Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
File:                     5-aiybui7N1AdLMVN1mDXoI6uOQ.mft (raw, json)
Hash identifier:          2DTA83luvVZ0IERv0Ql5ZewsWV3VLmOuC+Hwd6uXXz8=
Subject key identifier:   A7:81:4E:67:F1:27:F2:35:6F:3E:C3:40:A4:27:A3:67:49:4A:24:2B
Authority key identifier: E7:E6:A2:C9:BB:A2:EC:DD:40:74:B3:15:37:59:83:5E:82:3A:B8:E4
Certificate issuer:       /CN=e7e6a2c9bba2ecdd4074b3153759835e823ab8e4
Certificate serial:       019E1E35F5C36105019D5D1AE16FA675F400
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
Manifest number:          0FE6
Signing time:             Tue 12 May 2026 22:01:53 +0000
Manifest this update:     Tue 12 May 2026 22:01:53 +0000
Manifest next update:     Wed 13 May 2026 22:01:53 +0000
Files and hashes:         1: 5-aiybui7N1AdLMVN1mDXoI6uOQ.crl (hash: R275fD/SqwmZXrwr2GO0SEayr+eGOgtMFh22qbEZByw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:f5:c3:61:05:01:9d:5d:1a:e1:6f:a6:75:f4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7e6a2c9bba2ecdd4074b3153759835e823ab8e4
        Validity
            Not Before: May 12 22:01:53 2026 GMT
            Not After : May 13 22:01:53 2026 GMT
        Subject: CN=a7814e67f127f2356f3ec340a427a367494a242b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6d:5a:06:41:70:66:84:05:09:83:82:2b:dd:
                    cf:ea:cb:9c:a6:81:88:0b:8c:3d:9f:52:47:9b:1c:
                    10:1c:b2:d1:c2:09:4f:7a:34:0d:66:ca:ef:6a:c0:
                    75:d5:d2:fc:bd:fa:68:34:63:d0:42:dd:13:19:5f:
                    95:8e:1e:8f:65:19:11:45:55:94:b8:5f:57:70:7b:
                    16:ca:18:5c:d0:92:0e:6f:10:fe:32:ce:db:bb:0c:
                    6c:14:35:d8:bb:bb:32:bf:c3:36:df:ba:38:92:19:
                    11:0b:0c:f7:fc:98:0c:53:b9:25:f1:2e:26:41:c2:
                    dc:f7:54:57:1e:47:3d:a5:08:6b:e4:49:ad:c1:a9:
                    bf:81:f5:1e:0d:45:70:48:62:f5:4f:02:f5:6c:54:
                    5a:a4:8a:3a:c4:cf:29:ed:a9:93:45:bf:28:8e:5a:
                    88:1f:57:7d:e7:cc:1f:42:ee:06:a7:7e:e7:4c:0f:
                    41:96:cf:20:67:41:e0:56:b9:e5:69:6f:f2:aa:52:
                    32:62:9d:dc:19:56:a9:e1:28:5b:93:21:88:55:c2:
                    3a:ed:d9:82:78:6a:53:31:a4:32:62:56:7e:91:1f:
                    88:24:dc:46:a2:18:23:40:c0:a4:6a:f4:26:08:42:
                    b7:6e:cf:a1:ee:27:64:0a:bc:a8:68:6b:9d:a0:c5:
                    c4:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:81:4E:67:F1:27:F2:35:6F:3E:C3:40:A4:27:A3:67:49:4A:24:2B
            X509v3 Authority Key Identifier:
                keyid:E7:E6:A2:C9:BB:A2:EC:DD:40:74:B3:15:37:59:83:5E:82:3A:B8:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-aiybui7N1AdLMVN1mDXoI6uOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/35b59e-bc27-4206-a7d9-53569aca3a5f/1/5-aiybui7N1AdLMVN1mDXoI6uOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:66:62:ac:7c:fd:03:94:94:7b:04:d5:f1:8d:7c:62:68:3d:
         c1:50:c2:af:0b:15:68:6e:4b:04:1e:d6:88:e5:b4:2a:b7:64:
         ac:44:de:af:8f:5c:17:38:b8:c1:c4:23:9f:31:a6:b8:16:1d:
         08:be:73:b5:38:3e:da:d8:4f:f7:dc:5f:01:86:6a:93:e1:67:
         3f:8d:c4:b6:07:e1:86:a8:99:60:6f:2b:39:83:eb:80:c3:58:
         bb:7e:29:93:40:25:95:47:a2:f0:91:ba:6a:d2:ea:83:71:62:
         7b:bd:71:0b:1d:15:01:0a:f8:f0:e9:58:ef:bd:95:58:4f:e8:
         44:72:19:01:ff:51:08:78:40:d4:97:cb:70:c8:32:bf:42:12:
         75:27:17:9c:8f:10:f5:ea:81:e5:8a:a8:88:d8:f1:49:91:7b:
         08:9e:ea:70:10:c0:67:9b:23:e8:80:e8:25:c2:3a:ed:10:a7:
         66:11:d4:f3:46:28:48:4b:11:6a:bc:6e:02:a2:0a:7f:23:fa:
         a8:51:b5:be:de:db:ca:47:54:d8:8b:51:04:20:9a:06:40:3e:
         7c:18:64:90:53:b9:20:cc:e0:51:5e:aa:b8:e2:15:22:06:19:
         c2:73:b0:a6:5b:4a:3a:89:8d:cf:8c:c7:8f:12:0b:b8:19:4a:
         9b:47:f5:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNfXDYQUBnV0a4W+mdfQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTZhMmM5YmJhMmVjZGQ0MDc0YjMxNTM3NTk4MzVlODIz
YWI4ZTQwHhcNMjYwNTEyMjIwMTUzWhcNMjYwNTEzMjIwMTUzWjAzMTEwLwYDVQQD
EyhhNzgxNGU2N2YxMjdmMjM1NmYzZWMzNDBhNDI3YTM2NzQ5NGEyNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW1aBkFwZoQFCYOCK93P6sucpoGI
C4w9n1JHmxwQHLLRwglPejQNZsrvasB11dL8vfpoNGPQQt0TGV+Vjh6PZRkRRVWU
uF9XcHsWyhhc0JIObxD+Ms7buwxsFDXYu7syv8M237o4khkRCwz3/JgMU7kl8S4m
QcLc91RXHkc9pQhr5Emtwam/gfUeDUVwSGL1TwL1bFRapIo6xM8p7amTRb8ojlqI
H1d958wfQu4Gp37nTA9Bls8gZ0HgVrnlaW/yqlIyYp3cGVap4ShbkyGIVcI67dmC
eGpTMaQyYlZ+kR+IJNxGohgjQMCkavQmCEK3bs+h7idkCryoaGudoMXEHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeBTmfxJ/I1bz7DQKQno2dJSiQrMB8GA1UdIwQY
MBaAFOfmosm7ouzdQHSzFTdZg16COrjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNWI1OWUtYmMyNy00MjA2LWE3ZDkt
NTM1NjlhY2EzYTVmLzEvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNWI1OWUtYmMyNy00MjA2LWE3ZDktNTM1NjlhY2EzYTVm
LzEvNS1haXlidWk3TjFBZExNVk4xbURYb0k2dU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2ZirHz9
A5SUewTV8Y18Ymg9wVDCrwsVaG5LBB7WiOW0KrdkrETer49cFzi4wcQjnzGmuBYd
CL5ztTg+2thP99xfAYZqk+FnP43EtgfhhqiZYG8rOYPrgMNYu34pk0AllUei8JG6
atLqg3Fie71xCx0VAQr48OlY772VWE/oRHIZAf9RCHhA1JfLcMgyv0ISdScXnI8Q
9eqB5YqoiNjxSZF7CJ7qcBDAZ5sj6IDoJcI67RCnZhHU80YoSEsRarxuAqIKfyP6
qFG1vt7bykdU2ItRBCCaBkA+fBhkkFO5IMzgUV6quOIVIgYZwnOwpltKOomNz4zH
jxILuBlKm0f1BA==
-----END CERTIFICATE-----