Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          2PTMGq8wn41YIb3bj8DsyYyjYl1jYJIOG8KI2GEdFIE=
Subject key identifier:   96:70:18:B3:84:C5:A7:03:33:D8:A4:EC:6E:58:FD:6C:34:F8:75:F7
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019E1EA36056E771807A46EC58273CAA0C92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0F6D
Signing time:             Wed 13 May 2026 00:01:23 +0000
Manifest this update:     Wed 13 May 2026 00:01:23 +0000
Manifest next update:     Thu 14 May 2026 00:01:23 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: 6x6A0QdKwy+Jr/tziC2LVVietuZwo+WPegQRpXQhB8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a3:60:56:e7:71:80:7a:46:ec:58:27:3c:aa:0c:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: May 13 00:01:23 2026 GMT
            Not After : May 14 00:01:23 2026 GMT
        Subject: CN=967018b384c5a70333d8a4ec6e58fd6c34f875f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:35:b8:2e:ef:22:27:f0:01:d6:3d:73:1f:b9:
                    cb:ea:33:4e:17:f8:8b:23:5b:1c:24:93:df:a2:26:
                    24:d9:36:37:26:13:5b:50:43:59:7f:11:64:7e:eb:
                    dc:3f:c5:00:db:b8:a1:92:2d:63:45:62:e7:66:f6:
                    6d:51:eb:ca:51:32:fd:05:83:ac:fc:ff:22:67:78:
                    d1:ac:6a:06:88:38:06:3b:e7:1f:64:31:21:68:08:
                    42:cf:18:c5:f0:37:1e:22:e1:33:c4:36:a9:96:e2:
                    3e:15:41:cc:58:6e:5a:1b:11:95:8a:e7:d5:7f:44:
                    5b:fb:47:e7:15:22:2c:25:6a:26:38:74:0f:8e:17:
                    6a:d7:ad:5e:e1:29:60:f3:f1:9e:e4:f2:c7:b9:d7:
                    6e:0d:8f:6c:ff:b3:7e:38:e1:93:04:fd:e2:10:15:
                    df:fd:75:e7:f7:8d:84:29:6f:27:c7:60:2c:8f:8c:
                    f5:57:01:a5:aa:3d:0e:b5:c8:f1:0d:b2:da:aa:a0:
                    14:81:4b:af:22:07:b5:45:72:af:a7:61:2d:bc:ec:
                    55:44:46:fd:ac:35:18:f3:f8:c2:86:42:74:13:6b:
                    d8:d2:85:8a:28:2b:a3:bd:37:7b:cb:e5:76:42:e6:
                    d9:86:62:fc:fb:fa:a6:06:eb:61:be:3c:22:b8:5d:
                    29:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:70:18:B3:84:C5:A7:03:33:D8:A4:EC:6E:58:FD:6C:34:F8:75:F7
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:a1:9c:9a:dd:50:4a:21:1d:4d:f8:f6:8c:34:ce:45:fe:a7:
         86:ff:bc:b2:39:ee:ff:2a:bf:99:67:0d:f1:50:2f:1b:99:04:
         f2:45:1f:9f:a5:b8:76:1c:20:ac:61:7a:19:b2:76:11:40:8e:
         10:3d:29:44:73:6e:f7:71:7f:4f:28:33:ef:1f:1f:bc:cb:c7:
         dd:3f:d1:41:57:61:28:96:d0:5a:c4:d5:8c:36:ee:b8:21:75:
         d9:ac:4f:a8:aa:c9:9a:08:a7:c0:3a:0b:ed:09:3a:1a:32:12:
         88:bd:ba:68:3e:62:cf:ba:35:eb:5b:c4:38:dd:b2:18:f2:0c:
         3d:6b:ab:d9:3d:59:ff:a4:3d:b4:7b:61:7c:cf:36:27:3a:7a:
         09:7e:ae:4d:08:08:77:aa:fe:20:9c:d8:2a:eb:0e:5d:c5:a6:
         02:09:1e:19:96:76:43:10:79:de:ac:65:36:ba:62:d7:ce:c9:
         4e:f4:3b:fa:11:22:ce:c1:86:29:32:e8:2d:03:0b:b2:c4:1f:
         9d:71:a2:f7:e7:be:d2:01:af:de:ed:2c:37:e6:6a:57:65:d3:
         4c:70:2c:da:b7:b7:fc:49:63:5b:e4:88:da:88:de:d2:2f:00:
         33:dc:35:2f:2f:d3:6f:1e:f9:a3:a7:26:54:32:04:d5:4c:92:
         f8:f2:48:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eo2BW53GAekbsWCc8qgySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjYwNTEzMDAwMTIzWhcNMjYwNTE0MDAwMTIzWjAzMTEwLwYDVQQD
Eyg5NjcwMThiMzg0YzVhNzAzMzNkOGE0ZWM2ZTU4ZmQ2YzM0Zjg3NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDW4Lu8iJ/AB1j1zH7nL6jNOF/iL
I1scJJPfoiYk2TY3JhNbUENZfxFkfuvcP8UA27ihki1jRWLnZvZtUevKUTL9BYOs
/P8iZ3jRrGoGiDgGO+cfZDEhaAhCzxjF8DceIuEzxDapluI+FUHMWG5aGxGViufV
f0Rb+0fnFSIsJWomOHQPjhdq161e4Slg8/Ge5PLHudduDY9s/7N+OOGTBP3iEBXf
/XXn942EKW8nx2Asj4z1VwGlqj0OtcjxDbLaqqAUgUuvIge1RXKvp2EtvOxVREb9
rDUY8/jChkJ0E2vY0oWKKCujvTd7y+V2QubZhmL8+/qmButhvjwiuF0pJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZwGLOExacDM9ik7G5Y/Ww0+HX3MB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKGcmt1Q
SiEdTfj2jDTORf6nhv+8sjnu/yq/mWcN8VAvG5kE8kUfn6W4dhwgrGF6GbJ2EUCO
ED0pRHNu93F/Tygz7x8fvMvH3T/RQVdhKJbQWsTVjDbuuCF12axPqKrJmginwDoL
7Qk6GjISiL26aD5iz7o161vEON2yGPIMPWur2T1Z/6Q9tHthfM82Jzp6CX6uTQgI
d6r+IJzYKusOXcWmAgkeGZZ2QxB53qxlNrpi187JTvQ7+hEizsGGKTLoLQMLssQf
nXGi9+e+0gGv3u0sN+ZqV2XTTHAs2re3/EljW+SI2oje0i8AM9w1Ly/Tbx75o6cm
VDIE1UyS+PJIGg==
-----END CERTIFICATE-----