Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          UPXMMtNz+KQJiRNhcosQhVtmzP4TYg+IN/AOM851lDk=
Subject key identifier:   32:CD:B5:41:58:DE:D8:1B:76:E6:24:71:30:81:2B:8F:AB:19:F8:AD
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019D97E1C441239F5BF7AB6C12D421D83398
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0E5C
Signing time:             Thu 16 Apr 2026 20:00:48 +0000
Manifest this update:     Thu 16 Apr 2026 20:00:48 +0000
Manifest next update:     Fri 17 Apr 2026 20:00:48 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: BcYjDixaz9Xf05LBHjZyr944ueuUXRLdE9P+eWRVWwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e1:c4:41:23:9f:5b:f7:ab:6c:12:d4:21:d8:33:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Apr 16 20:00:48 2026 GMT
            Not After : Apr 17 20:00:48 2026 GMT
        Subject: CN=32cdb54158ded81b76e6247130812b8fab19f8ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4e:0e:ac:d2:3b:8a:8c:80:b5:1c:8b:97:9b:
                    05:4f:db:99:92:cc:73:01:36:51:29:85:08:f6:8c:
                    33:c5:48:6e:d7:81:90:cf:9f:08:f3:44:77:03:6a:
                    cf:c7:91:ef:d1:43:32:d6:b0:fa:ca:68:24:67:80:
                    14:9d:53:02:2d:32:35:0f:f5:d9:fa:ce:40:da:81:
                    62:4c:3d:86:41:36:b6:69:59:df:ca:4c:34:e5:b5:
                    59:0e:0a:f8:61:50:de:4a:bc:32:ea:6e:e4:9c:e8:
                    b8:81:81:e9:2e:09:56:a7:07:61:76:8a:11:ab:57:
                    10:62:b3:51:ed:7f:80:40:5c:6b:33:1d:4e:ae:6d:
                    96:9e:0d:f3:11:f1:8e:26:eb:09:eb:6d:d0:f6:a1:
                    81:90:19:6d:f0:6d:8e:b9:4c:89:7d:38:cb:d3:62:
                    bd:3c:df:a6:5e:09:04:0a:d1:c2:23:61:03:8e:37:
                    34:6f:46:72:00:0e:31:a5:5a:23:78:da:ac:77:e8:
                    95:5e:0b:8c:62:0d:55:4c:8a:02:05:72:e3:bc:5a:
                    c3:47:21:44:72:9d:bb:3b:54:fe:14:24:28:59:67:
                    3b:68:ee:2e:f3:81:2b:ce:3e:46:63:63:9b:14:22:
                    f0:fb:52:62:e3:cd:57:ed:62:18:86:aa:e6:24:7d:
                    fe:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CD:B5:41:58:DE:D8:1B:76:E6:24:71:30:81:2B:8F:AB:19:F8:AD
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:52:35:fd:62:38:5d:c3:4a:ff:de:ce:01:38:a9:30:1a:1f:
         71:e7:6c:af:79:a9:09:b8:8d:0d:63:dc:51:20:f1:3a:6d:2d:
         cf:4e:a8:52:9b:f0:89:b1:57:42:11:c8:66:91:d2:fc:34:86:
         c1:6d:49:e4:90:c0:89:0b:c6:65:43:dd:3a:21:b4:ce:54:4d:
         4d:94:38:d1:ac:94:8e:32:05:3f:38:b2:25:33:72:1c:43:88:
         12:6c:68:d3:33:b1:c1:17:5d:4a:30:fc:e3:a1:5e:38:bc:ad:
         09:90:87:f2:d1:fa:fe:e0:84:06:4e:6f:16:96:2c:c8:25:65:
         e9:dd:99:6e:b8:19:5c:06:27:5d:1a:41:27:c6:bc:91:68:f1:
         e2:4b:3a:cf:e0:3f:e1:8e:d3:fa:1a:0b:d3:75:78:c6:33:10:
         30:e5:a7:03:1e:79:fb:42:ba:1c:bd:8d:d7:71:23:ab:b5:06:
         40:b3:4a:b0:b3:c4:0a:19:b1:a8:28:17:df:35:d3:03:74:bc:
         67:e6:a1:0a:60:e9:c7:2d:10:90:30:07:77:86:2b:34:8f:7f:
         d4:56:f9:00:ab:f4:d2:34:98:f6:82:5e:25:56:9e:81:66:92:
         f5:59:26:f7:e8:58:40:11:2b:54:93:63:9d:bc:98:cd:67:37:
         be:d6:85:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4cRBI59b96tsEtQh2DOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjYwNDE2MjAwMDQ4WhcNMjYwNDE3MjAwMDQ4WjAzMTEwLwYDVQQD
EygzMmNkYjU0MTU4ZGVkODFiNzZlNjI0NzEzMDgxMmI4ZmFiMTlmOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU4OrNI7ioyAtRyLl5sFT9uZksxz
ATZRKYUI9owzxUhu14GQz58I80R3A2rPx5Hv0UMy1rD6ymgkZ4AUnVMCLTI1D/XZ
+s5A2oFiTD2GQTa2aVnfykw05bVZDgr4YVDeSrwy6m7knOi4gYHpLglWpwdhdooR
q1cQYrNR7X+AQFxrMx1Orm2Wng3zEfGOJusJ623Q9qGBkBlt8G2OuUyJfTjL02K9
PN+mXgkECtHCI2EDjjc0b0ZyAA4xpVojeNqsd+iVXguMYg1VTIoCBXLjvFrDRyFE
cp27O1T+FCQoWWc7aO4u84Erzj5GY2ObFCLw+1Ji481X7WIYhqrmJH3+ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLNtUFY3tgbduYkcTCBK4+rGfitMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANFI1/WI4
XcNK/97OATipMBofcedsr3mpCbiNDWPcUSDxOm0tz06oUpvwibFXQhHIZpHS/DSG
wW1J5JDAiQvGZUPdOiG0zlRNTZQ40ayUjjIFPziyJTNyHEOIEmxo0zOxwRddSjD8
46FeOLytCZCH8tH6/uCEBk5vFpYsyCVl6d2ZbrgZXAYnXRpBJ8a8kWjx4ks6z+A/
4Y7T+hoL03V4xjMQMOWnAx55+0K6HL2N13Ejq7UGQLNKsLPEChmxqCgX3zXTA3S8
Z+ahCmDpxy0QkDAHd4YrNI9/1Fb5AKv00jSY9oJeJVaegWaS9Vkm9+hYQBErVJNj
nbyYzWc3vtaFnQ==
-----END CERTIFICATE-----