Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          fSexV3JAymI7De6DMg5UI4WuOnItNthFd3RVPYhsUfg=
Subject key identifier:   89:1E:55:60:11:A7:66:60:3D:DE:F1:A2:71:F3:D4:B8:AC:E9:33:61
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       019D27721EE94F8EF545D1A475F907BB1D3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0F91
Signing time:             Thu 26 Mar 2026 00:01:23 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:23 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:23 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: eJJLs7w5v7kIei0SHfy2peJOd5UGrHbHGMlyEy2COBU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:1e:e9:4f:8e:f5:45:d1:a4:75:f9:07:bb:1d:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Mar 26 00:01:23 2026 GMT
            Not After : Mar 27 00:01:23 2026 GMT
        Subject: CN=891e556011a766603ddef1a271f3d4b8ace93361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:91:4c:7e:ef:a7:40:52:96:37:9d:3a:65:c6:
                    76:f3:80:b0:16:bd:f9:89:bb:8f:f8:fd:60:6a:ba:
                    62:21:c2:86:d2:4e:cc:c7:8d:88:e1:c6:9a:4a:80:
                    43:0d:f2:c3:f5:cd:35:ae:5f:6d:bd:d5:ec:fb:0a:
                    18:b7:1d:ea:56:a4:bc:b2:aa:fd:ac:e4:21:ef:4f:
                    8d:84:88:ed:13:c6:68:4f:57:78:b2:7a:dd:b3:0f:
                    19:a8:68:e8:c4:50:7f:d8:a6:c0:23:ac:ec:e8:4f:
                    4c:8d:4e:4a:f9:3a:ed:82:70:a1:7b:af:03:05:64:
                    9e:f2:33:75:95:5d:2c:9c:45:c0:a5:60:51:50:a0:
                    88:c3:2c:54:97:60:e7:3b:ba:8b:0d:22:49:12:74:
                    56:a8:a1:22:63:42:03:e3:16:ba:de:3c:dd:9e:d1:
                    5d:a2:de:b5:f9:1e:5a:f3:cb:b2:70:1d:5f:c2:08:
                    24:e7:24:63:c6:fe:43:b6:c3:b4:b2:12:22:28:f2:
                    46:a9:03:b5:ff:be:45:c9:a5:8c:23:d7:c2:c3:44:
                    27:52:dd:84:e3:16:31:d1:b9:11:26:cf:b7:f4:93:
                    4f:e1:71:f0:53:e3:3a:84:82:6e:7e:d4:8f:be:9e:
                    97:0d:3c:1c:4b:34:ff:e1:c1:b5:d3:46:f2:05:8e:
                    4d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:1E:55:60:11:A7:66:60:3D:DE:F1:A2:71:F3:D4:B8:AC:E9:33:61
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:b0:7e:de:64:92:00:4f:a5:fa:c6:8d:6d:16:e3:ba:fb:09:
         63:27:ca:b9:b2:e5:31:3c:ff:85:74:45:b8:64:56:f6:21:73:
         2c:43:1a:55:f4:41:62:da:80:25:c2:66:b5:2e:dc:11:bf:81:
         ab:e6:75:28:10:92:c1:48:c5:3b:bf:c3:47:bf:67:73:ec:1b:
         c7:17:a0:20:58:a6:fb:7d:06:b0:8f:09:bb:c6:d4:21:75:b7:
         de:71:6d:b3:14:f1:aa:2a:c0:e1:ab:4b:4b:6e:8b:ca:4a:b8:
         0b:c1:81:ef:2d:69:96:62:f0:7c:52:4d:58:ca:b1:99:79:47:
         73:57:58:e7:65:5d:0e:67:ec:11:6e:0c:7d:27:4b:11:27:37:
         93:2a:e9:9e:fa:3f:34:0d:2b:87:0f:d8:d9:b0:f5:1c:fe:31:
         7d:64:4e:0f:11:39:18:b3:79:dd:b0:3b:ce:0f:ff:5a:52:c7:
         d1:00:4f:0e:cd:1e:cb:af:d3:29:34:27:ed:c1:4b:cb:6a:bc:
         14:dc:d1:4f:2d:79:8a:42:85:4f:52:fc:d8:df:e0:55:d1:28:
         82:12:33:ca:6c:0b:6d:64:fc:42:6d:f0:3f:ee:73:bf:be:23:
         af:37:a8:a8:26:bc:d8:53:88:b0:e1:09:bd:de:4e:22:3e:a8:
         f2:6a:8e:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nch7pT471RdGkdfkHux08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjYwMzI2MDAwMTIzWhcNMjYwMzI3MDAwMTIzWjAzMTEwLwYDVQQD
Eyg4OTFlNTU2MDExYTc2NjYwM2RkZWYxYTI3MWYzZDRiOGFjZTkzMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZFMfu+nQFKWN506ZcZ284CwFr35
ibuP+P1garpiIcKG0k7Mx42I4caaSoBDDfLD9c01rl9tvdXs+woYtx3qVqS8sqr9
rOQh70+NhIjtE8ZoT1d4snrdsw8ZqGjoxFB/2KbAI6zs6E9MjU5K+TrtgnChe68D
BWSe8jN1lV0snEXApWBRUKCIwyxUl2DnO7qLDSJJEnRWqKEiY0ID4xa63jzdntFd
ot61+R5a88uycB1fwggk5yRjxv5DtsO0shIiKPJGqQO1/75FyaWMI9fCw0QnUt2E
4xYx0bkRJs+39JNP4XHwU+M6hIJuftSPvp6XDTwcSzT/4cG100byBY5NjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkeVWARp2ZgPd7xonHz1Lis6TNhMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUbB+3mSS
AE+l+saNbRbjuvsJYyfKubLlMTz/hXRFuGRW9iFzLEMaVfRBYtqAJcJmtS7cEb+B
q+Z1KBCSwUjFO7/DR79nc+wbxxegIFim+30GsI8Ju8bUIXW33nFtsxTxqirA4atL
S26Lykq4C8GB7y1plmLwfFJNWMqxmXlHc1dY52VdDmfsEW4MfSdLESc3kyrpnvo/
NA0rhw/Y2bD1HP4xfWRODxE5GLN53bA7zg//WlLH0QBPDs0ey6/TKTQn7cFLy2q8
FNzRTy15ikKFT1L82N/gVdEoghIzymwLbWT8Qm3wP+5zv74jrzeoqCa82FOIsOEJ
vd5OIj6o8mqOSA==
-----END CERTIFICATE-----