Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          v3aFx+ddAkPpxgyboe0RiCO5+bHKsuSPEEYHr0Byf4s=
Subject key identifier:   6E:8A:DC:B8:A1:A9:C7:A1:7A:8F:B1:1F:F4:B5:D2:C1:59:64:9F:0C
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019E1C468A065FEBB60B656094D35E67125A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          1236
Signing time:             Tue 12 May 2026 13:00:45 +0000
Manifest this update:     Tue 12 May 2026 13:00:45 +0000
Manifest next update:     Wed 13 May 2026 13:00:45 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: 3/5XtyLH8tTIPxQWy6x1I3iDE9flMbsePzV+likFaQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:8a:06:5f:eb:b6:0b:65:60:94:d3:5e:67:12:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: May 12 13:00:45 2026 GMT
            Not After : May 13 13:00:45 2026 GMT
        Subject: CN=6e8adcb8a1a9c7a17a8fb11ff4b5d2c159649f0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:97:ea:46:fe:5c:fd:96:9f:6a:f2:36:f9:65:
                    48:19:b0:7e:da:50:b0:8e:cb:21:96:55:4e:4f:c0:
                    22:ba:98:41:e2:57:3b:73:0c:73:5e:e2:83:eb:35:
                    dc:76:e1:bf:76:9c:fe:c9:4c:15:42:f4:b8:8f:be:
                    e4:d1:e4:b4:12:54:86:5a:5e:5c:ce:bc:37:ee:f5:
                    94:56:61:7a:ae:6f:dd:28:31:d8:41:54:64:86:73:
                    0e:0b:b4:fd:44:c1:28:52:c7:d4:f8:8c:40:17:bb:
                    55:e5:78:86:8a:c2:e5:6a:cf:f8:54:14:ea:2d:90:
                    27:c4:f8:12:e6:83:e0:19:e1:dc:c7:d0:19:e2:64:
                    dd:56:97:58:b6:99:dc:e1:7d:40:10:48:46:75:28:
                    2f:7d:55:be:a9:3c:a0:cc:00:ce:c1:8d:60:ee:e2:
                    fd:c0:58:ed:47:b8:b0:f6:65:42:aa:74:16:38:2d:
                    de:24:4c:66:06:b2:e0:3b:d2:09:fd:d2:67:a8:13:
                    c5:ba:d5:4d:42:2b:6f:e2:23:40:9e:cd:45:e2:37:
                    44:b5:5e:7b:43:97:c9:c9:96:9f:59:5a:ba:cb:5e:
                    36:19:c5:9f:a9:71:7d:5b:5e:66:95:9b:b5:d9:b1:
                    cc:e2:db:d8:6d:5b:16:88:52:83:86:c9:25:1f:23:
                    9d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:8A:DC:B8:A1:A9:C7:A1:7A:8F:B1:1F:F4:B5:D2:C1:59:64:9F:0C
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:df:a4:81:b9:d2:ad:7b:c1:a2:72:60:0d:15:e3:19:05:8d:
         80:c2:f5:cd:49:7a:e9:12:13:5e:f2:20:16:bd:36:05:6a:56:
         2b:2d:2b:97:cf:9e:6a:99:eb:39:b4:a2:5e:66:35:bc:1e:c2:
         3a:cd:10:88:70:01:d1:c0:4d:54:c7:02:3d:62:68:96:d3:8a:
         57:0a:1b:66:97:79:83:8f:60:d2:2f:9d:4b:8b:a6:61:dd:77:
         23:97:64:3f:92:43:d9:5f:d1:4e:41:d1:fe:7b:3c:b9:2b:e4:
         d1:21:11:dc:18:bc:86:3c:40:06:0c:08:05:9f:0b:bb:31:87:
         b7:03:af:79:0d:d1:77:19:80:f2:cd:25:0c:2f:27:29:22:81:
         05:ce:9f:9b:b3:27:32:84:43:4b:96:08:70:55:18:4e:71:61:
         64:04:3b:f3:14:81:d0:c9:d0:ce:c3:3a:c4:a4:07:2d:ae:38:
         61:2a:4f:fb:77:a5:93:8e:43:92:f1:3c:a4:b3:bd:0f:d3:d9:
         2b:c8:18:47:fc:cb:31:ed:37:d6:06:12:cd:42:a5:17:e4:a3:
         77:c8:49:41:52:67:f5:28:56:c9:3d:f6:c7:be:c3:07:4f:85:
         76:ed:0a:cc:5a:8a:b5:98:a4:b2:96:24:81:57:92:24:ec:37:
         54:10:47:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRooGX+u2C2VglNNeZxJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwNTEyMTMwMDQ1WhcNMjYwNTEzMTMwMDQ1WjAzMTEwLwYDVQQD
Eyg2ZThhZGNiOGExYTljN2ExN2E4ZmIxMWZmNGI1ZDJjMTU5NjQ5ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJfqRv5c/ZafavI2+WVIGbB+2lCw
jsshllVOT8AiuphB4lc7cwxzXuKD6zXcduG/dpz+yUwVQvS4j77k0eS0ElSGWl5c
zrw37vWUVmF6rm/dKDHYQVRkhnMOC7T9RMEoUsfU+IxAF7tV5XiGisLlas/4VBTq
LZAnxPgS5oPgGeHcx9AZ4mTdVpdYtpnc4X1AEEhGdSgvfVW+qTygzADOwY1g7uL9
wFjtR7iw9mVCqnQWOC3eJExmBrLgO9IJ/dJnqBPFutVNQitv4iNAns1F4jdEtV57
Q5fJyZafWVq6y142GcWfqXF9W15mlZu12bHM4tvYbVsWiFKDhsklHyOdEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6K3Lihqceheo+xH/S10sFZZJ8MMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALN+kgbnS
rXvBonJgDRXjGQWNgML1zUl66RITXvIgFr02BWpWKy0rl8+eapnrObSiXmY1vB7C
Os0QiHAB0cBNVMcCPWJoltOKVwobZpd5g49g0i+dS4umYd13I5dkP5JD2V/RTkHR
/ns8uSvk0SER3Bi8hjxABgwIBZ8LuzGHtwOveQ3RdxmA8s0lDC8nKSKBBc6fm7Mn
MoRDS5YIcFUYTnFhZAQ78xSB0MnQzsM6xKQHLa44YSpP+3elk45DkvE8pLO9D9PZ
K8gYR/zLMe031gYSzUKlF+Sjd8hJQVJn9ShWyT32x77DB0+Fdu0KzFqKtZikspYk
gVeSJOw3VBBHcQ==
-----END CERTIFICATE-----