Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          uPrFHtpddw/Aj5uddS5BeReZKLUMogrXFa3BkLL0Tz4=
Subject key identifier:   13:BC:37:87:82:E2:79:25:3A:FD:0B:E9:E9:84:57:E7:A4:8F:7F:05
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       019CAC0FDAD3206566DD324E8393E3365945
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          07A5
Signing time:             Mon 02 Mar 2026 01:00:46 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:46 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:46 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: zh5k9zP4WGVjKCeOIjxiedKFrm2dzIZwPFLcl4GwdXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:da:d3:20:65:66:dd:32:4e:83:93:e3:36:59:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Mar  2 01:00:46 2026 GMT
            Not After : Mar  3 01:00:46 2026 GMT
        Subject: CN=13bc378782e279253afd0be9e98457e7a48f7f05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f0:a0:09:14:8d:74:14:db:11:c2:d8:2f:5a:
                    6d:99:16:68:c5:83:fa:5c:3e:c3:1e:af:a7:7f:b9:
                    cf:28:ba:2b:c4:c5:b1:83:61:b5:03:05:5f:17:5f:
                    4e:df:82:89:1a:50:5a:8b:aa:d5:71:2e:72:d8:3f:
                    a0:18:c5:96:4b:c4:54:bf:5c:78:53:0e:a1:bb:be:
                    a4:05:bc:73:78:5e:e2:95:31:08:ed:4a:cd:4e:78:
                    ea:e2:c6:9a:f1:c4:1f:52:4a:1b:98:3c:89:1a:b8:
                    25:da:06:37:61:66:4d:53:cb:c5:ee:54:f8:eb:3d:
                    ba:36:15:4f:ab:e6:e4:b9:36:24:71:90:cc:b4:91:
                    57:3d:44:89:c5:5b:d8:8e:ce:1c:96:b2:4e:69:b5:
                    dc:1d:11:92:ef:06:f4:e8:86:be:f7:a9:66:c9:c9:
                    b7:1b:f3:a9:f5:4c:79:3f:a7:85:ea:86:e2:69:25:
                    15:ac:e1:a5:0e:19:70:22:91:44:99:6f:4a:a3:8d:
                    92:89:2a:06:67:03:89:99:ec:09:44:f3:ad:b6:15:
                    35:9b:7c:21:82:3c:33:8a:33:51:b2:cb:91:ec:7a:
                    e0:e3:2e:59:f3:04:9e:dd:95:6e:a8:bc:50:db:b2:
                    e4:d2:1a:06:e6:5d:78:21:a6:fa:2c:94:69:82:8f:
                    27:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:BC:37:87:82:E2:79:25:3A:FD:0B:E9:E9:84:57:E7:A4:8F:7F:05
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:2a:c2:2e:72:7e:27:5a:3f:9c:68:ec:4d:20:5b:45:77:ba:
         02:6b:91:a6:6d:68:2b:c3:30:21:8e:fd:d6:11:07:92:9f:33:
         b3:4c:f5:2e:eb:f9:2b:ce:34:22:67:64:22:fb:9b:6c:56:2d:
         71:7a:db:d7:91:98:b5:58:f8:03:d8:c4:3f:ac:3e:81:c1:03:
         e5:57:41:7e:3e:b8:52:bf:f0:b8:8b:e2:06:f0:e2:e1:82:39:
         cd:91:36:86:1a:ec:43:38:16:e8:22:12:e0:23:78:a8:74:5d:
         87:f2:e7:29:ee:8d:eb:f9:b5:de:ce:de:73:fe:7e:82:49:d5:
         60:28:82:44:10:af:ac:9a:64:92:5d:c0:9e:22:22:2c:41:6c:
         25:4f:2f:f9:8f:ad:84:88:a9:14:5a:c8:49:2d:a5:95:ce:e1:
         79:df:fe:21:b9:ff:42:31:bc:f0:d2:ba:54:fd:6d:58:12:99:
         6e:b8:90:a8:9a:b0:ce:83:72:64:4d:13:f3:d2:96:71:8b:9e:
         8a:a2:32:d2:ca:90:97:05:71:96:dc:b9:08:a7:82:8b:37:ba:
         3e:a8:48:2b:92:64:df:42:5b:bc:9a:a4:9e:2b:d6:ab:27:b0:
         f9:6e:c3:9c:81:e6:13:9e:1a:d7:43:d7:83:be:f2:41:a8:f1:
         36:cc:1b:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD9rTIGVm3TJOg5PjNllFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjYwMzAyMDEwMDQ2WhcNMjYwMzAzMDEwMDQ2WjAzMTEwLwYDVQQD
EygxM2JjMzc4NzgyZTI3OTI1M2FmZDBiZTllOTg0NTdlN2E0OGY3ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvCgCRSNdBTbEcLYL1ptmRZoxYP6
XD7DHq+nf7nPKLorxMWxg2G1AwVfF19O34KJGlBai6rVcS5y2D+gGMWWS8RUv1x4
Uw6hu76kBbxzeF7ilTEI7UrNTnjq4saa8cQfUkobmDyJGrgl2gY3YWZNU8vF7lT4
6z26NhVPq+bkuTYkcZDMtJFXPUSJxVvYjs4clrJOabXcHRGS7wb06Ia+96lmycm3
G/Op9Ux5P6eF6obiaSUVrOGlDhlwIpFEmW9Ko42SiSoGZwOJmewJRPOtthU1m3wh
gjwzijNRssuR7Hrg4y5Z8wSe3ZVuqLxQ27Lk0hoG5l14Iab6LJRpgo8n0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBO8N4eC4nklOv0L6emEV+ekj38FMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAySrCLnJ+
J1o/nGjsTSBbRXe6AmuRpm1oK8MwIY791hEHkp8zs0z1Luv5K840ImdkIvubbFYt
cXrb15GYtVj4A9jEP6w+gcED5VdBfj64Ur/wuIviBvDi4YI5zZE2hhrsQzgW6CIS
4CN4qHRdh/LnKe6N6/m13s7ec/5+gknVYCiCRBCvrJpkkl3AniIiLEFsJU8v+Y+t
hIipFFrISS2llc7hed/+Ibn/QjG88NK6VP1tWBKZbriQqJqwzoNyZE0T89KWcYue
iqIy0sqQlwVxlty5CKeCize6PqhIK5Jk30JbvJqknivWqyew+W7DnIHmE54a10PX
g77yQajxNswbqQ==
-----END CERTIFICATE-----