Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          WXha0GWDCWswuTlJvYEJjqqkyx5WMK6eQSG6TwnmAYI=
Subject key identifier:   45:92:D4:64:DC:BF:04:0D:9F:B0:71:6D:83:67:CB:85:6E:8B:79:9D
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       019E1EA3902A6390B4BD1A7ABFF75BEBD52B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          08A0
Signing time:             Wed 13 May 2026 00:01:36 +0000
Manifest this update:     Wed 13 May 2026 00:01:36 +0000
Manifest next update:     Thu 14 May 2026 00:01:36 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: tIvgeq+K+jLs5MOY32dgjyM8VoyFcCToYq5XjrItD5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a3:90:2a:63:90:b4:bd:1a:7a:bf:f7:5b:eb:d5:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: May 13 00:01:36 2026 GMT
            Not After : May 14 00:01:36 2026 GMT
        Subject: CN=4592d464dcbf040d9fb0716d8367cb856e8b799d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9b:67:60:66:c5:f5:ae:e4:ad:b9:03:d0:40:
                    86:ed:20:3d:37:a3:a4:1f:46:37:9e:d3:65:a7:7b:
                    e1:84:33:e6:18:ba:67:f5:1b:19:15:81:88:85:f6:
                    7e:7c:de:1c:48:23:0f:22:aa:22:81:b0:e7:24:26:
                    9e:e8:91:a5:7a:86:e4:66:28:eb:73:c9:ef:70:09:
                    e3:82:ca:ec:b9:21:86:6a:d8:2f:78:25:b7:67:46:
                    8c:13:a8:7a:81:4b:67:e5:19:15:ad:74:45:e4:06:
                    e4:7f:41:aa:fc:9f:c3:37:c0:6e:44:34:56:c5:35:
                    64:29:31:6d:36:bf:e0:c2:ae:97:74:38:df:36:b5:
                    00:0f:73:99:b9:fb:a1:be:db:91:c7:b9:67:52:e5:
                    49:72:82:1e:f7:ff:76:2b:2f:c9:90:e5:70:2f:7b:
                    5a:49:78:62:e4:52:d3:bc:70:d9:39:a3:11:a4:03:
                    e2:6d:8d:14:81:e9:83:b0:0b:74:c7:82:02:bd:2f:
                    8a:44:cf:8b:cd:65:15:be:c2:8c:32:a8:99:2a:1c:
                    4c:92:e4:45:5a:9f:97:ed:4d:41:a7:dd:df:13:9b:
                    7b:1b:83:82:82:fb:74:52:07:c0:d4:e5:b8:50:75:
                    59:54:76:07:7a:07:b6:79:4f:d7:2e:68:f6:78:40:
                    2a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:92:D4:64:DC:BF:04:0D:9F:B0:71:6D:83:67:CB:85:6E:8B:79:9D
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:f5:d0:d9:38:e8:80:18:78:bf:89:23:11:f2:e9:44:f1:ba:
         bb:ef:44:0d:4a:26:69:88:e9:1b:2f:f6:8e:ab:ed:c5:69:7f:
         4c:c7:fc:2d:9f:18:a2:b4:0a:59:90:92:13:e1:0e:59:8a:14:
         cd:04:1e:ad:38:d0:47:07:3f:76:cc:a0:2d:43:d6:d2:a9:1e:
         b5:8b:57:ef:3d:ec:da:46:3c:96:04:05:d2:49:27:d4:3d:24:
         5f:1d:de:73:39:e8:2e:51:6a:3f:22:17:86:a5:78:47:08:0d:
         52:9b:43:a8:82:54:0f:bf:2e:87:47:ae:66:ff:86:b5:76:d0:
         be:1e:3d:10:75:a8:8b:91:6f:0f:42:69:1f:78:66:87:8d:a2:
         6d:22:68:06:c9:75:5a:33:e2:3f:76:fb:7e:66:3a:a5:1b:ef:
         9b:a4:16:bf:53:d9:da:76:ee:2c:04:1f:14:92:09:1c:ba:8c:
         71:cd:63:d7:70:0e:7f:9f:b3:f3:a2:75:1b:c9:56:b3:f0:9f:
         d5:6b:a7:39:cd:bd:74:83:d7:fe:a6:96:64:14:71:40:7f:94:
         92:ee:44:89:30:b3:7a:f7:78:23:a0:ee:1d:0f:b5:a5:76:08:
         be:4f:b9:a4:8f:ee:5a:ed:0f:eb:4e:85:a8:45:3b:61:3e:ca:
         dc:ba:21:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eo5AqY5C0vRp6v/db69UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjYwNTEzMDAwMTM2WhcNMjYwNTE0MDAwMTM2WjAzMTEwLwYDVQQD
Eyg0NTkyZDQ2NGRjYmYwNDBkOWZiMDcxNmQ4MzY3Y2I4NTZlOGI3OTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsptnYGbF9a7krbkD0ECG7SA9N6Ok
H0Y3ntNlp3vhhDPmGLpn9RsZFYGIhfZ+fN4cSCMPIqoigbDnJCae6JGleobkZijr
c8nvcAnjgsrsuSGGatgveCW3Z0aME6h6gUtn5RkVrXRF5Abkf0Gq/J/DN8BuRDRW
xTVkKTFtNr/gwq6XdDjfNrUAD3OZufuhvtuRx7lnUuVJcoIe9/92Ky/JkOVwL3ta
SXhi5FLTvHDZOaMRpAPibY0UgemDsAt0x4ICvS+KRM+LzWUVvsKMMqiZKhxMkuRF
Wp+X7U1Bp93fE5t7G4OCgvt0UgfA1OW4UHVZVHYHege2eU/XLmj2eEAqDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWS1GTcvwQNn7BxbYNny4Vui3mdMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoPXQ2Tjo
gBh4v4kjEfLpRPG6u+9EDUomaYjpGy/2jqvtxWl/TMf8LZ8YorQKWZCSE+EOWYoU
zQQerTjQRwc/dsygLUPW0qketYtX7z3s2kY8lgQF0kkn1D0kXx3ecznoLlFqPyIX
hqV4RwgNUptDqIJUD78uh0euZv+GtXbQvh49EHWoi5FvD0JpH3hmh42ibSJoBsl1
WjPiP3b7fmY6pRvvm6QWv1PZ2nbuLAQfFJIJHLqMcc1j13AOf5+z86J1G8lWs/Cf
1WunOc29dIPX/qaWZBRxQH+Uku5EiTCzevd4I6DuHQ+1pXYIvk+5pI/uWu0P606F
qEU7YT7K3LohXQ==
-----END CERTIFICATE-----