Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft
File:                     f5kYyrbx817xteWDyyg56bdIsVg.mft (raw, json)
Hash identifier:          /C7zoKZqupPuGGIM7PcZ1W0fSj18NzJPn4vET/2GCbQ=
Subject key identifier:   D3:E5:84:66:CC:CA:00:77:08:7B:4E:D3:D9:9F:18:D3:55:FB:B4:4E
Authority key identifier: 7F:99:18:CA:B6:F1:F3:5E:F1:B5:E5:83:CB:28:39:E9:B7:48:B1:58
Certificate issuer:       /CN=7f9918cab6f1f35ef1b5e583cb2839e9b748b158
Certificate serial:       019D27044980C30C2E46384F9D3A0EBF59F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f5kYyrbx817xteWDyyg56bdIsVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft
Manifest number:          155A
Signing time:             Wed 25 Mar 2026 22:01:25 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:25 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:25 +0000
Files and hashes:         1: f5kYyrbx817xteWDyyg56bdIsVg.crl (hash: RIBAb5EtzrllA5EQ0iipYaPrV7F5cV3F1mp0NJg+/3E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f5kYyrbx817xteWDyyg56bdIsVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:49:80:c3:0c:2e:46:38:4f:9d:3a:0e:bf:59:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f9918cab6f1f35ef1b5e583cb2839e9b748b158
        Validity
            Not Before: Mar 25 22:01:25 2026 GMT
            Not After : Mar 26 22:01:25 2026 GMT
        Subject: CN=d3e58466ccca0077087b4ed3d99f18d355fbb44e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a4:c9:56:05:9b:42:e0:53:75:76:91:d2:7e:
                    5e:d4:a3:51:ca:f5:ce:9f:a8:8a:88:6c:ed:28:d9:
                    3b:d2:c5:6a:b9:ef:4e:d7:4c:13:30:ac:11:68:98:
                    d1:c2:f4:df:7f:da:3c:55:e2:35:7e:59:71:38:51:
                    16:70:fc:d6:0a:f4:fa:9a:b8:7e:43:cb:a7:34:f4:
                    aa:f1:1e:49:10:a3:28:90:19:36:c8:a6:7f:a5:0a:
                    eb:2a:96:68:c0:13:5d:b9:8b:23:f4:ad:6b:6c:30:
                    4b:fe:2a:36:60:15:ad:9e:96:20:1e:5b:af:de:c2:
                    7b:0a:ab:c0:7f:d5:cb:95:0f:b9:a6:94:37:51:20:
                    91:ed:1a:22:05:64:05:da:34:01:d2:4f:01:50:cd:
                    da:3b:cd:1a:06:6f:01:4a:1c:1b:36:06:86:8d:c5:
                    3c:0c:ee:27:0a:c1:7b:83:52:6e:cf:32:87:15:c7:
                    80:33:c0:61:75:8d:72:36:aa:01:09:52:8e:bf:98:
                    3e:ea:86:ae:c7:f6:7a:0e:bf:fd:4c:4d:40:0f:79:
                    08:c6:43:a9:ce:25:a4:73:bf:87:aa:07:d0:2a:66:
                    6a:61:47:70:40:3d:0e:0f:67:3f:5b:e7:c1:6c:bb:
                    5a:df:dd:db:50:fc:48:46:8c:1e:a5:03:ba:ea:8c:
                    d3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:E5:84:66:CC:CA:00:77:08:7B:4E:D3:D9:9F:18:D3:55:FB:B4:4E
            X509v3 Authority Key Identifier:
                keyid:7F:99:18:CA:B6:F1:F3:5E:F1:B5:E5:83:CB:28:39:E9:B7:48:B1:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5kYyrbx817xteWDyyg56bdIsVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/df82fa-118d-4219-ba16-1a9683c9d6cb/1/f5kYyrbx817xteWDyyg56bdIsVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:b5:3e:f9:cb:72:63:e5:bf:ec:60:c6:87:3d:e0:82:c2:00:
         c9:9d:f9:29:71:4b:93:21:b2:71:3b:2f:56:50:92:d3:52:e6:
         39:4e:ba:8b:45:90:f8:ee:ca:54:27:8d:e9:d7:ff:a0:99:43:
         db:20:71:e8:94:22:54:f9:98:90:77:30:b3:5f:c3:81:76:d1:
         3c:25:cf:25:4e:f5:67:64:7d:34:ca:73:62:cb:76:ac:01:96:
         0d:b8:30:7f:8c:08:f1:00:bf:55:96:a1:91:2b:97:db:ad:a1:
         5f:8d:81:d0:91:50:3b:02:71:42:99:a6:92:21:ce:26:9c:01:
         a3:b8:22:97:9d:e7:24:56:6a:97:dc:1e:b9:59:08:7d:c6:fd:
         b8:10:d3:6b:ba:36:f4:ab:67:76:db:ef:9a:6f:ab:43:5d:13:
         f6:96:f3:90:48:92:a4:e3:aa:d8:84:73:02:99:1f:7a:de:c5:
         63:80:39:01:3f:b6:4b:52:be:26:ee:f6:9c:f4:fd:ae:f9:14:
         f2:c8:01:74:2f:09:24:50:f9:17:53:1f:b7:9a:fe:65:30:1b:
         cb:e1:e8:e1:5a:cc:52:9c:91:92:4d:e5:85:0d:a8:89:99:6f:
         57:16:ab:fc:80:d6:34:14:59:bd:09:f1:e4:e1:dc:95:54:7a:
         5b:e6:23:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBEmAwwwuRjhPnToOv1nyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmOTkxOGNhYjZmMWYzNWVmMWI1ZTU4M2NiMjgzOWU5Yjc0
OGIxNTgwHhcNMjYwMzI1MjIwMTI1WhcNMjYwMzI2MjIwMTI1WjAzMTEwLwYDVQQD
EyhkM2U1ODQ2NmNjY2EwMDc3MDg3YjRlZDNkOTlmMThkMzU1ZmJiNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKTJVgWbQuBTdXaR0n5e1KNRyvXO
n6iKiGztKNk70sVque9O10wTMKwRaJjRwvTff9o8VeI1fllxOFEWcPzWCvT6mrh+
Q8unNPSq8R5JEKMokBk2yKZ/pQrrKpZowBNduYsj9K1rbDBL/io2YBWtnpYgHluv
3sJ7CqvAf9XLlQ+5ppQ3USCR7RoiBWQF2jQB0k8BUM3aO80aBm8BShwbNgaGjcU8
DO4nCsF7g1JuzzKHFceAM8BhdY1yNqoBCVKOv5g+6oaux/Z6Dr/9TE1AD3kIxkOp
ziWkc7+HqgfQKmZqYUdwQD0OD2c/W+fBbLta393bUPxIRowepQO66ozTBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPlhGbMygB3CHtO09mfGNNV+7ROMB8GA1UdIwQY
MBaAFH+ZGMq28fNe8bXlg8soOem3SLFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjVrWXlyYng4MTd4dGVXRHl5ZzU2YmRJc1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kZjgyZmEtMTE4ZC00MjE5LWJhMTYt
MWE5NjgzYzlkNmNiLzEvZjVrWXlyYng4MTd4dGVXRHl5ZzU2YmRJc1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kZjgyZmEtMTE4ZC00MjE5LWJhMTYtMWE5NjgzYzlkNmNi
LzEvZjVrWXlyYng4MTd4dGVXRHl5ZzU2YmRJc1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAArU++cty
Y+W/7GDGhz3ggsIAyZ35KXFLkyGycTsvVlCS01LmOU66i0WQ+O7KVCeN6df/oJlD
2yBx6JQiVPmYkHcws1/DgXbRPCXPJU71Z2R9NMpzYst2rAGWDbgwf4wI8QC/VZah
kSuX262hX42B0JFQOwJxQpmmkiHOJpwBo7gil53nJFZql9weuVkIfcb9uBDTa7o2
9Ktndtvvmm+rQ10T9pbzkEiSpOOq2IRzApkfet7FY4A5AT+2S1K+Ju72nPT9rvkU
8sgBdC8JJFD5F1Mft5r+ZTAby+Ho4VrMUpyRkk3lhQ2oiZlvVxar/IDWNBRZvQnx
5OHclVR6W+YjoQ==
-----END CERTIFICATE-----