Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          7h9XUUj9Q6io8iXBmtvYCJYFGwuEMVrIe430Yj6wT2Q=
Subject key identifier:   BC:AE:F3:C4:E7:F5:E5:E9:48:16:9E:AD:DE:E6:2D:74:4A:03:07:22
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       019D98F4E23D5F9CABAB6D84186433290A20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0FA1
Signing time:             Fri 17 Apr 2026 01:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:18 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: raQEd6yJ/VXoLW8p/FeqQr4XDCF8Nn9kIAG930eoiOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:e2:3d:5f:9c:ab:ab:6d:84:18:64:33:29:0a:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Apr 17 01:01:18 2026 GMT
            Not After : Apr 18 01:01:18 2026 GMT
        Subject: CN=bcaef3c4e7f5e5e948169eaddee62d744a030722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a3:e9:dd:d9:11:47:3d:8b:05:c0:21:5b:4f:
                    d5:b3:77:0f:c7:43:be:60:9b:e7:7a:47:93:cc:ad:
                    2f:7e:7a:9b:16:fe:93:cf:30:24:09:4f:65:89:67:
                    dc:a9:ae:a8:6a:b7:8c:91:3c:91:db:81:c9:1f:2b:
                    00:5f:c0:90:4e:3a:b3:52:bd:ab:28:aa:fe:50:7d:
                    ee:4c:9e:b1:d5:ca:06:5c:7d:0f:cf:27:74:cb:fb:
                    f5:8d:76:63:79:e5:de:c6:7a:22:b2:f1:87:91:d6:
                    28:66:ec:8b:dd:73:6d:2f:a6:0a:b2:92:f8:45:07:
                    11:5f:08:4a:65:d3:21:d5:4d:fd:20:1c:1c:56:03:
                    b8:cf:b4:2a:66:02:67:82:55:78:43:0c:fa:4e:16:
                    a2:92:c9:d4:85:a4:1a:dc:8a:e3:40:4d:02:bf:0d:
                    57:b8:f1:0d:2c:ca:f0:3f:2d:85:07:79:a5:70:87:
                    c6:a2:29:56:54:b9:9e:90:d6:60:20:16:97:94:a3:
                    95:fc:2e:1b:54:6b:61:0a:5f:0f:d2:04:ef:d2:d0:
                    f0:d9:df:46:38:4a:5e:47:85:c5:fe:f6:0d:2e:36:
                    d0:0c:6c:2f:56:2f:74:c7:40:20:31:c8:5a:22:d0:
                    09:c3:22:16:4a:38:9f:05:69:30:c7:a7:c2:b8:f9:
                    fd:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:AE:F3:C4:E7:F5:E5:E9:48:16:9E:AD:DE:E6:2D:74:4A:03:07:22
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:f4:f0:ca:7d:81:f8:ef:21:ba:8a:20:7a:f5:2a:6a:29:a6:
         eb:87:63:06:b6:f8:2c:01:76:e2:60:69:ae:2c:36:63:6a:78:
         78:e0:e6:26:de:a7:dc:a5:31:9e:4e:4b:ba:96:b7:10:1f:c8:
         c7:44:73:3a:74:8a:d5:f2:0f:4d:7e:f8:dd:70:39:f0:24:7b:
         fd:4f:37:04:ed:45:93:81:f6:5f:ac:1f:77:38:0b:c6:3b:ad:
         19:46:b5:0c:52:da:20:0f:72:5e:0b:1b:32:2b:e2:1a:51:dd:
         db:92:05:2f:92:1b:f1:d9:79:cf:58:d8:ec:96:df:57:b6:60:
         d8:df:a3:5b:07:cc:a0:2f:1e:fc:23:41:ce:5a:81:1c:c3:c5:
         3d:94:03:9b:86:79:1e:62:e3:be:34:10:51:7a:5d:41:fd:02:
         02:62:59:d3:2b:ab:55:37:29:d4:a5:b5:c1:2e:a2:4f:e1:97:
         78:e7:d4:fb:2e:25:1c:25:1d:77:81:cf:a8:d6:6b:a5:dd:6d:
         5d:3f:5b:19:46:c0:b0:d2:f3:f9:9a:6f:e7:6f:c1:9d:89:56:
         92:70:a8:e8:5e:ea:19:04:80:d8:01:04:a9:b4:1f:27:55:63:
         9d:ba:29:22:9a:fd:fe:76:83:65:f9:ec:05:c8:47:0d:a1:13:
         74:78:21:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9OI9X5yrq22EGGQzKQogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjYwNDE3MDEwMTE4WhcNMjYwNDE4MDEwMTE4WjAzMTEwLwYDVQQD
EyhiY2FlZjNjNGU3ZjVlNWU5NDgxNjllYWRkZWU2MmQ3NDRhMDMwNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKPp3dkRRz2LBcAhW0/Vs3cPx0O+
YJvnekeTzK0vfnqbFv6TzzAkCU9liWfcqa6oareMkTyR24HJHysAX8CQTjqzUr2r
KKr+UH3uTJ6x1coGXH0Pzyd0y/v1jXZjeeXexnoisvGHkdYoZuyL3XNtL6YKspL4
RQcRXwhKZdMh1U39IBwcVgO4z7QqZgJnglV4Qwz6ThaiksnUhaQa3IrjQE0Cvw1X
uPENLMrwPy2FB3mlcIfGoilWVLmekNZgIBaXlKOV/C4bVGthCl8P0gTv0tDw2d9G
OEpeR4XF/vYNLjbQDGwvVi90x0AgMchaItAJwyIWSjifBWkwx6fCuPn9GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyu88Tn9eXpSBaerd7mLXRKAwciMB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfTwyn2B
+O8huoogevUqaimm64djBrb4LAF24mBpriw2Y2p4eODmJt6n3KUxnk5Lupa3EB/I
x0RzOnSK1fIPTX743XA58CR7/U83BO1Fk4H2X6wfdzgLxjutGUa1DFLaIA9yXgsb
MiviGlHd25IFL5Ib8dl5z1jY7JbfV7Zg2N+jWwfMoC8e/CNBzlqBHMPFPZQDm4Z5
HmLjvjQQUXpdQf0CAmJZ0yurVTcp1KW1wS6iT+GXeOfU+y4lHCUdd4HPqNZrpd1t
XT9bGUbAsNLz+Zpv52/BnYlWknCo6F7qGQSA2AEEqbQfJ1VjnbopIpr9/naDZfns
BchHDaETdHghUA==
-----END CERTIFICATE-----