Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
File:                     aWZRzL2U9r6et0MyEiM1yrvvw5o.mft (raw, json)
Hash identifier:          BxxQifVp5PP+qTnONU2kopjjLbTx1QA4KtRHrFub+gU=
Subject key identifier:   21:AB:03:5A:C0:59:3A:A0:4D:75:2E:3C:3C:BC:06:75:07:D8:6D:9D
Authority key identifier: 69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A
Certificate issuer:       /CN=696651ccbd94f6be9eb74332122335cabbefc39a
Certificate serial:       019DA30ACA3945F2454298A8323DA49413E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
Manifest number:          07F3
Signing time:             Sun 19 Apr 2026 00:01:26 +0000
Manifest this update:     Sun 19 Apr 2026 00:01:26 +0000
Manifest next update:     Mon 20 Apr 2026 00:01:26 +0000
Files and hashes:         1: aWZRzL2U9r6et0MyEiM1yrvvw5o.crl (hash: ZDikAfvpc8UT4zmPzLt34dTsns7P+oUm1mvQeYGUQbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:ca:39:45:f2:45:42:98:a8:32:3d:a4:94:13:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696651ccbd94f6be9eb74332122335cabbefc39a
        Validity
            Not Before: Apr 19 00:01:26 2026 GMT
            Not After : Apr 20 00:01:26 2026 GMT
        Subject: CN=21ab035ac0593aa04d752e3c3cbc067507d86d9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1c:06:7e:d1:f9:10:53:37:d4:87:34:9f:33:
                    1b:c5:42:f9:23:e2:6e:6a:61:30:3e:61:08:a9:e8:
                    df:21:f8:b0:92:41:0f:ac:0e:68:0c:57:e7:f2:37:
                    12:4c:dc:b5:de:8e:5d:0c:4f:a8:42:70:5e:96:37:
                    97:c2:4e:81:4a:5f:f5:d3:cc:24:16:c0:05:c5:01:
                    d0:93:a1:85:46:35:92:6b:49:64:8f:70:2c:4c:26:
                    83:1c:08:86:0e:a5:b4:2b:aa:02:5e:14:d5:de:06:
                    a8:d8:98:af:e6:27:7d:e2:cb:0b:81:4a:ae:d7:2a:
                    40:e3:45:5f:ad:4b:a3:25:75:64:82:f3:c6:fb:ec:
                    73:f9:ce:41:fe:aa:61:8d:dc:03:be:c0:42:bb:21:
                    78:64:30:65:42:df:10:8c:f1:bc:e1:f2:30:7d:35:
                    19:6d:82:74:b3:32:b5:ba:02:4e:6e:b4:d7:7d:13:
                    1b:74:8c:98:92:2f:0c:8c:dc:39:4a:40:17:f0:fd:
                    cc:98:2e:8e:78:db:31:00:d3:41:1e:93:b9:b1:76:
                    da:44:bb:49:c8:e2:10:7c:8c:af:5a:7e:ba:6e:c7:
                    8d:eb:d1:fb:15:c4:e9:ea:74:2e:b3:ac:e3:ca:48:
                    ce:af:b1:45:02:16:51:e4:0a:d4:3b:3b:23:4d:d8:
                    12:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:AB:03:5A:C0:59:3A:A0:4D:75:2E:3C:3C:BC:06:75:07:D8:6D:9D
            X509v3 Authority Key Identifier:
                keyid:69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:96:ea:51:ad:66:d7:e8:63:78:aa:04:94:05:b8:72:a4:04:
         9a:b2:aa:60:86:4f:f9:8e:26:b7:cf:d4:eb:ec:f2:cf:2b:9b:
         71:81:b8:35:19:ba:75:a5:ec:00:4a:19:62:6b:ee:ee:13:de:
         ac:11:ad:79:01:73:16:f4:04:36:c3:9a:ca:a3:e8:80:6f:fc:
         f7:61:80:26:9f:fc:8f:3c:13:0f:63:ee:40:01:cd:3d:79:cf:
         cc:7d:f1:11:63:ae:04:dc:04:24:99:9c:c3:df:77:f0:1a:c7:
         7a:85:5f:b3:70:2b:6a:a8:71:35:28:85:14:be:2e:1f:ed:03:
         bd:17:28:47:2a:fa:f7:92:d7:73:15:c1:74:f4:d6:82:c8:49:
         db:c5:2d:d6:6c:14:68:9a:e6:2f:49:4d:d0:dd:f9:62:cc:b4:
         42:38:93:04:21:65:73:4d:a1:62:32:62:3a:99:f5:a7:81:f5:
         0f:e5:48:fa:63:15:18:17:76:44:4b:4f:07:4a:78:f8:41:28:
         b8:7b:0b:c8:bc:55:82:60:ca:57:40:d8:77:d2:03:c3:92:20:
         47:bb:df:ec:db:e8:e2:2d:53:7f:76:02:c3:ab:0f:f8:08:db:
         43:2c:dc:dd:82:34:21:38:08:ce:5f:52:5e:5b:5d:f3:38:ac:
         1f:47:ac:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCso5RfJFQpioMj2klBPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY1MWNjYmQ5NGY2YmU5ZWI3NDMzMjEyMjMzNWNhYmJl
ZmMzOWEwHhcNMjYwNDE5MDAwMTI2WhcNMjYwNDIwMDAwMTI2WjAzMTEwLwYDVQQD
EygyMWFiMDM1YWMwNTkzYWEwNGQ3NTJlM2MzY2JjMDY3NTA3ZDg2ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxwGftH5EFM31Ic0nzMbxUL5I+Ju
amEwPmEIqejfIfiwkkEPrA5oDFfn8jcSTNy13o5dDE+oQnBeljeXwk6BSl/108wk
FsAFxQHQk6GFRjWSa0lkj3AsTCaDHAiGDqW0K6oCXhTV3gao2Jiv5id94ssLgUqu
1ypA40VfrUujJXVkgvPG++xz+c5B/qphjdwDvsBCuyF4ZDBlQt8QjPG84fIwfTUZ
bYJ0szK1ugJObrTXfRMbdIyYki8MjNw5SkAX8P3MmC6OeNsxANNBHpO5sXbaRLtJ
yOIQfIyvWn66bseN69H7FcTp6nQus6zjykjOr7FFAhZR5ArUOzsjTdgSSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGrA1rAWTqgTXUuPDy8BnUH2G2dMB8GA1UdIwQY
MBaAFGlmUcy9lPa+nrdDMhIjNcq778OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAt
ZDg3MDE3ZDdhNmFjLzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAtZDg3MDE3ZDdhNmFj
LzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqJbqUa1m
1+hjeKoElAW4cqQEmrKqYIZP+Y4mt8/U6+zyzyubcYG4NRm6daXsAEoZYmvu7hPe
rBGteQFzFvQENsOayqPogG/892GAJp/8jzwTD2PuQAHNPXnPzH3xEWOuBNwEJJmc
w9938BrHeoVfs3AraqhxNSiFFL4uH+0DvRcoRyr695LXcxXBdPTWgshJ28Ut1mwU
aJrmL0lN0N35Ysy0QjiTBCFlc02hYjJiOpn1p4H1D+VI+mMVGBd2REtPB0p4+EEo
uHsLyLxVgmDKV0DYd9IDw5IgR7vf7Nvo4i1Tf3YCw6sP+AjbQyzc3YI0ITgIzl9S
Xltd8zisH0estQ==
-----END CERTIFICATE-----