Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          upj5Ga0uZPFe2YJTctYzQOGpX1WkPPm/r1zMmIHJXeg=
Subject key identifier:   AE:58:76:CF:11:7C:84:1F:1B:67:3A:37:2C:F3:68:3C:FA:BA:3B:CF
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       019E1C476A2B0516219B6E30F6A7B7DF9474
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0D11
Signing time:             Tue 12 May 2026 13:01:42 +0000
Manifest this update:     Tue 12 May 2026 13:01:42 +0000
Manifest next update:     Wed 13 May 2026 13:01:42 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: 6pnSbSrAWUpRO5u0X3CZ8FDwCVgg9RsiAVa1bfmxXpM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:6a:2b:05:16:21:9b:6e:30:f6:a7:b7:df:94:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: May 12 13:01:42 2026 GMT
            Not After : May 13 13:01:42 2026 GMT
        Subject: CN=ae5876cf117c841f1b673a372cf3683cfaba3bcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:82:40:04:53:69:b4:8c:9a:a5:59:2f:a4:7b:
                    6f:b9:8e:5d:83:1b:6f:f9:c6:d0:ed:ab:7d:d7:bf:
                    64:94:4a:21:a2:0a:60:8f:8f:1e:36:bb:ea:32:c5:
                    ad:81:78:a6:1f:17:22:91:d2:50:53:d3:2d:a3:6a:
                    12:5e:d5:b5:e4:33:eb:cf:56:c9:3e:15:34:92:f7:
                    82:b7:1f:8b:28:fa:91:e9:ad:cc:74:1b:2a:aa:29:
                    df:26:30:87:0f:e1:e0:57:e9:e0:9d:ec:b0:b4:c6:
                    3a:52:79:20:28:a6:05:56:c8:03:06:14:5f:ae:7c:
                    2b:3b:66:c3:1e:b7:e7:8f:2c:88:0a:5c:fb:2f:62:
                    81:6a:16:09:31:7d:21:51:bc:8b:79:6c:b5:c3:bc:
                    34:cd:e6:b4:f1:58:5a:7b:1d:d5:59:e5:ab:0f:c3:
                    c1:17:34:96:4f:67:7e:a3:76:de:aa:1c:54:87:c9:
                    80:73:7e:b8:6e:9b:04:f3:cc:0e:da:36:e9:b8:b7:
                    4c:c5:46:95:05:fb:e1:60:1d:09:90:34:d1:9d:76:
                    20:1a:a6:57:9d:75:62:d7:e8:c1:5e:cb:6c:32:1f:
                    3a:d9:6b:ff:46:85:46:b1:4c:f3:52:f8:1f:82:9d:
                    58:cf:6d:74:45:ff:d2:e5:36:16:9d:b3:dc:33:76:
                    61:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:58:76:CF:11:7C:84:1F:1B:67:3A:37:2C:F3:68:3C:FA:BA:3B:CF
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:82:47:7e:c0:03:f9:30:be:16:55:fe:9f:2e:ce:94:e2:1d:
         a8:f2:ef:32:d7:07:cb:85:86:ba:81:a8:ba:88:5c:45:03:ef:
         bf:0a:a1:63:7f:8c:f0:94:50:80:22:c6:8b:8e:16:44:c4:f9:
         fc:09:57:f7:1b:47:96:67:d9:02:d6:54:d6:7f:ce:05:50:87:
         f8:22:c7:47:3a:85:4b:44:49:f9:ad:e5:89:ff:ac:40:2d:77:
         b2:bb:01:07:b6:f2:b9:65:6f:65:41:72:78:77:d2:dd:3d:2e:
         6e:51:ad:92:60:8e:68:b7:3c:b4:06:c7:f6:57:12:14:33:40:
         4c:a8:30:1f:83:b6:07:9b:5a:95:ba:f5:5a:2a:23:2f:b3:c5:
         5a:a4:f3:c2:a3:35:ea:52:0f:1b:8f:4d:a9:c6:7c:e5:8b:df:
         72:1e:de:3d:92:5d:d2:95:5a:b3:95:62:85:9f:05:19:8b:ec:
         b3:20:9b:53:ff:be:96:b8:e4:66:34:60:df:38:5c:c8:7b:76:
         9e:6b:b6:05:e3:c0:88:4c:d7:d7:94:0c:13:a3:2a:b5:ab:55:
         1a:2c:d8:a5:09:fd:5a:90:0f:7d:1c:74:d1:65:b0:2d:26:07:
         3f:62:fe:0b:9d:9f:14:ff:2e:85:3d:bf:35:12:ea:6e:46:0e:
         2f:6a:66:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cR2orBRYhm24w9qe335R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjYwNTEyMTMwMTQyWhcNMjYwNTEzMTMwMTQyWjAzMTEwLwYDVQQD
EyhhZTU4NzZjZjExN2M4NDFmMWI2NzNhMzcyY2YzNjgzY2ZhYmEzYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYJABFNptIyapVkvpHtvuY5dgxtv
+cbQ7at9179klEohogpgj48eNrvqMsWtgXimHxcikdJQU9Mto2oSXtW15DPrz1bJ
PhU0kveCtx+LKPqR6a3MdBsqqinfJjCHD+HgV+ngneywtMY6UnkgKKYFVsgDBhRf
rnwrO2bDHrfnjyyIClz7L2KBahYJMX0hUbyLeWy1w7w0zea08Vhaex3VWeWrD8PB
FzSWT2d+o3beqhxUh8mAc364bpsE88wO2jbpuLdMxUaVBfvhYB0JkDTRnXYgGqZX
nXVi1+jBXstsMh862Wv/RoVGsUzzUvgfgp1Yz210Rf/S5TYWnbPcM3ZhtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5Yds8RfIQfG2c6NyzzaDz6ujvPMB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS4JHfsAD
+TC+FlX+ny7OlOIdqPLvMtcHy4WGuoGouohcRQPvvwqhY3+M8JRQgCLGi44WRMT5
/AlX9xtHlmfZAtZU1n/OBVCH+CLHRzqFS0RJ+a3lif+sQC13srsBB7byuWVvZUFy
eHfS3T0ublGtkmCOaLc8tAbH9lcSFDNATKgwH4O2B5talbr1WiojL7PFWqTzwqM1
6lIPG49NqcZ85Yvfch7ePZJd0pVas5VihZ8FGYvssyCbU/++lrjkZjRg3zhcyHt2
nmu2BePAiEzX15QME6MqtatVGizYpQn9WpAPfRx00WWwLSYHP2L+C52fFP8uhT2/
NRLqbkYOL2pmYg==
-----END CERTIFICATE-----