Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          iHV6KX9KodlnwXnXZtA0dBHWB6l33PYPCviDQq83I5M=
Subject key identifier:   32:80:DA:F5:F9:8A:9B:D1:C1:45:41:47:94:EE:37:F1:B1:25:52:32
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       019CAB6BE556FF46C4588F51E47489DB60B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0F26
Signing time:             Sun 01 Mar 2026 22:01:40 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:40 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:40 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: Riq/rwekudIn9CzO2nk9baVtKweqik2GLZAAffcOwkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:e5:56:ff:46:c4:58:8f:51:e4:74:89:db:60:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Mar  1 22:01:40 2026 GMT
            Not After : Mar  2 22:01:40 2026 GMT
        Subject: CN=3280daf5f98a9bd1c145414794ee37f1b1255232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:41:91:1f:1a:19:49:e1:9d:66:2d:fb:12:3f:
                    b2:bc:9c:ed:ba:da:a6:be:71:e8:9e:29:9e:af:1b:
                    71:a7:3a:26:05:11:bb:cc:60:71:c4:d0:09:36:f8:
                    aa:a5:40:6e:af:9f:93:3a:26:48:86:54:c1:d6:c3:
                    c5:bf:aa:a6:55:c5:42:16:87:ce:5d:d6:9c:cb:69:
                    f3:47:da:33:71:65:25:4e:de:db:63:11:39:a8:22:
                    05:1d:92:1e:5e:66:dc:86:06:ca:6e:91:b2:be:53:
                    7b:bb:09:34:9e:86:13:2b:ca:5e:42:53:aa:2d:1c:
                    ab:fe:c0:08:c5:57:06:60:eb:dd:03:b4:97:ec:4e:
                    ce:6c:b4:38:ff:e8:4a:0c:10:f4:60:40:f0:b1:a2:
                    1d:91:f1:a4:06:e9:3b:f3:ef:48:ed:0f:36:87:ed:
                    31:24:8d:78:5e:40:02:e8:5a:19:ef:ac:54:98:e7:
                    98:a4:e9:1e:5c:ca:ea:94:a5:cb:fe:0f:e4:fa:c5:
                    11:ff:9f:fe:37:e9:e0:77:5c:7a:70:08:fd:e2:52:
                    61:47:df:05:e1:b1:32:df:6a:e0:1c:86:0c:60:49:
                    d8:35:fe:85:d3:66:70:db:dd:56:c6:61:ab:fd:33:
                    47:04:42:5a:1b:0d:64:0d:73:09:88:6e:df:5e:a9:
                    00:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:80:DA:F5:F9:8A:9B:D1:C1:45:41:47:94:EE:37:F1:B1:25:52:32
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:89:69:8f:5d:80:f3:87:a1:ce:69:1b:66:0c:e2:62:fc:bb:
         11:bb:a2:65:ef:1b:bd:b1:a9:93:32:ed:e5:30:5a:4a:e4:23:
         d0:7e:6f:0f:2b:47:b3:27:f7:04:fc:de:a8:0f:f5:99:1c:63:
         fe:e7:fd:5b:c0:f2:b4:ec:06:04:e3:22:cf:8d:49:b0:43:e2:
         4b:98:94:00:fa:f0:b0:b2:3b:b8:58:63:ef:80:13:05:4b:ec:
         6e:6a:54:55:26:63:b5:c7:32:8d:2c:42:36:3a:3b:d9:8f:d2:
         8a:f9:44:63:3f:9c:f3:30:8d:1d:1a:8a:ed:06:cb:5d:4c:ec:
         63:46:80:10:3e:5b:01:96:a9:d1:1e:3f:e4:5d:84:58:52:f5:
         ec:3a:6a:5f:f5:06:77:e7:01:88:62:df:78:0b:95:85:7b:a0:
         42:24:a8:06:35:57:dc:38:14:40:13:9f:ac:2b:8c:25:69:ec:
         fa:24:d2:2f:b7:59:9d:34:57:c1:7a:a0:ef:85:42:58:e7:c6:
         3c:a5:a5:ed:1d:94:6f:50:8e:7e:df:11:02:86:42:c6:39:78:
         2b:33:92:a4:ed:a6:09:31:d1:5f:17:de:93:6e:df:e2:21:3b:
         69:70:d3:0f:4b:46:a7:fd:9c:78:b1:38:8e:57:8f:2f:20:71:
         c5:9a:ac:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra+VW/0bEWI9R5HSJ22CxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjYwMzAxMjIwMTQwWhcNMjYwMzAyMjIwMTQwWjAzMTEwLwYDVQQD
EygzMjgwZGFmNWY5OGE5YmQxYzE0NTQxNDc5NGVlMzdmMWIxMjU1MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0GRHxoZSeGdZi37Ej+yvJztutqm
vnHonimerxtxpzomBRG7zGBxxNAJNviqpUBur5+TOiZIhlTB1sPFv6qmVcVCFofO
Xdacy2nzR9ozcWUlTt7bYxE5qCIFHZIeXmbchgbKbpGyvlN7uwk0noYTK8peQlOq
LRyr/sAIxVcGYOvdA7SX7E7ObLQ4/+hKDBD0YEDwsaIdkfGkBuk78+9I7Q82h+0x
JI14XkAC6FoZ76xUmOeYpOkeXMrqlKXL/g/k+sUR/5/+N+ngd1x6cAj94lJhR98F
4bEy32rgHIYMYEnYNf6F02Zw291WxmGr/TNHBEJaGw1kDXMJiG7fXqkACQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKA2vX5ipvRwUVBR5TuN/GxJVIyMB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfolpj12A
84ehzmkbZgziYvy7EbuiZe8bvbGpkzLt5TBaSuQj0H5vDytHsyf3BPzeqA/1mRxj
/uf9W8DytOwGBOMiz41JsEPiS5iUAPrwsLI7uFhj74ATBUvsbmpUVSZjtccyjSxC
Njo72Y/SivlEYz+c8zCNHRqK7QbLXUzsY0aAED5bAZap0R4/5F2EWFL17DpqX/UG
d+cBiGLfeAuVhXugQiSoBjVX3DgUQBOfrCuMJWns+iTSL7dZnTRXwXqg74VCWOfG
PKWl7R2Ub1COft8RAoZCxjl4KzOSpO2mCTHRXxfek27f4iE7aXDTD0tGp/2ceLE4
jlePLyBxxZqsbQ==
-----END CERTIFICATE-----