Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          iAxkVvaMLUEJV5Oa/JACf7TikF7MUX1851RbC0cGqhA=
Subject key identifier:   F4:13:F3:0E:F3:40:32:27:FD:B6:49:1C:BC:97:C1:31:97:94:51:8D
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019D2703A82CE7042AF16AC89A7E97AF3DBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          11B7
Signing time:             Wed 25 Mar 2026 22:00:44 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:44 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:44 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: /fE016hzWIQMcXiiMoxlQD+IJN0JIFpIxZ9eW2oEGBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:a8:2c:e7:04:2a:f1:6a:c8:9a:7e:97:af:3d:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Mar 25 22:00:44 2026 GMT
            Not After : Mar 26 22:00:44 2026 GMT
        Subject: CN=f413f30ef3403227fdb6491cbc97c1319794518d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e4:11:45:3e:e3:10:48:fe:df:29:6e:6c:28:
                    3e:11:29:ce:15:0a:79:2d:e9:9a:70:cf:14:8d:b9:
                    54:fe:f9:52:98:4d:c3:20:f4:65:a9:7a:08:95:39:
                    21:e3:23:5a:03:2e:e4:c1:47:5b:d9:6a:d3:a9:0a:
                    8e:c5:a3:ee:29:14:56:ad:8f:6e:d4:e4:22:ae:f1:
                    55:ed:00:55:e3:92:01:12:e3:43:12:8a:e2:d2:e1:
                    b5:6a:fa:3a:66:09:a2:47:68:39:55:f8:9b:7d:e1:
                    09:45:bb:54:22:ce:f8:ad:4c:95:91:5d:0c:6d:1f:
                    74:18:41:be:b3:2d:4c:cf:ea:fb:4f:06:02:49:38:
                    ff:c7:f3:a3:76:61:b4:82:85:57:62:fb:87:5c:d1:
                    a5:0c:1b:1e:b6:53:87:c2:16:a3:31:29:07:ee:fd:
                    c5:bc:cc:96:c6:7d:30:17:e9:df:ab:02:76:67:bb:
                    48:16:81:e7:5d:ac:7c:92:b6:fe:a4:32:b8:f7:d4:
                    bd:ff:f9:a8:20:8d:17:7a:ed:43:be:e2:f3:1e:32:
                    c6:df:1f:34:86:cc:22:bd:e5:28:a4:a3:71:d6:00:
                    0c:eb:97:5a:e3:e9:1d:7a:0a:0b:1c:a4:63:ae:ca:
                    7a:39:6c:8f:d8:ba:f1:62:d0:68:9d:90:6f:3c:e2:
                    b0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:13:F3:0E:F3:40:32:27:FD:B6:49:1C:BC:97:C1:31:97:94:51:8D
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:df:72:12:70:a5:f9:78:ca:d2:39:28:98:65:97:14:05:96:
         3c:d8:b6:d1:f3:3d:69:3c:63:b7:a7:25:04:58:b4:a0:f0:c0:
         9d:81:f4:20:e6:88:85:0b:e9:3b:71:4c:a9:50:39:4f:04:ec:
         1f:8a:a5:46:3a:e1:c5:03:b4:5a:1e:81:ec:0d:7a:b1:49:84:
         d7:27:4d:5f:59:f2:48:da:5a:04:a8:32:74:09:c2:34:18:7f:
         57:05:18:ff:e9:15:5a:b9:19:6a:08:8a:56:79:3d:e9:02:e8:
         46:bc:53:d1:c5:53:9b:29:03:ac:37:5a:de:e6:c2:83:9e:a4:
         bd:f3:b4:d2:51:d5:a9:66:cf:e2:9b:8f:53:9a:cc:79:26:4d:
         bb:64:30:c9:0b:55:68:4b:84:91:32:3f:1a:04:26:52:95:63:
         b9:ac:d8:18:49:e5:51:d9:d5:b4:bf:5e:e9:72:3d:46:c1:c5:
         54:11:e1:55:72:be:44:9b:97:7a:ec:b8:ff:c4:e5:f7:0d:51:
         7e:09:6b:90:5a:9d:92:e8:17:c9:2b:e6:a5:ff:81:00:80:a7:
         38:01:e4:39:f4:b7:d6:36:69:da:1a:ed:c6:19:c2:0b:65:6c:
         bd:3f:7a:46:27:4e:a4:79:d2:ec:a3:9d:d2:e2:d7:ca:5c:e5:
         ac:37:c9:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6gs5wQq8WrImn6Xrz29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwMzI1MjIwMDQ0WhcNMjYwMzI2MjIwMDQ0WjAzMTEwLwYDVQQD
EyhmNDEzZjMwZWYzNDAzMjI3ZmRiNjQ5MWNiYzk3YzEzMTk3OTQ1MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouQRRT7jEEj+3ylubCg+ESnOFQp5
LemacM8UjblU/vlSmE3DIPRlqXoIlTkh4yNaAy7kwUdb2WrTqQqOxaPuKRRWrY9u
1OQirvFV7QBV45IBEuNDEori0uG1avo6ZgmiR2g5VfibfeEJRbtUIs74rUyVkV0M
bR90GEG+sy1Mz+r7TwYCSTj/x/OjdmG0goVXYvuHXNGlDBsetlOHwhajMSkH7v3F
vMyWxn0wF+nfqwJ2Z7tIFoHnXax8krb+pDK499S9//moII0Xeu1DvuLzHjLG3x80
hswiveUopKNx1gAM65da4+kdegoLHKRjrsp6OWyP2LrxYtBonZBvPOKwYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQT8w7zQDIn/bZJHLyXwTGXlFGNMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZN9yEnCl
+XjK0jkomGWXFAWWPNi20fM9aTxjt6clBFi0oPDAnYH0IOaIhQvpO3FMqVA5TwTs
H4qlRjrhxQO0Wh6B7A16sUmE1ydNX1nySNpaBKgydAnCNBh/VwUY/+kVWrkZagiK
Vnk96QLoRrxT0cVTmykDrDda3ubCg56kvfO00lHVqWbP4puPU5rMeSZNu2QwyQtV
aEuEkTI/GgQmUpVjuazYGEnlUdnVtL9e6XI9RsHFVBHhVXK+RJuXeuy4/8Tl9w1R
fglrkFqdkugXySvmpf+BAICnOAHkOfS31jZp2hrtxhnCC2VsvT96RidOpHnS7KOd
0uLXylzlrDfJVA==
-----END CERTIFICATE-----