Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          tx0O/QwlgxDiap/N+5SHpQtwNK6KxjO47VKD+uWJyXU=
Subject key identifier:   67:0A:69:0D:F3:C7:21:F6:5C:EE:F8:72:DC:D3:39:91:E7:99:A6:2C
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019D284E28C3D887B0C2708DD81482865068
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0C46
Signing time:             Thu 26 Mar 2026 04:01:43 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:43 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:43 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: G4dhVvnTe06orst118H6tVdaf3WCO5kjXj+0MiAHqTs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:28:c3:d8:87:b0:c2:70:8d:d8:14:82:86:50:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Mar 26 04:01:43 2026 GMT
            Not After : Mar 27 04:01:43 2026 GMT
        Subject: CN=670a690df3c721f65ceef872dcd33991e799a62c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f3:b1:7f:f6:e0:9c:23:87:d5:03:c6:d8:03:
                    ed:71:6f:4a:ab:e0:40:04:38:6b:ee:1a:78:e4:67:
                    53:14:53:a8:26:58:65:05:62:55:45:b0:8d:b1:e6:
                    ad:70:aa:78:8d:23:88:b9:26:70:7f:92:8f:a5:16:
                    a1:2f:e3:e8:27:ba:81:e7:d5:70:d1:8f:ec:df:76:
                    81:74:78:27:f7:d8:de:3c:fb:9b:1b:36:be:f7:69:
                    89:c7:3d:03:8b:32:ba:57:50:24:6c:70:a1:0f:fa:
                    db:fd:fc:d0:97:56:d9:0f:b1:36:49:f0:df:a0:df:
                    b5:a9:50:be:ef:7a:ca:4e:70:5a:d8:18:b0:24:7a:
                    c2:bd:e7:ca:e6:05:1d:5e:61:30:48:be:cd:ef:76:
                    52:a3:a0:a8:53:d9:fc:fa:21:61:0b:c8:62:6c:a6:
                    01:4c:4b:64:fc:78:e5:1b:4c:62:72:fa:a2:fe:15:
                    d1:ce:6f:88:7a:07:56:91:ee:f2:8a:2a:af:8c:64:
                    9f:bf:bf:dd:f2:83:50:82:60:2c:ac:ca:3a:70:f8:
                    24:91:19:e1:97:71:36:82:eb:22:14:af:16:24:58:
                    a7:58:ba:f7:fa:ff:55:2f:26:02:4b:48:74:bc:2e:
                    41:fe:ba:45:38:1e:74:12:23:16:0a:a3:6d:7a:f4:
                    48:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:0A:69:0D:F3:C7:21:F6:5C:EE:F8:72:DC:D3:39:91:E7:99:A6:2C
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:1a:1d:e5:96:76:87:68:c9:5e:21:fc:07:a9:a2:35:52:65:
         cf:ef:1a:09:d1:b7:51:02:c3:29:2f:cd:e1:eb:02:92:ed:d9:
         5d:c1:e5:f6:1e:4b:de:ff:a8:9e:ef:a6:15:1b:d9:eb:55:db:
         ec:cc:d1:b6:e9:95:fe:ca:74:6a:f4:2d:1f:48:3f:57:74:0c:
         dc:3f:23:98:40:ff:ea:ff:1f:7d:dd:5d:1b:5e:68:17:04:06:
         50:2a:42:10:76:68:df:4e:d4:8b:80:46:e4:9f:09:9a:32:4e:
         4d:e9:a1:14:dc:1d:eb:ef:cf:09:49:74:2c:7f:04:f6:c2:47:
         43:b9:5a:3f:79:9d:1d:3c:9f:0f:cf:3c:b0:70:d8:e4:70:4f:
         48:a4:e1:c1:18:9c:70:d0:fe:f8:24:eb:f3:01:16:b0:d2:16:
         da:67:af:91:03:25:e3:9d:2b:5b:de:a6:9b:dc:16:c0:bc:22:
         af:17:66:bc:a5:ef:13:12:15:0e:be:14:f0:1d:c4:ea:0c:cc:
         e8:6e:b1:85:67:00:2f:5f:2e:79:b5:46:02:db:ae:cd:cb:5a:
         8a:3c:ee:84:4a:62:da:59:e3:cf:16:44:fe:13:d9:9b:24:da:
         66:a2:cb:3a:44:f1:59:2f:fb:06:c2:16:42:97:b4:0c:b3:75:
         c6:98:73:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTijD2IewwnCN2BSChlBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjYwMzI2MDQwMTQzWhcNMjYwMzI3MDQwMTQzWjAzMTEwLwYDVQQD
Eyg2NzBhNjkwZGYzYzcyMWY2NWNlZWY4NzJkY2QzMzk5MWU3OTlhNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfOxf/bgnCOH1QPG2APtcW9Kq+BA
BDhr7hp45GdTFFOoJlhlBWJVRbCNseatcKp4jSOIuSZwf5KPpRahL+PoJ7qB59Vw
0Y/s33aBdHgn99jePPubGza+92mJxz0DizK6V1AkbHChD/rb/fzQl1bZD7E2SfDf
oN+1qVC+73rKTnBa2BiwJHrCvefK5gUdXmEwSL7N73ZSo6CoU9n8+iFhC8hibKYB
TEtk/HjlG0xicvqi/hXRzm+IegdWke7yiiqvjGSfv7/d8oNQgmAsrMo6cPgkkRnh
l3E2gusiFK8WJFinWLr3+v9VLyYCS0h0vC5B/rpFOB50EiMWCqNtevRI+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcKaQ3zxyH2XO74ctzTOZHnmaYsMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRod5ZZ2
h2jJXiH8B6miNVJlz+8aCdG3UQLDKS/N4esCku3ZXcHl9h5L3v+onu+mFRvZ61Xb
7MzRtumV/sp0avQtH0g/V3QM3D8jmED/6v8ffd1dG15oFwQGUCpCEHZo307Ui4BG
5J8JmjJOTemhFNwd6+/PCUl0LH8E9sJHQ7laP3mdHTyfD888sHDY5HBPSKThwRic
cND++CTr8wEWsNIW2mevkQMl450rW96mm9wWwLwirxdmvKXvExIVDr4U8B3E6gzM
6G6xhWcAL18uebVGAtuuzctaijzuhEpi2lnjzxZE/hPZmyTaZqLLOkTxWS/7BsIW
Qpe0DLN1xphz8A==
-----END CERTIFICATE-----