Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft
File:                     avL7pFrWUxpj0XNQFPaZgH9H-9w.mft (raw, json)
Hash identifier:          Hjz0gtSW43zl08Zg3esXdpX6xAAaQvAVLEf23lEsHUc=
Subject key identifier:   00:0A:B9:4D:35:F5:BC:9D:74:0F:23:52:04:2B:C8:D4:13:23:27:F3
Authority key identifier: 6A:F2:FB:A4:5A:D6:53:1A:63:D1:73:50:14:F6:99:80:7F:47:FB:DC
Certificate issuer:       /CN=6af2fba45ad6531a63d1735014f699807f47fbdc
Certificate serial:       019D99D00ABB3EF2CCA1AC1EFE51CD2C912F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avL7pFrWUxpj0XNQFPaZgH9H-9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft
Manifest number:          08EB
Signing time:             Fri 17 Apr 2026 05:00:41 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:41 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:41 +0000
Files and hashes:         1: avL7pFrWUxpj0XNQFPaZgH9H-9w.crl (hash: Dy/zvAcPd3DHABHZOhM2tr+j+7SnZ1vDriXF8c5PZBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avL7pFrWUxpj0XNQFPaZgH9H-9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:0a:bb:3e:f2:cc:a1:ac:1e:fe:51:cd:2c:91:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2fba45ad6531a63d1735014f699807f47fbdc
        Validity
            Not Before: Apr 17 05:00:41 2026 GMT
            Not After : Apr 18 05:00:41 2026 GMT
        Subject: CN=000ab94d35f5bc9d740f2352042bc8d4132327f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:40:89:a2:ca:56:6b:b6:ca:59:32:20:ff:e9:
                    83:15:65:16:53:90:5d:5e:5d:e4:ac:e4:9b:62:29:
                    fb:ef:82:42:49:41:dc:07:88:d1:37:54:a5:04:68:
                    01:4a:13:8d:fd:88:5d:33:44:10:3c:10:76:6e:bb:
                    d8:c3:95:7a:37:13:45:bf:d8:37:1f:2c:71:92:52:
                    86:cb:6a:db:c3:a0:17:1f:43:93:aa:3d:64:6f:e5:
                    9e:18:de:a9:5d:66:1a:56:ce:19:1b:f9:9c:fe:31:
                    95:39:57:7f:21:2f:31:c6:69:4a:65:c1:bb:4e:fb:
                    7b:88:e5:a7:c5:74:d8:25:56:ed:66:4f:c5:28:79:
                    d3:76:0e:eb:7a:c8:1d:32:6b:c0:fb:25:c3:7a:7d:
                    a4:6e:1a:b3:11:00:64:35:cc:c5:57:b0:9f:34:a7:
                    d6:21:21:08:81:5b:03:92:2b:a8:02:97:44:b6:a2:
                    f9:63:ea:89:6a:78:81:cc:d7:6c:49:3c:57:e3:04:
                    4c:d8:41:ca:5b:13:fe:4a:05:ee:a1:be:af:07:46:
                    ca:e2:c1:87:76:8e:75:88:aa:f1:2b:83:a1:a7:03:
                    1f:45:85:06:ce:f6:0b:11:b6:db:4c:bb:7f:60:f0:
                    88:57:23:2e:7c:f3:8b:cf:e1:d7:17:71:d4:ef:52:
                    4e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:0A:B9:4D:35:F5:BC:9D:74:0F:23:52:04:2B:C8:D4:13:23:27:F3
            X509v3 Authority Key Identifier:
                keyid:6A:F2:FB:A4:5A:D6:53:1A:63:D1:73:50:14:F6:99:80:7F:47:FB:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avL7pFrWUxpj0XNQFPaZgH9H-9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/728a40-e0ee-436b-b1fb-197ec9a115aa/1/avL7pFrWUxpj0XNQFPaZgH9H-9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:6f:5b:34:b9:ed:76:2e:ad:48:05:28:56:fe:b5:d6:17:2d:
         98:a6:3f:e1:4d:8e:92:88:45:7e:6f:0d:cd:14:df:4e:c7:dc:
         a8:58:36:d1:30:1a:a4:75:30:5e:aa:90:4a:34:4d:88:b1:1a:
         1b:6b:2e:b4:41:14:ae:8b:4a:40:f3:e0:06:bb:79:c2:3c:ed:
         df:77:90:7b:8d:ef:96:9c:c6:97:03:df:71:f8:e3:36:b6:eb:
         23:84:10:0e:e8:4e:2f:3b:e6:f2:09:f5:e2:ee:b7:d0:9d:09:
         9e:1e:48:9f:9a:ea:2a:70:5d:e7:10:fd:5b:d7:7f:fe:e5:6d:
         44:c2:35:d6:78:b2:1b:e5:c9:04:f3:2c:f6:78:34:79:1d:6f:
         45:bc:19:32:df:c7:2a:a8:a1:d7:3f:cb:8a:00:3d:62:30:47:
         8f:5c:27:ae:b7:01:77:2e:b5:2f:2c:65:bf:e4:6f:8d:eb:e1:
         e4:ca:e3:a9:90:8a:ca:6f:db:60:69:29:e3:38:c7:c7:db:d7:
         ba:12:08:83:f4:71:16:97:db:89:f7:81:4d:77:ca:26:b4:95:
         93:1f:c5:83:f1:a6:0a:6d:c3:cf:76:01:f2:f4:0a:f6:b0:a8:
         f4:ae:b0:f4:4a:4f:93:55:f8:7e:7d:17:65:bc:b2:db:e6:26:
         7d:16:0e:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0Aq7PvLMoawe/lHNLJEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJmYmE0NWFkNjUzMWE2M2QxNzM1MDE0ZjY5OTgwN2Y0
N2ZiZGMwHhcNMjYwNDE3MDUwMDQxWhcNMjYwNDE4MDUwMDQxWjAzMTEwLwYDVQQD
EygwMDBhYjk0ZDM1ZjViYzlkNzQwZjIzNTIwNDJiYzhkNDEzMjMyN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkCJospWa7bKWTIg/+mDFWUWU5Bd
Xl3krOSbYin774JCSUHcB4jRN1SlBGgBShON/YhdM0QQPBB2brvYw5V6NxNFv9g3
HyxxklKGy2rbw6AXH0OTqj1kb+WeGN6pXWYaVs4ZG/mc/jGVOVd/IS8xxmlKZcG7
Tvt7iOWnxXTYJVbtZk/FKHnTdg7resgdMmvA+yXDen2kbhqzEQBkNczFV7CfNKfW
ISEIgVsDkiuoApdEtqL5Y+qJaniBzNdsSTxX4wRM2EHKWxP+SgXuob6vB0bK4sGH
do51iKrxK4OhpwMfRYUGzvYLEbbbTLt/YPCIVyMufPOLz+HXF3HU71JOJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAKuU019byddA8jUgQryNQTIyfzMB8GA1UdIwQY
MBaAFGry+6Ra1lMaY9FzUBT2mYB/R/vcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZMN3BGcldVeHBqMFhOUUZQYVpnSDlILTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MjhhNDAtZTBlZS00MzZiLWIxZmIt
MTk3ZWM5YTExNWFhLzEvYXZMN3BGcldVeHBqMFhOUUZQYVpnSDlILTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MjhhNDAtZTBlZS00MzZiLWIxZmItMTk3ZWM5YTExNWFh
LzEvYXZMN3BGcldVeHBqMFhOUUZQYVpnSDlILTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUG9bNLnt
di6tSAUoVv611hctmKY/4U2OkohFfm8NzRTfTsfcqFg20TAapHUwXqqQSjRNiLEa
G2sutEEUrotKQPPgBrt5wjzt33eQe43vlpzGlwPfcfjjNrbrI4QQDuhOLzvm8gn1
4u630J0Jnh5In5rqKnBd5xD9W9d//uVtRMI11niyG+XJBPMs9ng0eR1vRbwZMt/H
Kqih1z/LigA9YjBHj1wnrrcBdy61Lyxlv+Rvjevh5MrjqZCKym/bYGkp4zjHx9vX
uhIIg/RxFpfbifeBTXfKJrSVkx/Fg/GmCm3Dz3YB8vQK9rCo9K6w9EpPk1X4fn0X
Zbyy2+YmfRYO8Q==
-----END CERTIFICATE-----