Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          5PM2WPoVdsbYYbpws2viP9mDprqcjMNTPC3XXUtQFNE=
Subject key identifier:   DE:DC:CA:F5:1D:36:8F:5A:17:A3:98:AA:28:DC:7F:11:19:DC:DF:58
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       019D2771D3019E30C3D673D6C9DB22C127DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          0820
Signing time:             Thu 26 Mar 2026 00:01:04 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:04 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:04 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: KRC5IT3tXcSVwTKrx0sfPkKH2a+Hdv5JXZxM4jDquUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:d3:01:9e:30:c3:d6:73:d6:c9:db:22:c1:27:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Mar 26 00:01:04 2026 GMT
            Not After : Mar 27 00:01:04 2026 GMT
        Subject: CN=dedccaf51d368f5a17a398aa28dc7f1119dcdf58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:17:45:5f:18:1e:38:34:f0:a5:68:1b:0d:18:
                    a0:87:af:1d:a1:37:dd:56:f3:b7:8c:0b:4f:35:d4:
                    08:32:77:c1:2b:5c:31:25:b9:73:c4:18:53:4d:80:
                    6d:38:11:7d:48:c9:7a:43:07:07:b0:0e:47:bd:8f:
                    b6:94:c7:4d:c3:1c:ac:a4:b4:1a:b9:61:c2:b9:12:
                    3f:c9:be:25:73:7f:d1:5a:02:ed:e6:ef:bf:22:5a:
                    6f:40:b2:f9:c3:71:38:67:60:64:b5:ce:56:79:a5:
                    06:8f:37:f3:6b:53:b6:78:e0:eb:77:a7:b6:01:1f:
                    5f:a8:3f:19:05:7d:5f:bb:79:27:d6:f6:95:a0:f5:
                    c1:03:44:8f:15:76:c6:95:4b:85:9c:2b:e3:4d:0c:
                    75:61:5a:a4:5d:a1:c1:bc:38:31:65:2f:1f:a7:d0:
                    bd:44:ee:36:c9:bc:3e:74:3f:a9:89:ec:5e:a3:c2:
                    16:82:5f:c4:80:83:36:6f:cf:70:3f:84:fe:a1:5a:
                    71:46:f8:5a:c5:40:99:0e:5f:90:6e:36:1a:3d:80:
                    8b:0f:c5:5c:eb:f1:fd:f4:27:4d:df:45:db:5b:b9:
                    c0:00:14:95:4f:53:98:f3:a9:bc:9a:8d:5b:49:1d:
                    34:b6:81:79:b3:7e:2c:b0:24:12:a8:04:66:e7:83:
                    3f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:DC:CA:F5:1D:36:8F:5A:17:A3:98:AA:28:DC:7F:11:19:DC:DF:58
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:08:80:7f:bd:f3:24:e9:b5:84:14:1e:9b:a0:85:cb:a1:3d:
         80:12:8a:b7:16:2a:f8:28:f4:7c:40:c8:c5:9a:87:f7:b2:ec:
         80:9e:33:9c:09:7e:64:30:3f:ac:be:5d:1a:69:55:5d:2b:e9:
         5a:dd:46:ee:cb:1c:7c:0d:04:4d:27:7f:8b:84:16:a7:3d:36:
         c6:c2:fd:9f:af:93:f2:55:d0:48:50:7c:16:b2:ac:48:c6:1f:
         bd:33:34:7a:59:80:2c:ea:16:69:3c:ec:f0:5c:18:94:4b:d3:
         8a:e2:4d:06:2c:66:1c:ec:6d:f0:2e:b2:b5:ce:43:be:c7:11:
         3e:95:a9:d2:41:5f:06:84:01:fe:b6:b2:c9:02:9a:21:65:f4:
         7f:7a:bf:32:19:b8:e9:84:6f:c3:26:4f:88:43:17:11:a2:63:
         b5:54:5d:b4:02:48:74:8a:a5:e8:45:5a:ce:6e:6b:9b:05:1a:
         b0:86:eb:b3:c1:86:0a:da:3d:66:02:3a:60:18:39:c4:3e:69:
         2b:6c:06:55:bd:b5:2c:21:f8:b4:83:af:40:3f:4f:05:01:9d:
         b7:64:10:4b:b5:17:54:1d:37:a2:63:64:ee:3b:44:90:ce:b2:
         fa:49:69:b4:42:f7:c1:ca:18:56:08:a3:9d:c2:42:95:35:fe:
         ea:9a:c8:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncdMBnjDD1nPWydsiwSfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjYwMzI2MDAwMTA0WhcNMjYwMzI3MDAwMTA0WjAzMTEwLwYDVQQD
EyhkZWRjY2FmNTFkMzY4ZjVhMTdhMzk4YWEyOGRjN2YxMTE5ZGNkZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BdFXxgeODTwpWgbDRigh68doTfd
VvO3jAtPNdQIMnfBK1wxJblzxBhTTYBtOBF9SMl6QwcHsA5HvY+2lMdNwxyspLQa
uWHCuRI/yb4lc3/RWgLt5u+/IlpvQLL5w3E4Z2Bktc5WeaUGjzfza1O2eODrd6e2
AR9fqD8ZBX1fu3kn1vaVoPXBA0SPFXbGlUuFnCvjTQx1YVqkXaHBvDgxZS8fp9C9
RO42ybw+dD+piexeo8IWgl/EgIM2b89wP4T+oVpxRvhaxUCZDl+QbjYaPYCLD8Vc
6/H99CdN30XbW7nAABSVT1OY86m8mo1bSR00toF5s34ssCQSqARm54M/XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7cyvUdNo9aF6OYqijcfxEZ3N9YMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAiAf73z
JOm1hBQem6CFy6E9gBKKtxYq+Cj0fEDIxZqH97LsgJ4znAl+ZDA/rL5dGmlVXSvp
Wt1G7sscfA0ETSd/i4QWpz02xsL9n6+T8lXQSFB8FrKsSMYfvTM0elmALOoWaTzs
8FwYlEvTiuJNBixmHOxt8C6ytc5DvscRPpWp0kFfBoQB/rayyQKaIWX0f3q/Mhm4
6YRvwyZPiEMXEaJjtVRdtAJIdIql6EVazm5rmwUasIbrs8GGCto9ZgI6YBg5xD5p
K2wGVb21LCH4tIOvQD9PBQGdt2QQS7UXVB03omNk7jtEkM6y+klptEL3wcoYVgij
ncJClTX+6prIBA==
-----END CERTIFICATE-----