Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          lhUnBG57Np8VfdBAOpxH+1gLaqfHMRDT9eCIcIizLKM=
Subject key identifier:   C9:10:BC:31:EC:91:60:A1:A9:B4:36:C8:EC:3A:DB:40:2F:F3:98:44
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       019D25F1BD3DCE4945012D4485231FFF22B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          0836
Signing time:             Wed 25 Mar 2026 17:01:32 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:32 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:32 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: oigigToAEsJkEJ9TdrtlmgAVED9AhqAEvJOBIRoJmEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:bd:3d:ce:49:45:01:2d:44:85:23:1f:ff:22:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: Mar 25 17:01:32 2026 GMT
            Not After : Mar 26 17:01:32 2026 GMT
        Subject: CN=c910bc31ec9160a1a9b436c8ec3adb402ff39844
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:00:a1:35:3e:e2:f7:03:b6:9b:04:66:f1:c8:
                    b5:01:14:30:74:c1:0a:d7:9e:94:fd:38:a3:f3:a6:
                    20:30:81:36:7d:6f:39:be:9b:57:16:8a:1d:69:b2:
                    1d:19:df:ac:2d:37:6a:f1:13:92:7d:e0:3a:36:65:
                    d0:0d:26:c3:01:20:cd:b6:6f:cb:a1:cd:09:50:07:
                    50:5f:3a:b7:49:19:a5:4d:af:52:f1:57:39:51:08:
                    0c:20:21:cc:92:19:a1:a1:ad:b8:37:2b:28:a2:8d:
                    09:31:17:38:4d:18:48:5f:52:a3:2d:60:7f:e2:85:
                    77:48:3f:93:c2:ba:6c:3a:21:5f:b0:56:67:12:78:
                    d3:c1:aa:03:e1:fc:76:fd:60:a3:4e:0b:21:2c:0d:
                    af:6f:33:34:9a:74:47:9d:81:50:68:07:c3:ad:b5:
                    5b:69:c7:e8:ff:bd:91:29:26:40:67:f3:31:e3:01:
                    b3:36:57:8a:f2:43:df:f4:2c:63:b5:f9:26:ba:31:
                    ee:13:ed:a1:d2:e1:59:ef:60:29:fe:05:8f:72:d0:
                    15:1d:c2:7b:63:99:b7:18:a6:31:57:06:ef:cd:35:
                    fb:bc:c6:35:98:eb:07:7d:34:2e:bd:6c:82:6e:05:
                    15:d5:66:b1:fe:dd:50:43:e6:cf:cb:c0:e0:68:a2:
                    a2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:10:BC:31:EC:91:60:A1:A9:B4:36:C8:EC:3A:DB:40:2F:F3:98:44
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:ee:e9:5e:04:a3:f8:d2:94:8f:5c:25:34:7f:33:64:4f:5a:
         6f:a1:5d:63:dd:f5:d8:8e:68:fb:14:6d:f6:5b:00:e0:c1:78:
         87:12:60:87:09:09:56:9b:1f:8d:4e:cc:15:59:de:73:ff:33:
         0b:5f:42:b7:b3:7c:52:f0:7f:99:ba:3e:16:09:e3:6d:6f:d9:
         a7:7a:ab:d2:f0:06:f9:17:fa:a3:3d:37:fe:73:0a:22:83:bf:
         61:98:a8:72:81:e0:bc:3f:89:45:a2:7d:4d:c2:6d:70:c9:c8:
         99:09:c9:c6:7a:9e:05:61:d7:d7:46:55:c3:43:95:00:c4:49:
         f0:31:6b:ca:19:d3:a7:83:ea:4d:d2:dc:5c:09:2b:b9:af:c4:
         c9:af:a6:0e:c6:3f:d1:0a:58:ba:75:d5:eb:89:ec:44:77:dd:
         a5:fc:60:c2:24:fe:9d:7a:a4:46:55:f7:3f:91:7e:84:62:43:
         9d:39:29:e2:b0:1a:49:f2:c1:e4:ab:b0:85:f5:ca:ef:81:06:
         0d:4c:08:97:a3:44:e0:da:fd:6e:87:3e:8b:9b:3a:c0:35:de:
         fa:3a:15:65:da:8d:37:f2:80:70:9c:70:29:6a:2b:30:8a:90:
         37:f8:e9:c6:f1:80:59:b4:c2:f1:11:37:c7:95:92:0a:91:a7:
         12:95:1e:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8b09zklFAS1EhSMf/yKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjYwMzI1MTcwMTMyWhcNMjYwMzI2MTcwMTMyWjAzMTEwLwYDVQQD
EyhjOTEwYmMzMWVjOTE2MGExYTliNDM2YzhlYzNhZGI0MDJmZjM5ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwChNT7i9wO2mwRm8ci1ARQwdMEK
156U/Tij86YgMIE2fW85vptXFoodabIdGd+sLTdq8ROSfeA6NmXQDSbDASDNtm/L
oc0JUAdQXzq3SRmlTa9S8Vc5UQgMICHMkhmhoa24Nysooo0JMRc4TRhIX1KjLWB/
4oV3SD+TwrpsOiFfsFZnEnjTwaoD4fx2/WCjTgshLA2vbzM0mnRHnYFQaAfDrbVb
acfo/72RKSZAZ/Mx4wGzNleK8kPf9CxjtfkmujHuE+2h0uFZ72Ap/gWPctAVHcJ7
Y5m3GKYxVwbvzTX7vMY1mOsHfTQuvWyCbgUV1Wax/t1QQ+bPy8DgaKKiRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkQvDHskWChqbQ2yOw620Av85hEMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXu7pXgSj
+NKUj1wlNH8zZE9ab6FdY9312I5o+xRt9lsA4MF4hxJghwkJVpsfjU7MFVnec/8z
C19Ct7N8UvB/mbo+FgnjbW/Zp3qr0vAG+Rf6oz03/nMKIoO/YZiocoHgvD+JRaJ9
TcJtcMnImQnJxnqeBWHX10ZVw0OVAMRJ8DFryhnTp4PqTdLcXAkrua/Eya+mDsY/
0QpYunXV64nsRHfdpfxgwiT+nXqkRlX3P5F+hGJDnTkp4rAaSfLB5KuwhfXK74EG
DUwIl6NE4Nr9boc+i5s6wDXe+joVZdqNN/KAcJxwKWorMIqQN/jpxvGAWbTC8RE3
x5WSCpGnEpUeiA==
-----END CERTIFICATE-----