Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          4DzPcZiRQTAp2BhMzpqzufSR4QBf08dVgOI5WVjGhfY=
Subject key identifier:   4A:6E:07:CC:BD:63:55:15:98:B6:C6:6A:33:97:2D:D0:68:6F:3F:3E
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       019D9962C481F96A38CC8F470ACBD916701F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          0A32
Signing time:             Fri 17 Apr 2026 03:01:19 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:19 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:19 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: /NDSNkZJaqfWRIdgwGCHAWOvXSk4jDz9c8sSQFDmcNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:c4:81:f9:6a:38:cc:8f:47:0a:cb:d9:16:70:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: Apr 17 03:01:19 2026 GMT
            Not After : Apr 18 03:01:19 2026 GMT
        Subject: CN=4a6e07ccbd63551598b6c66a33972dd0686f3f3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:95:13:82:63:53:0d:79:d4:52:18:77:a2:e1:
                    4a:c2:a8:29:ef:3f:cf:e0:ce:71:be:66:0a:b4:96:
                    0f:7a:87:ad:fd:ee:78:ad:bf:e3:a8:ba:ba:db:81:
                    03:ad:9b:db:42:db:b2:bc:9a:0b:ba:45:38:6e:6e:
                    df:74:f1:d5:dc:93:4f:31:b2:4e:b7:80:2a:2f:98:
                    51:12:3a:c2:e5:23:9b:f1:d0:4f:20:16:c9:23:9f:
                    5c:88:84:19:3f:dc:43:d9:69:42:06:9d:d6:38:56:
                    14:df:13:99:b5:8d:5f:28:20:58:27:51:ed:7e:25:
                    b4:3d:02:64:a6:85:b3:b8:53:95:25:7f:4a:eb:05:
                    4d:05:95:84:cd:ca:dd:20:27:9e:24:fa:a4:e1:40:
                    c2:f7:ea:7d:e0:83:1a:f1:59:e6:15:36:42:fb:60:
                    dd:ac:71:94:27:a5:a3:b9:1d:b8:e7:42:3f:af:0c:
                    de:10:23:b5:75:ab:75:99:fb:4d:c2:f6:45:15:48:
                    dc:5f:4c:2b:f3:4a:59:a1:bd:ce:d8:e8:1f:ac:48:
                    e7:ca:bd:9a:26:56:44:30:82:76:4b:1d:ea:a9:73:
                    5b:02:cb:7e:8a:6b:e1:49:5b:04:f8:ca:1d:15:1b:
                    5b:15:6c:7f:48:e5:2c:e0:80:95:a1:70:88:d6:46:
                    09:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:6E:07:CC:BD:63:55:15:98:B6:C6:6A:33:97:2D:D0:68:6F:3F:3E
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:cc:e7:d7:23:b6:53:a9:c3:9b:0b:7a:0a:db:c8:46:2b:66:
         59:67:70:1a:38:e3:c4:d0:7f:4e:fa:70:97:50:32:c3:29:27:
         1b:3e:e6:6a:48:db:67:a2:87:13:fc:dd:03:0c:02:bc:d6:8a:
         9c:2b:d9:d4:6d:a4:66:53:cb:97:2d:76:01:50:fe:9a:72:b8:
         86:c8:e0:37:a7:80:0d:2a:53:aa:d4:56:ec:b8:62:23:1e:9d:
         0f:15:d7:c8:72:ec:cc:d7:ee:be:30:81:fa:9e:d7:70:c5:3d:
         79:4e:64:a7:9f:52:be:85:82:db:1e:66:85:f2:6d:c0:2d:9e:
         8e:80:25:13:bd:70:9e:fc:22:36:15:2b:c3:69:71:00:5a:d5:
         eb:fe:ff:77:63:23:ad:69:c0:6f:1c:bf:29:be:81:61:c9:17:
         b8:57:1e:f9:4c:27:71:90:8c:fd:bd:fd:3f:b1:a3:cd:cd:b9:
         1b:8b:78:e3:49:44:af:a7:6d:c3:79:fd:ca:7a:8c:24:3a:81:
         32:74:91:1d:64:6e:34:19:4c:29:15:50:66:81:60:f9:45:dd:
         7b:7e:a1:1f:0a:b2:53:6f:59:7e:96:fd:e7:4a:41:4f:19:b6:
         39:13:15:88:37:45:2c:42:09:de:c5:a2:65:57:28:cc:93:61:
         13:62:7f:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYsSB+Wo4zI9HCsvZFnAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjYwNDE3MDMwMTE5WhcNMjYwNDE4MDMwMTE5WjAzMTEwLwYDVQQD
Eyg0YTZlMDdjY2JkNjM1NTE1OThiNmM2NmEzMzk3MmRkMDY4NmYzZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppUTgmNTDXnUUhh3ouFKwqgp7z/P
4M5xvmYKtJYPeoet/e54rb/jqLq624EDrZvbQtuyvJoLukU4bm7fdPHV3JNPMbJO
t4AqL5hREjrC5SOb8dBPIBbJI59ciIQZP9xD2WlCBp3WOFYU3xOZtY1fKCBYJ1Ht
fiW0PQJkpoWzuFOVJX9K6wVNBZWEzcrdICeeJPqk4UDC9+p94IMa8VnmFTZC+2Dd
rHGUJ6WjuR2450I/rwzeECO1dat1mftNwvZFFUjcX0wr80pZob3O2OgfrEjnyr2a
JlZEMIJ2Sx3qqXNbAst+imvhSVsE+ModFRtbFWx/SOUs4ICVoXCI1kYJMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpuB8y9Y1UVmLbGajOXLdBobz8+MB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVczn1yO2
U6nDmwt6CtvIRitmWWdwGjjjxNB/Tvpwl1AywyknGz7makjbZ6KHE/zdAwwCvNaK
nCvZ1G2kZlPLly12AVD+mnK4hsjgN6eADSpTqtRW7LhiIx6dDxXXyHLszNfuvjCB
+p7XcMU9eU5kp59SvoWC2x5mhfJtwC2ejoAlE71wnvwiNhUrw2lxAFrV6/7/d2Mj
rWnAbxy/Kb6BYckXuFce+UwncZCM/b39P7Gjzc25G4t440lEr6dtw3n9ynqMJDqB
MnSRHWRuNBlMKRVQZoFg+UXde36hHwqyU29Zfpb950pBTxm2ORMViDdFLEIJ3sWi
ZVcozJNhE2J/hQ==
-----END CERTIFICATE-----