Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
File:                     aWZ-UauBVWetZ8u10biJY4Nfqfc.mft (raw, json)
Hash identifier:          KNvhwG+RthFHgcnf3NlkwS8QwOzSkDKzTVcc18+2xcU=
Subject key identifier:   97:C2:45:D6:16:59:CE:9B:6D:44:49:0E:BD:76:B6:8B:4A:92:16:83
Authority key identifier: 69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7
Certificate issuer:       /CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
Certificate serial:       019CAB6AFBD56396496FEE3EFC873A6F1BBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
Manifest number:          0FA6
Signing time:             Sun 01 Mar 2026 22:00:40 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:40 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:40 +0000
Files and hashes:         1: aWZ-UauBVWetZ8u10biJY4Nfqfc.crl (hash: VZnNzLqXWCHbbX5dAE/6Jl44OaxFwfge45pC6hOOVBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:fb:d5:63:96:49:6f:ee:3e:fc:87:3a:6f:1b:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
        Validity
            Not Before: Mar  1 22:00:40 2026 GMT
            Not After : Mar  2 22:00:40 2026 GMT
        Subject: CN=97c245d61659ce9b6d44490ebd76b68b4a921683
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bc:36:2a:88:16:bb:0c:49:7c:02:bf:74:a3:
                    2b:9f:f2:4f:12:e4:31:fd:a8:99:1e:cd:94:40:84:
                    6e:e3:1a:01:d5:ee:40:31:41:4c:b2:33:c5:ae:68:
                    f2:f5:e5:e5:08:02:6f:3e:50:e4:ab:d4:9f:99:0b:
                    05:89:ad:37:c3:c3:cb:7f:59:7d:c5:77:ac:d6:ca:
                    b8:43:b3:a2:a0:46:5a:3b:05:99:54:7e:86:20:12:
                    6a:35:d9:bb:e1:58:51:52:f8:d7:83:1c:49:86:44:
                    9e:5a:b8:c2:9a:b2:e4:c1:8e:cd:7a:76:1e:82:0e:
                    c4:e5:f1:3a:69:c1:e4:95:7b:31:6d:04:84:a1:c5:
                    fa:41:b4:39:c6:59:36:54:4e:b4:2b:fb:4a:09:54:
                    27:4a:f5:05:52:6f:32:0a:53:4d:39:67:e3:a3:12:
                    32:88:06:4b:2c:18:ce:52:73:c7:36:b1:72:5d:f3:
                    a2:c3:3a:41:a2:ec:64:b1:55:52:10:70:77:e0:53:
                    32:60:a4:e6:32:e3:7e:3b:2c:d5:13:8c:f3:e2:f7:
                    cf:d1:81:46:25:50:46:a1:b9:60:05:b2:3f:4f:ae:
                    5e:f1:be:6c:54:a8:3d:bf:58:c9:9f:45:e2:7a:5a:
                    6a:be:3a:cb:16:c4:71:52:af:77:99:64:89:ee:3e:
                    63:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:C2:45:D6:16:59:CE:9B:6D:44:49:0E:BD:76:B6:8B:4A:92:16:83
            X509v3 Authority Key Identifier:
                keyid:69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:98:20:40:d6:6c:b8:96:c5:79:2c:2f:1a:01:51:20:8c:c2:
         fe:8f:04:05:2a:ea:d3:7c:82:f5:dd:65:2b:5b:55:34:4f:9d:
         6d:b8:4a:96:f2:b2:58:f9:28:87:86:9f:0c:29:a6:08:83:7c:
         1f:00:a3:ca:85:fc:d8:13:f9:df:1c:18:45:b4:b0:0f:9f:aa:
         a9:cc:92:c0:77:ea:b0:8d:17:e6:6e:dc:02:e0:f3:53:85:fb:
         fd:1d:17:24:47:e0:a6:28:58:08:35:1f:c0:b8:27:2c:74:b4:
         55:61:57:ac:b6:31:01:3d:f6:df:9e:62:d5:43:5e:9c:1f:64:
         4d:b6:64:4d:42:ff:38:34:1a:65:fe:2d:69:69:45:18:91:37:
         49:65:28:4f:de:97:28:be:73:88:df:67:4a:86:9b:d2:0e:05:
         38:9d:c4:52:fa:78:c5:c2:9d:d8:cd:18:4a:f4:0a:81:f2:33:
         ee:49:46:b2:7b:b0:8e:f1:b2:db:01:36:a5:40:5f:f8:19:2a:
         86:59:6a:17:e8:32:73:78:b7:8a:86:f5:b2:13:27:f7:3f:ce:
         04:1f:a3:16:4e:3a:df:7a:25:2f:4d:0a:28:05:2f:92:60:db:
         2b:09:db:47:f9:f8:f4:50:27:a6:34:0e:41:da:85:3a:98:4e:
         f7:03:bb:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyravvVY5ZJb+4+/Ic6bxu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY3ZTUxYWI4MTU1NjdhZDY3Y2JiNWQxYjg4OTYzODM1
ZmE5ZjcwHhcNMjYwMzAxMjIwMDQwWhcNMjYwMzAyMjIwMDQwWjAzMTEwLwYDVQQD
Eyg5N2MyNDVkNjE2NTljZTliNmQ0NDQ5MGViZDc2YjY4YjRhOTIxNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrw2KogWuwxJfAK/dKMrn/JPEuQx
/aiZHs2UQIRu4xoB1e5AMUFMsjPFrmjy9eXlCAJvPlDkq9SfmQsFia03w8PLf1l9
xXes1sq4Q7OioEZaOwWZVH6GIBJqNdm74VhRUvjXgxxJhkSeWrjCmrLkwY7NenYe
gg7E5fE6acHklXsxbQSEocX6QbQ5xlk2VE60K/tKCVQnSvUFUm8yClNNOWfjoxIy
iAZLLBjOUnPHNrFyXfOiwzpBouxksVVSEHB34FMyYKTmMuN+OyzVE4zz4vfP0YFG
JVBGoblgBbI/T65e8b5sVKg9v1jJn0XielpqvjrLFsRxUq93mWSJ7j5j2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfCRdYWWc6bbURJDr12totKkhaDMB8GA1UdIwQY
MBaAFGlmflGrgVVnrWfLtdG4iWODX6n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzct
YTdlM2M2YTg5MmVjLzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzctYTdlM2M2YTg5MmVj
LzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUpggQNZs
uJbFeSwvGgFRIIzC/o8EBSrq03yC9d1lK1tVNE+dbbhKlvKyWPkoh4afDCmmCIN8
HwCjyoX82BP53xwYRbSwD5+qqcySwHfqsI0X5m7cAuDzU4X7/R0XJEfgpihYCDUf
wLgnLHS0VWFXrLYxAT32355i1UNenB9kTbZkTUL/ODQaZf4taWlFGJE3SWUoT96X
KL5ziN9nSoab0g4FOJ3EUvp4xcKd2M0YSvQKgfIz7klGsnuwjvGy2wE2pUBf+Bkq
hllqF+gyc3i3iob1shMn9z/OBB+jFk4633olL00KKAUvkmDbKwnbR/n49FAnpjQO
QdqFOphO9wO7ww==
-----END CERTIFICATE-----