Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          90AN2ARR4bQSSMrxmzQKFZ9JjWyaLqBZxz15693RpG0=
Subject key identifier:   5A:F8:AD:CF:F7:04:7C:10:EE:4D:70:14:22:01:D3:A5:96:75:7C:30
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019E1C7E12EB9649CC0AF846B607F8D557CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0F8A
Signing time:             Tue 12 May 2026 14:01:24 +0000
Manifest this update:     Tue 12 May 2026 14:01:24 +0000
Manifest next update:     Wed 13 May 2026 14:01:24 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: qFscZQ8gdi4pjuI1YAl4x4Ll/j50ruSJCCKE4vTtU5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:7e:12:eb:96:49:cc:0a:f8:46:b6:07:f8:d5:57:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: May 12 14:01:24 2026 GMT
            Not After : May 13 14:01:24 2026 GMT
        Subject: CN=5af8adcff7047c10ee4d70142201d3a596757c30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8c:0e:b6:6e:9a:be:34:35:51:7b:ec:bd:67:
                    a9:ea:5e:e8:e4:51:53:74:ef:96:59:15:ff:e1:9e:
                    bb:cf:47:64:36:9f:cb:b9:ee:4e:a2:54:d5:12:db:
                    e4:a6:e4:bd:e3:4e:4b:f2:7a:9c:6c:10:3a:78:82:
                    27:10:12:97:29:ec:90:95:85:38:b4:ef:bd:33:e8:
                    3a:27:f7:60:d0:1b:3c:f2:af:c1:9e:f3:83:a5:bb:
                    2c:14:6d:a0:81:7d:8c:4a:9d:4a:12:af:80:c4:2d:
                    f3:6f:a0:d7:fd:0f:f5:cd:27:2e:f1:ef:82:8e:01:
                    d2:48:df:04:49:2e:87:42:6e:60:88:5c:34:0e:ec:
                    de:6f:04:31:bd:26:c1:e1:d3:a2:7b:2e:b0:56:9b:
                    22:f3:65:0d:62:7b:ca:d8:20:0e:88:ca:6c:f5:bf:
                    56:b5:84:8a:83:0a:96:28:8e:ad:43:4f:82:09:95:
                    84:44:3f:6c:69:5e:02:15:c3:a8:a2:dc:0d:ad:95:
                    d8:60:05:a7:a8:10:a5:b5:fb:6c:49:c2:0e:6a:1d:
                    df:c0:8e:82:a2:a3:1b:ed:9f:f2:b0:d6:9d:c8:e3:
                    b2:c6:57:43:d5:30:8b:ae:fb:31:b4:2e:f5:41:ed:
                    b6:58:a2:8f:02:56:bb:07:af:7e:a5:47:92:ed:45:
                    ec:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F8:AD:CF:F7:04:7C:10:EE:4D:70:14:22:01:D3:A5:96:75:7C:30
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:57:d3:b4:5c:52:3f:d8:cd:01:56:4d:36:17:60:6d:8f:78:
         5e:92:9a:e1:f8:32:ef:4e:79:55:16:bc:20:db:47:4c:28:39:
         c0:33:30:c7:cb:0e:fd:f5:73:4a:11:35:f4:57:10:2d:db:d0:
         5c:e2:e0:3d:6a:32:ea:63:ef:6e:94:a6:85:2f:8e:ed:59:4a:
         3c:f2:38:81:64:23:3d:05:f4:1b:76:97:a4:64:3b:c6:80:b0:
         c9:03:9e:3c:4f:be:b8:e5:9a:41:67:b8:ef:21:5b:5d:fb:c8:
         2a:34:41:aa:da:85:d4:00:ab:5d:a2:62:00:3a:b2:51:e4:63:
         c8:15:31:eb:45:19:a8:3d:db:7e:25:60:45:85:d1:f1:e2:5e:
         37:c9:f3:c2:3d:a9:92:20:b2:3d:9c:98:22:b7:6f:2a:f2:da:
         62:56:cd:6a:ea:e1:ee:c0:e8:4d:08:94:74:f3:f6:6c:f1:29:
         19:ba:3e:60:51:31:f8:ed:d3:af:fd:cc:d1:94:d1:1b:d9:93:
         f0:57:38:07:37:1e:65:c9:2e:86:0c:4b:44:ee:22:74:aa:f0:
         29:b4:e8:eb:fb:3e:3d:79:7f:07:b4:d4:61:c4:55:59:5e:c1:
         2f:d8:b6:e7:83:c6:9f:bc:00:7c:f9:c5:5f:c8:8a:e2:e4:e0:
         50:37:28:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfhLrlknMCvhGtgf41VfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjYwNTEyMTQwMTI0WhcNMjYwNTEzMTQwMTI0WjAzMTEwLwYDVQQD
Eyg1YWY4YWRjZmY3MDQ3YzEwZWU0ZDcwMTQyMjAxZDNhNTk2NzU3YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIwOtm6avjQ1UXvsvWep6l7o5FFT
dO+WWRX/4Z67z0dkNp/Lue5OolTVEtvkpuS9405L8nqcbBA6eIInEBKXKeyQlYU4
tO+9M+g6J/dg0Bs88q/BnvODpbssFG2ggX2MSp1KEq+AxC3zb6DX/Q/1zScu8e+C
jgHSSN8ESS6HQm5giFw0DuzebwQxvSbB4dOiey6wVpsi82UNYnvK2CAOiMps9b9W
tYSKgwqWKI6tQ0+CCZWERD9saV4CFcOootwNrZXYYAWnqBCltftsScIOah3fwI6C
oqMb7Z/ysNadyOOyxldD1TCLrvsxtC71Qe22WKKPAla7B69+pUeS7UXsywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFr4rc/3BHwQ7k1wFCIB06WWdXwwMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPVfTtFxS
P9jNAVZNNhdgbY94XpKa4fgy7055VRa8INtHTCg5wDMwx8sO/fVzShE19FcQLdvQ
XOLgPWoy6mPvbpSmhS+O7VlKPPI4gWQjPQX0G3aXpGQ7xoCwyQOePE++uOWaQWe4
7yFbXfvIKjRBqtqF1ACrXaJiADqyUeRjyBUx60UZqD3bfiVgRYXR8eJeN8nzwj2p
kiCyPZyYIrdvKvLaYlbNaurh7sDoTQiUdPP2bPEpGbo+YFEx+O3Tr/3M0ZTRG9mT
8Fc4BzceZckuhgxLRO4idKrwKbTo6/s+PXl/B7TUYcRVWV7BL9i254PGn7wAfPnF
X8iK4uTgUDcoBg==
-----END CERTIFICATE-----