwMTA1WhcNMjYwMzAzMDIwMTA1WjAzMTEwLwYDVQQD
Eyg1OWI4ODgxMGM2MmEzOWQzOTg1YWFmNGY3MmYxMGZkNzBlZjIxMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA278/NgZRND6A03pqXubLo3O3YCd9
Ku613zddQgk92x5UkXS+F4hsZhkgNJLEutEZ9dobW7Au7mHKpOjgBGVfC6Mg1+CC
GnBnHa78MVhIxxRKiX2Pw7rC1bfLutYeoR859ouAjmvlW2tSE6GDzeBG2Jty13Bb
927h4CtbrLD+k2cEN++Trm1b/80pSpnJR5q47BECSQHZydFIS0klA9E5IZUXembQ
Fa0Q4twp/1m60XpdBj5PATGm8UeMhQz5+EcCAM4c+EE4bg10SvFaRA2IaZfLzw59
QccqiLLQMLtKqQYn2vAA8bfAttSz9qy3X6mKnmvH3hHpSyCnibO9+DspCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFm4iBDGKjnTmFqvT3LxD9cO8hMVMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAETeVBCB4
rJ1ZtZoABP3POXW7rrTcFtmSmKEf07VCZst3Xvt9aZ/UZ9fE/7uyM4vgyL0pUMGl
pIlIAWx9BJXIT0dBIc9nKmFf59A3ETQkKiu3boQNlP0JgHf0QSCWAyCqO5rMATWI
rjYzu8XMBXT0LMtqYY8LcNVTyjOmuAEvZsYB/ENn5JT4yZBulkgiZURm11POeWii
Rc/EfZMgxXhx5ZjNe6/fITUKLHskhkTb2951usZzoDcuLTedSzsPoLQflIsHVcXn
gudw51DMDFizrIvR761C1cdtXkJK6p3Z04W1O+LgHUtzLhJkjhAAcBEKNrYM+nQS
dzY+T7yuvoiWPg==
-----END CERTIFICATE-----