Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          GhTSpKXYNJbPJXLzNW0x0VH5cYQmXAM/MDMreoOvsSA=
Subject key identifier:   D6:47:2D:61:E2:96:EF:65:4B:15:FD:63:92:CC:98:43:E4:47:18:36
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019D9B5131BEB52C3C95E762BFD1C926EF68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0B99
Signing time:             Fri 17 Apr 2026 12:01:22 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:22 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:22 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: KCogwub0uzOfDROYpUW0AhF8FBbLFfpaR6J8xipOBSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:31:be:b5:2c:3c:95:e7:62:bf:d1:c9:26:ef:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Apr 17 12:01:22 2026 GMT
            Not After : Apr 18 12:01:22 2026 GMT
        Subject: CN=d6472d61e296ef654b15fd6392cc9843e4471836
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:fc:12:51:43:bc:4f:8b:29:0b:15:0c:25:e9:
                    67:55:37:a8:15:6f:97:81:27:c4:ff:40:48:83:78:
                    50:aa:e6:8c:f2:0c:1a:e4:52:3d:bd:65:60:4f:83:
                    53:f7:ce:9d:6b:ec:b1:48:05:a1:9a:1e:0b:00:ce:
                    94:9f:3c:6b:bc:cc:f7:ed:6d:96:13:72:2b:77:15:
                    cb:1b:71:ed:38:a3:e4:b1:a6:29:83:32:b4:26:80:
                    55:a7:3c:35:a2:1d:aa:fc:07:10:d9:91:5f:0d:6d:
                    9b:28:a8:f5:f3:3c:f6:2d:05:74:6c:46:70:9f:89:
                    59:c0:a8:48:a4:b8:bf:0d:53:20:ed:7b:54:ab:37:
                    77:fd:d6:87:89:dd:96:b2:ff:3c:02:a3:2b:97:df:
                    47:f8:a4:cd:b3:dd:5a:f0:a5:a6:13:4f:46:5a:32:
                    8c:3b:0a:53:b5:54:f2:51:a2:ac:cb:77:fc:9d:53:
                    ca:87:f1:7d:58:59:f6:c6:c9:8d:e6:70:a0:48:5d:
                    9f:e4:5b:da:d6:00:d7:da:ba:ab:bb:6e:e3:98:01:
                    a0:74:fc:92:a4:2c:70:b1:de:d3:9e:3e:d2:3c:22:
                    c6:bb:7c:e8:b3:e6:c2:96:f8:d6:86:e1:6b:a3:b6:
                    dd:fb:93:73:13:98:b8:b5:a4:81:4c:3b:6b:28:8e:
                    ac:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:47:2D:61:E2:96:EF:65:4B:15:FD:63:92:CC:98:43:E4:47:18:36
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:8f:1a:a7:e4:05:a7:44:86:b2:4a:52:fe:29:93:82:0c:95:
         6d:d4:d1:2d:05:f6:b2:69:02:13:d6:03:73:8f:3d:aa:9e:53:
         50:47:cf:d5:7a:42:44:74:98:db:b2:c8:22:29:7c:c5:45:4c:
         9f:f8:13:1f:60:c5:ab:ce:1b:ea:81:9c:4c:8e:05:be:8a:62:
         57:38:fb:11:10:8b:48:17:87:d6:24:66:a1:21:15:6e:25:bc:
         7a:e2:35:96:cc:45:db:ba:b0:b7:11:21:53:cb:e2:17:10:95:
         ba:04:46:f3:0e:6a:40:0b:26:fa:55:71:2a:36:92:b4:15:9a:
         05:c4:5c:af:d1:fb:2b:7b:12:d4:cd:f7:a3:a4:bf:ee:f8:7d:
         b7:34:0a:0e:c3:76:9b:03:15:86:33:a4:a3:8f:03:7d:1f:ac:
         2b:74:78:04:43:53:66:b8:2a:c6:06:82:d7:27:33:f1:84:03:
         ff:ab:63:80:22:a2:97:bb:64:1b:31:c3:4f:dd:7c:59:f0:11:
         4b:a9:cc:47:d8:90:ae:b4:1f:71:6b:f2:6f:aa:89:fc:b7:7b:
         af:fd:4f:a5:75:38:f0:b0:1d:5f:2d:64:e6:c5:40:dc:de:ea:
         e8:8b:4a:00:b1:91:dd:ba:1e:fb:74:80:53:91:71:4f:05:e0:
         63:ad:5f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUTG+tSw8lediv9HJJu9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjYwNDE3MTIwMTIyWhcNMjYwNDE4MTIwMTIyWjAzMTEwLwYDVQQD
EyhkNjQ3MmQ2MWUyOTZlZjY1NGIxNWZkNjM5MmNjOTg0M2U0NDcxODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfwSUUO8T4spCxUMJelnVTeoFW+X
gSfE/0BIg3hQquaM8gwa5FI9vWVgT4NT986da+yxSAWhmh4LAM6UnzxrvMz37W2W
E3IrdxXLG3HtOKPksaYpgzK0JoBVpzw1oh2q/AcQ2ZFfDW2bKKj18zz2LQV0bEZw
n4lZwKhIpLi/DVMg7XtUqzd3/daHid2Wsv88AqMrl99H+KTNs91a8KWmE09GWjKM
OwpTtVTyUaKsy3f8nVPKh/F9WFn2xsmN5nCgSF2f5Fva1gDX2rqru27jmAGgdPyS
pCxwsd7Tnj7SPCLGu3zos+bClvjWhuFro7bd+5NzE5i4taSBTDtrKI6sbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZHLWHilu9lSxX9Y5LMmEPkRxg2MB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOY8ap+QF
p0SGskpS/imTggyVbdTRLQX2smkCE9YDc489qp5TUEfP1XpCRHSY27LIIil8xUVM
n/gTH2DFq84b6oGcTI4FvopiVzj7ERCLSBeH1iRmoSEVbiW8euI1lsxF27qwtxEh
U8viFxCVugRG8w5qQAsm+lVxKjaStBWaBcRcr9H7K3sS1M33o6S/7vh9tzQKDsN2
mwMVhjOko48DfR+sK3R4BENTZrgqxgaC1ycz8YQD/6tjgCKil7tkGzHDT918WfAR
S6nMR9iQrrQfcWvyb6qJ/Ld7r/1PpXU48LAdXy1k5sVA3N7q6ItKALGR3boe+3SA
U5FxTwXgY61fYg==
-----END CERTIFICATE-----