Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          iEGKF+oehBoiNFdAlJW9MhX+N43UrPS0JakdHGJseR4=
Subject key identifier:   42:44:19:C4:D4:30:7D:82:45:C1:35:21:2B:4F:9E:F8:77:6D:2D:07
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       019DA34104195BA2C2C0C19634263B96486E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          0825
Signing time:             Sun 19 Apr 2026 01:00:40 +0000
Manifest this update:     Sun 19 Apr 2026 01:00:40 +0000
Manifest next update:     Mon 20 Apr 2026 01:00:40 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: lrTsdoHyvy9A8E7RQr4+3pnbQ4EekZU8OOj9NKVFwXo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 01:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:41:04:19:5b:a2:c2:c0:c1:96:34:26:3b:96:48:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Apr 19 01:00:40 2026 GMT
            Not After : Apr 20 01:00:40 2026 GMT
        Subject: CN=424419c4d4307d8245c135212b4f9ef8776d2d07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:30:05:2f:0d:c6:16:57:ff:c0:51:b9:67:bd:
                    a5:76:33:57:63:63:fe:88:8e:f7:14:7b:15:d9:09:
                    92:81:5e:b6:3e:5e:7c:51:14:7e:f2:30:6c:2d:06:
                    db:a1:b5:2c:4e:95:c9:ef:65:de:86:37:60:1f:d3:
                    8c:24:7b:34:c8:cd:5d:d3:a0:da:89:cf:c2:3c:41:
                    0a:83:b1:12:ad:e0:a6:ce:85:1a:56:b6:2c:64:6a:
                    86:b8:72:c5:29:f7:a3:de:fd:63:b6:d3:31:bc:e3:
                    21:ba:1e:da:f9:97:17:05:35:e7:bf:37:47:0c:e3:
                    04:5a:56:1c:b0:9c:fa:7a:78:96:79:d6:af:60:96:
                    9c:f6:11:28:1e:3d:2e:63:71:3c:b8:96:fb:39:d4:
                    85:f0:21:28:e4:96:1b:ce:b3:11:41:0b:ff:a5:f3:
                    31:aa:ae:3c:a4:e1:72:31:c5:71:14:33:e6:b0:03:
                    d1:b8:00:c9:bf:e5:b0:42:c4:72:b1:6f:0b:51:b7:
                    e1:82:2f:06:03:29:ea:82:c1:b3:43:9b:a0:7d:a7:
                    45:ea:16:41:b9:3d:f9:61:f8:fc:86:cc:3c:c1:5b:
                    94:d4:e5:23:1a:e8:69:82:93:9c:c8:bd:71:d3:d1:
                    21:5a:0f:cd:a0:b9:66:bd:37:36:a0:88:92:cb:74:
                    b4:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:44:19:C4:D4:30:7D:82:45:C1:35:21:2B:4F:9E:F8:77:6D:2D:07
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:57:45:8d:92:bd:28:af:6e:42:db:55:19:f0:ba:37:c0:5b:
         2a:ff:c5:4d:b8:f6:06:74:e0:1d:a8:7f:ae:09:2d:4b:c3:2e:
         b7:d3:d3:eb:cc:78:44:67:0e:b3:81:94:c6:3f:9b:e8:7a:7a:
         34:4f:a0:8b:e5:f9:b9:6d:85:21:d0:d5:7e:e3:e1:6a:59:ea:
         fa:86:00:38:6f:c2:4f:83:b7:0c:90:81:0c:63:6f:cc:62:33:
         18:35:00:74:ff:57:0c:42:ad:32:71:00:ff:be:9d:e0:8f:ea:
         67:5c:cc:4e:3b:04:5b:1c:2b:e6:b6:32:29:9c:89:f3:a4:45:
         9e:c0:f6:c5:c0:96:d5:4b:e3:c8:58:de:7a:62:27:90:1a:c5:
         5d:e1:8f:35:54:53:50:dc:53:3e:ee:52:24:14:58:b8:4d:4b:
         79:b6:38:59:2b:86:ba:f9:8a:87:75:6d:ea:4c:ce:ef:d6:e1:
         67:3a:16:e7:8f:9b:cb:d7:8a:45:d7:f4:0f:25:69:0e:04:c8:
         37:60:99:e1:8f:b9:ad:91:fd:cd:96:1d:67:2f:9b:22:7a:ec:
         1c:ac:8a:d6:32:57:47:dd:c6:c1:90:f0:a0:b0:06:7a:1d:8f:
         b5:2a:e9:0e:e4:8f:06:32:f9:30:5b:d6:29:52:2d:63:22:90:
         a7:20:14:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jQQQZW6LCwMGWNCY7lkhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjYwNDE5MDEwMDQwWhcNMjYwNDIwMDEwMDQwWjAzMTEwLwYDVQQD
Eyg0MjQ0MTljNGQ0MzA3ZDgyNDVjMTM1MjEyYjRmOWVmODc3NmQyZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDAFLw3GFlf/wFG5Z72ldjNXY2P+
iI73FHsV2QmSgV62Pl58URR+8jBsLQbbobUsTpXJ72XehjdgH9OMJHs0yM1d06Da
ic/CPEEKg7ESreCmzoUaVrYsZGqGuHLFKfej3v1jttMxvOMhuh7a+ZcXBTXnvzdH
DOMEWlYcsJz6eniWedavYJac9hEoHj0uY3E8uJb7OdSF8CEo5JYbzrMRQQv/pfMx
qq48pOFyMcVxFDPmsAPRuADJv+WwQsRysW8LUbfhgi8GAynqgsGzQ5ugfadF6hZB
uT35Yfj8hsw8wVuU1OUjGuhpgpOcyL1x09EhWg/NoLlmvTc2oIiSy3S0ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJEGcTUMH2CRcE1IStPnvh3bS0HMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfVdFjZK9
KK9uQttVGfC6N8BbKv/FTbj2BnTgHah/rgktS8Mut9PT68x4RGcOs4GUxj+b6Hp6
NE+gi+X5uW2FIdDVfuPhalnq+oYAOG/CT4O3DJCBDGNvzGIzGDUAdP9XDEKtMnEA
/76d4I/qZ1zMTjsEWxwr5rYyKZyJ86RFnsD2xcCW1UvjyFjeemInkBrFXeGPNVRT
UNxTPu5SJBRYuE1LebY4WSuGuvmKh3Vt6kzO79bhZzoW54+by9eKRdf0DyVpDgTI
N2CZ4Y+5rZH9zZYdZy+bInrsHKyK1jJXR93GwZDwoLAGeh2PtSrpDuSPBjL5MFvW
KVItYyKQpyAUcg==
-----END CERTIFICATE-----