Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
File:                     39D7xN6B7icnq6PpEK_NKlOmZAw.mft (raw, json)
Hash identifier:          MdruxyuBuMH8HjPwSS6Qk+j35DquonHJLOOaUtoNMXM=
Subject key identifier:   AF:82:B7:22:66:7F:0C:9F:55:49:31:39:6B:F5:E8:45:7D:FA:FE:0C
Authority key identifier: DF:D0:FB:C4:DE:81:EE:27:27:AB:A3:E9:10:AF:CD:2A:53:A6:64:0C
Certificate issuer:       /CN=dfd0fbc4de81ee2727aba3e910afcd2a53a6640c
Certificate serial:       019E1CE4CB3989FFA853E0A57B75960A8E31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
Manifest number:          0205
Signing time:             Tue 12 May 2026 15:53:36 +0000
Manifest this update:     Tue 12 May 2026 15:53:36 +0000
Manifest next update:     Wed 13 May 2026 15:53:36 +0000
Files and hashes:         1: 39D7xN6B7icnq6PpEK_NKlOmZAw.crl (hash: /tnysfqb4AG+trPEpkSaKtAT1bPDzEVRtOvYKeGcugU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:e4:cb:39:89:ff:a8:53:e0:a5:7b:75:96:0a:8e:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfd0fbc4de81ee2727aba3e910afcd2a53a6640c
        Validity
            Not Before: May 12 15:53:36 2026 GMT
            Not After : May 13 15:53:36 2026 GMT
        Subject: CN=af82b722667f0c9f554931396bf5e8457dfafe0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1b:d0:73:73:3e:fe:14:06:93:9b:9f:45:11:
                    bc:30:b3:b1:6d:c7:ba:68:cd:f4:37:f7:ec:59:f6:
                    e1:82:3a:26:90:a8:16:4f:df:9d:c7:36:63:57:b8:
                    a9:1f:42:3b:30:5c:ab:10:bc:45:3d:f3:fe:24:51:
                    55:51:73:3c:e9:b7:7a:1b:f8:f7:c2:e7:60:cb:64:
                    39:bf:0d:c1:c9:a8:9f:ae:6b:14:64:bc:24:57:d6:
                    8e:ee:1a:6c:7e:6d:5d:e8:d8:d9:37:37:75:38:ca:
                    e0:08:c4:73:6f:af:1b:04:6f:ea:ed:ef:73:41:28:
                    c9:c1:4b:6c:00:a8:97:dc:5b:f9:0a:a6:2a:6b:4a:
                    01:8e:1e:60:66:57:f9:fa:0c:3d:1d:67:4c:dc:bf:
                    d7:fc:68:6f:b9:15:a0:4c:de:1b:58:64:4f:05:b1:
                    f4:42:39:23:e3:a1:16:a2:f9:60:c0:b6:58:51:b6:
                    85:29:77:94:00:65:e2:67:55:95:ed:11:d7:de:0c:
                    49:6f:eb:fd:55:c9:7e:a6:df:78:55:49:b1:bb:cc:
                    1e:c5:c2:a7:a1:62:23:e7:94:e3:ad:6e:6e:3e:af:
                    05:6a:e6:72:c2:07:de:f2:18:ea:2c:de:65:93:47:
                    1f:3a:f5:40:5a:52:4d:be:cd:06:c0:63:e3:de:4a:
                    b7:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:82:B7:22:66:7F:0C:9F:55:49:31:39:6B:F5:E8:45:7D:FA:FE:0C
            X509v3 Authority Key Identifier:
                keyid:DF:D0:FB:C4:DE:81:EE:27:27:AB:A3:E9:10:AF:CD:2A:53:A6:64:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:08:83:d2:dd:33:9b:d0:0c:b7:a4:81:f5:09:7e:5e:58:3b:
         0a:56:c6:a9:a2:58:e2:ef:e5:29:0f:45:72:ae:f2:0e:3d:2d:
         6f:26:e8:95:89:b8:5f:21:77:74:67:63:5f:07:f0:7f:26:13:
         de:c6:eb:b8:d2:d2:4b:48:fe:f2:b1:7e:9c:5e:cb:da:c4:ba:
         b2:11:5a:df:ca:61:20:fb:98:1d:c1:d6:d9:ff:fb:c3:5c:b4:
         e5:fe:6d:f8:82:95:e5:db:ee:49:c8:3a:d4:59:81:3f:8d:e7:
         6f:e6:0e:0a:03:dd:fa:48:25:85:d6:53:09:00:d1:ba:fb:33:
         76:54:7c:9a:84:74:8f:18:74:08:48:c9:14:32:21:bf:3a:27:
         da:d2:a8:9e:04:99:2e:40:06:03:90:c0:e7:d9:64:96:29:bc:
         b4:8a:5c:fb:d3:84:9c:4b:fc:10:d4:25:46:ca:3d:ed:87:ac:
         d7:c0:ff:cf:3e:80:38:79:f0:4a:d6:a3:1b:b9:a8:cd:b1:59:
         2e:2f:2c:8e:05:5e:48:5f:69:a1:6c:21:98:a2:39:77:de:29:
         14:5f:e5:56:cb:67:70:e5:d7:48:d6:bb:80:f6:b3:e2:75:b9:
         6a:57:49:d6:79:74:84:43:e7:97:66:55:f8:87:52:16:49:f6:
         71:da:9d:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c5Ms5if+oU+Cle3WWCo4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDBmYmM0ZGU4MWVlMjcyN2FiYTNlOTEwYWZjZDJhNTNh
NjY0MGMwHhcNMjYwNTEyMTU1MzM2WhcNMjYwNTEzMTU1MzM2WjAzMTEwLwYDVQQD
EyhhZjgyYjcyMjY2N2YwYzlmNTU0OTMxMzk2YmY1ZTg0NTdkZmFmZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhvQc3M+/hQGk5ufRRG8MLOxbce6
aM30N/fsWfbhgjomkKgWT9+dxzZjV7ipH0I7MFyrELxFPfP+JFFVUXM86bd6G/j3
wudgy2Q5vw3ByaifrmsUZLwkV9aO7hpsfm1d6NjZNzd1OMrgCMRzb68bBG/q7e9z
QSjJwUtsAKiX3Fv5CqYqa0oBjh5gZlf5+gw9HWdM3L/X/GhvuRWgTN4bWGRPBbH0
Qjkj46EWovlgwLZYUbaFKXeUAGXiZ1WV7RHX3gxJb+v9Vcl+pt94VUmxu8wexcKn
oWIj55TjrW5uPq8FauZywgfe8hjqLN5lk0cfOvVAWlJNvs0GwGPj3kq3twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+CtyJmfwyfVUkxOWv16EV9+v4MMB8GA1UdIwQY
MBaAFN/Q+8Tege4nJ6uj6RCvzSpTpmQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yNDU4NzMtMWNhNy00YjcxLWIyMjAt
ZWRiMDQxOGNhYzRkLzEvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yNDU4NzMtMWNhNy00YjcxLWIyMjAtZWRiMDQxOGNhYzRk
LzEvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVgiD0t0z
m9AMt6SB9Ql+Xlg7ClbGqaJY4u/lKQ9Fcq7yDj0tbybolYm4XyF3dGdjXwfwfyYT
3sbruNLSS0j+8rF+nF7L2sS6shFa38phIPuYHcHW2f/7w1y05f5t+IKV5dvuScg6
1FmBP43nb+YOCgPd+kglhdZTCQDRuvszdlR8moR0jxh0CEjJFDIhvzon2tKongSZ
LkAGA5DA59lklim8tIpc+9OEnEv8ENQlRso97Yes18D/zz6AOHnwStajG7mozbFZ
Li8sjgVeSF9poWwhmKI5d94pFF/lVstncOXXSNa7gPaz4nW5aldJ1nl0hEPnl2ZV
+IdSFkn2cdqdnw==
-----END CERTIFICATE-----