Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
File:                     ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json)
Hash identifier:          qx6Il9zzf/wEUW2Ki+RlMXB6ZNZPess7Bl6e9f6EE6Q=
Subject key identifier:   67:45:C4:20:06:48:BB:26:B2:EE:B5:78:7A:D7:88:B8:4B:F8:EA:4C
Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A
Certificate issuer:       /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
Certificate serial:       019D270418EF50C73956E0CEE30562B2D277
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
Manifest number:          05D5
Signing time:             Wed 25 Mar 2026 22:01:13 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:13 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:13 +0000
Files and hashes:         1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: D+tIu56ujIgeRYEFOMYV0cCk+M95jQ1+J1BwfF7gbp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:18:ef:50:c7:39:56:e0:ce:e3:05:62:b2:d2:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
        Validity
            Not Before: Mar 25 22:01:13 2026 GMT
            Not After : Mar 26 22:01:13 2026 GMT
        Subject: CN=6745c4200648bb26b2eeb5787ad788b84bf8ea4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5a:82:e6:71:98:2d:6f:8d:81:a3:d1:68:bb:
                    ea:ba:05:4f:e6:e7:4e:b3:f7:69:f3:55:93:7a:05:
                    63:3e:03:ea:0f:da:73:aa:fe:04:7e:b6:7f:b1:1a:
                    51:f9:ab:6e:79:d9:8b:8d:d9:d9:4e:60:55:07:87:
                    38:8b:3f:f7:ea:22:2a:a1:1d:2c:44:10:b0:84:2e:
                    ba:c5:df:dd:77:52:11:6b:55:e5:41:38:55:18:91:
                    a2:a9:ae:4a:8c:3a:72:76:8b:c2:f9:90:08:3e:d4:
                    5f:96:06:55:ad:a4:ec:b4:50:65:0e:57:b6:30:73:
                    a7:fa:83:67:d3:86:89:c7:7c:65:34:39:3a:d9:c1:
                    da:03:af:16:96:c9:88:53:fa:70:61:04:16:9a:4a:
                    5b:cc:de:cd:33:58:7c:8a:0b:10:43:5d:86:80:4a:
                    ad:51:2b:95:dd:0e:c8:47:f0:8f:90:03:c3:8b:bc:
                    6e:af:15:09:25:61:e3:63:85:f8:9c:db:13:61:f3:
                    46:9f:85:27:e0:f6:6f:1a:d6:cd:26:0c:68:ed:8a:
                    11:b3:26:09:cf:31:cb:f0:6b:7d:0c:0f:2b:45:15:
                    da:aa:d3:e8:8a:09:d3:8e:8d:f3:d7:fe:28:c7:03:
                    51:3c:cf:14:14:6d:17:ea:9f:4f:45:96:2d:f8:71:
                    14:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:45:C4:20:06:48:BB:26:B2:EE:B5:78:7A:D7:88:B8:4B:F8:EA:4C
            X509v3 Authority Key Identifier:
                keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:7d:7a:a1:a4:9b:85:61:18:dd:c9:2d:de:48:58:ee:eb:2f:
         d2:36:0b:43:22:1e:2e:2b:fb:5c:3c:d2:9a:84:f7:98:3b:8e:
         eb:be:f9:0d:83:62:a3:3e:47:71:e1:c2:54:fd:0d:87:7c:ad:
         74:5f:05:fc:5c:78:5f:5d:62:52:a9:f1:2f:25:1b:c9:49:98:
         48:85:4c:d7:e6:52:e6:17:15:e2:0f:58:21:95:db:61:a1:f0:
         c8:18:1a:88:f9:3c:84:e8:4a:72:79:50:7f:1a:4e:44:1c:82:
         be:a2:c8:1a:3a:2d:74:64:94:f3:4e:5f:f1:c4:03:c0:e4:ed:
         29:bc:49:d8:b5:b6:09:83:75:7e:c3:73:85:85:a2:7f:4b:19:
         e6:25:e4:65:60:ab:42:84:d3:0c:c0:03:4f:52:89:b9:e0:0d:
         3e:91:ac:b7:aa:e9:15:00:01:de:66:46:59:b0:0e:c2:99:b1:
         91:e0:a3:15:0d:89:a9:33:75:0c:f4:b2:e7:05:d8:0d:96:5c:
         fd:f0:66:94:20:e2:5a:7b:98:c7:f6:d3:61:80:b5:d0:1f:8e:
         29:6e:58:ff:4d:42:05:94:00:fa:fe:27:50:30:67:26:a7:ae:
         e7:5d:49:b7:96:52:a2:5b:e6:f1:57:cd:cd:8c:81:30:8f:d1:
         b0:b4:7a:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBjvUMc5VuDO4wVistJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi
ZmU5MWEwHhcNMjYwMzI1MjIwMTEzWhcNMjYwMzI2MjIwMTEzWjAzMTEwLwYDVQQD
Eyg2NzQ1YzQyMDA2NDhiYjI2YjJlZWI1Nzg3YWQ3ODhiODRiZjhlYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lqC5nGYLW+NgaPRaLvqugVP5udO
s/dp81WTegVjPgPqD9pzqv4EfrZ/sRpR+atuedmLjdnZTmBVB4c4iz/36iIqoR0s
RBCwhC66xd/dd1IRa1XlQThVGJGiqa5KjDpydovC+ZAIPtRflgZVraTstFBlDle2
MHOn+oNn04aJx3xlNDk62cHaA68WlsmIU/pwYQQWmkpbzN7NM1h8igsQQ12GgEqt
USuV3Q7IR/CPkAPDi7xurxUJJWHjY4X4nNsTYfNGn4Un4PZvGtbNJgxo7YoRsyYJ
zzHL8Gt9DA8rRRXaqtPoignTjo3z1/4oxwNRPM8UFG0X6p9PRZYt+HEUjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdFxCAGSLsmsu61eHrXiLhL+OpMMB8GA1UdIwQY
MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt
NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0
LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIn16oaSb
hWEY3ckt3khY7usv0jYLQyIeLiv7XDzSmoT3mDuO6775DYNioz5HceHCVP0Nh3yt
dF8F/Fx4X11iUqnxLyUbyUmYSIVM1+ZS5hcV4g9YIZXbYaHwyBgaiPk8hOhKcnlQ
fxpORByCvqLIGjotdGSU805f8cQDwOTtKbxJ2LW2CYN1fsNzhYWif0sZ5iXkZWCr
QoTTDMADT1KJueANPpGst6rpFQAB3mZGWbAOwpmxkeCjFQ2JqTN1DPSy5wXYDZZc
/fBmlCDiWnuYx/bTYYC10B+OKW5Y/01CBZQA+v4nUDBnJqeu511Jt5ZSolvm8VfN
zYyBMI/RsLR6sQ==
-----END CERTIFICATE-----