Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
File:                     AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft (raw, json)
Hash identifier:          /cGNhXrmSBIb/hCj2TQq/YIneYdesrY9H+ug4VlrsL0=
Subject key identifier:   A8:C7:83:F8:7E:53:64:84:A1:E6:36:3F:0E:18:67:F3:25:D1:51:B0
Authority key identifier: 03:1C:8E:8C:C0:75:C2:D0:43:13:B9:11:D9:3D:61:FE:2A:9A:DE:A2
Certificate issuer:       /CN=031c8e8cc075c2d04313b911d93d61fe2a9adea2
Certificate serial:       019D98F4A3829D1264C6FF2F5F30166BE19D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
Manifest number:          0840
Signing time:             Fri 17 Apr 2026 01:01:02 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:02 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:02 +0000
Files and hashes:         1: AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl (hash: 81h1iUGxJ5vIMe/TIZ/SXTWJbMLDQH/EwFivUbzSn8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:a3:82:9d:12:64:c6:ff:2f:5f:30:16:6b:e1:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=031c8e8cc075c2d04313b911d93d61fe2a9adea2
        Validity
            Not Before: Apr 17 01:01:02 2026 GMT
            Not After : Apr 18 01:01:02 2026 GMT
        Subject: CN=a8c783f87e536484a1e6363f0e1867f325d151b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:83:45:45:c0:30:61:49:f1:eb:32:40:b7:65:
                    84:c5:6c:c5:51:c7:2b:45:85:ac:af:af:f2:1c:3f:
                    79:84:21:41:5c:58:5e:2e:14:88:71:3d:4a:c4:21:
                    69:e7:c5:3b:9f:22:a2:55:cf:9b:cf:18:76:6e:5f:
                    21:20:7d:66:5e:7e:f5:d1:0a:3b:24:81:24:8b:09:
                    84:aa:9d:6f:a5:c6:8a:c5:67:cc:03:82:83:49:58:
                    c3:e0:7f:80:7a:5a:35:eb:a8:4e:79:95:77:35:97:
                    59:36:d3:10:34:a2:9d:a7:c1:55:21:fb:3b:2b:83:
                    d5:cb:79:30:2d:de:0f:a4:36:79:a7:f0:f5:0d:49:
                    f8:3b:34:20:58:f3:77:48:fb:c6:c9:f5:db:df:f1:
                    1a:d4:6a:8d:8c:37:87:2d:27:f8:e2:50:31:65:4b:
                    f7:2b:62:57:cc:dd:0e:de:e6:bc:f7:5d:a0:94:e3:
                    17:17:83:d8:56:15:ae:f3:1a:f2:a3:52:14:dc:44:
                    71:ba:f4:b6:49:3d:a1:24:6a:5c:63:3d:ea:68:02:
                    e2:3e:10:c2:db:62:b2:2d:b6:78:b2:ad:c9:2c:00:
                    db:e9:ed:af:4e:a0:80:da:d4:3c:6f:6c:62:76:f3:
                    5f:08:66:e1:8c:73:9c:75:d8:4f:0c:d8:7d:ad:5a:
                    38:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:C7:83:F8:7E:53:64:84:A1:E6:36:3F:0E:18:67:F3:25:D1:51:B0
            X509v3 Authority Key Identifier:
                keyid:03:1C:8E:8C:C0:75:C2:D0:43:13:B9:11:D9:3D:61:FE:2A:9A:DE:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:6e:ca:f1:3c:4f:36:f7:51:b1:c3:5e:7b:cb:90:15:59:22:
         6e:00:e8:70:67:d3:74:61:00:b3:a0:3e:82:a6:7c:0b:dd:44:
         34:56:33:8e:6a:f9:ed:37:9c:03:a3:77:81:3a:ed:bb:bf:6e:
         a8:4f:5c:38:49:3e:d0:11:d7:5c:4b:2f:b6:94:2d:ed:ec:d9:
         bf:3c:6d:56:ac:62:a0:ae:61:31:d5:0a:46:5d:25:a2:92:6b:
         99:63:0f:31:b0:08:45:ed:69:4a:bf:a9:b3:40:bd:f2:a6:e7:
         a8:5c:de:88:58:53:39:5e:1c:a6:ed:c7:ec:c1:a5:6e:41:0b:
         0a:dd:2f:18:06:30:fd:9c:4c:b5:56:db:48:98:ae:cf:d6:5c:
         6c:a9:72:d6:88:58:0c:c3:46:48:ef:12:ad:29:0f:07:83:d8:
         36:8b:53:35:a8:41:83:32:97:63:1b:0d:3c:46:76:42:ef:64:
         99:29:b6:20:ed:d1:3a:20:1d:9b:ec:5c:b9:ef:8e:9b:1e:16:
         2f:db:a3:02:74:b0:86:dc:49:85:91:a6:f4:e6:65:08:d2:3a:
         96:b7:97:58:d1:cc:b8:24:01:ef:83:8c:2f:b8:38:1d:22:ff:
         bb:88:cb:2e:05:05:2c:07:77:27:66:65:a9:01:eb:a6:af:c5:
         77:0d:7d:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9KOCnRJkxv8vXzAWa+GdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMWM4ZThjYzA3NWMyZDA0MzEzYjkxMWQ5M2Q2MWZlMmE5
YWRlYTIwHhcNMjYwNDE3MDEwMTAyWhcNMjYwNDE4MDEwMTAyWjAzMTEwLwYDVQQD
EyhhOGM3ODNmODdlNTM2NDg0YTFlNjM2M2YwZTE4NjdmMzI1ZDE1MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54NFRcAwYUnx6zJAt2WExWzFUccr
RYWsr6/yHD95hCFBXFheLhSIcT1KxCFp58U7nyKiVc+bzxh2bl8hIH1mXn710Qo7
JIEkiwmEqp1vpcaKxWfMA4KDSVjD4H+Aelo166hOeZV3NZdZNtMQNKKdp8FVIfs7
K4PVy3kwLd4PpDZ5p/D1DUn4OzQgWPN3SPvGyfXb3/Ea1GqNjDeHLSf44lAxZUv3
K2JXzN0O3ua8912glOMXF4PYVhWu8xryo1IU3ERxuvS2ST2hJGpcYz3qaALiPhDC
22KyLbZ4sq3JLADb6e2vTqCA2tQ8b2xidvNfCGbhjHOcddhPDNh9rVo4nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjHg/h+U2SEoeY2Pw4YZ/Ml0VGwMB8GA1UdIwQY
MBaAFAMcjozAdcLQQxO5Edk9Yf4qmt6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83NTIxM2QtMDFhNC00YjYxLWI1OTQt
NjI2OGNlZGFiZDg0LzEvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83NTIxM2QtMDFhNC00YjYxLWI1OTQtNjI2OGNlZGFiZDg0
LzEvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxG7K8TxP
NvdRscNee8uQFVkibgDocGfTdGEAs6A+gqZ8C91ENFYzjmr57TecA6N3gTrtu79u
qE9cOEk+0BHXXEsvtpQt7ezZvzxtVqxioK5hMdUKRl0lopJrmWMPMbAIRe1pSr+p
s0C98qbnqFzeiFhTOV4cpu3H7MGlbkELCt0vGAYw/ZxMtVbbSJiuz9ZcbKly1ohY
DMNGSO8SrSkPB4PYNotTNahBgzKXYxsNPEZ2Qu9kmSm2IO3ROiAdm+xcue+Omx4W
L9ujAnSwhtxJhZGm9OZlCNI6lreXWNHMuCQB74OML7g4HSL/u4jLLgUFLAd3J2Zl
qQHrpq/Fdw19Bw==
-----END CERTIFICATE-----