Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
File:                     5zcPsJ5SI60eRI9MDxYv6plae1Y.mft (raw, json)
Hash identifier:          NK+F4YlxrCYC9aedyWTVyBkWDCyklo3YPG51hHMoP8c=
Subject key identifier:   A5:D7:10:DE:D2:6D:62:7B:31:40:08:B6:B4:34:9B:F5:B9:ED:78:D2
Authority key identifier: E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56
Certificate issuer:       /CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
Certificate serial:       019D2AE052B330EF9BB7BF51ABDE74909BEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
Manifest number:          16A7
Signing time:             Thu 26 Mar 2026 16:00:37 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:37 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:37 +0000
Files and hashes:         1: 5zcPsJ5SI60eRI9MDxYv6plae1Y.crl (hash: 3wIEmBnxCSY3832ux41JSPrpZXiVfd6QREDPuxJ+S7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:52:b3:30:ef:9b:b7:bf:51:ab:de:74:90:9b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
        Validity
            Not Before: Mar 26 16:00:37 2026 GMT
            Not After : Mar 27 16:00:37 2026 GMT
        Subject: CN=a5d710ded26d627b314008b6b4349bf5b9ed78d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:63:77:ff:d9:ba:39:95:c1:72:7c:7e:49:dd:
                    f4:7d:7c:fa:00:eb:23:f0:1d:1a:80:96:0b:44:3c:
                    bf:b4:a5:24:01:ab:17:84:09:90:a8:31:de:02:3a:
                    a2:cd:8b:f1:a9:61:e5:4e:aa:07:c0:12:41:18:f9:
                    a8:20:d7:4a:d2:de:01:4c:c1:f3:4d:cb:28:98:0b:
                    cc:49:09:a9:9d:02:04:7c:c8:d3:e7:6d:6e:c4:e1:
                    ee:42:4c:85:d3:7c:05:b7:5d:fa:64:d3:0f:ad:12:
                    e1:ca:74:67:04:d9:72:62:6c:5c:3b:6d:3c:af:21:
                    35:5e:a7:5f:50:2e:e1:05:fd:d0:8f:c2:f6:bf:47:
                    97:c5:e0:e7:b8:2f:b5:d0:24:ee:13:eb:02:82:d0:
                    02:4e:79:63:55:c3:dc:5c:7d:87:43:a2:3a:79:6b:
                    56:b1:90:c4:79:fb:1a:9b:94:9b:a3:73:00:55:9b:
                    22:59:c1:13:6f:d3:55:86:fc:32:f2:1a:96:40:76:
                    59:c6:aa:40:81:96:31:95:02:b9:be:69:ff:84:cf:
                    20:ba:88:22:e2:f5:90:78:28:8b:ad:d3:63:16:97:
                    fa:ab:fc:b5:aa:29:1b:08:75:b8:49:8e:e3:cb:6c:
                    98:90:17:01:e2:e2:a2:d1:5e:b0:e1:23:c9:95:f4:
                    61:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D7:10:DE:D2:6D:62:7B:31:40:08:B6:B4:34:9B:F5:B9:ED:78:D2
            X509v3 Authority Key Identifier:
                keyid:E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:4c:46:83:e4:f1:66:e9:8e:44:57:47:f0:7e:60:46:06:82:
         34:ed:b2:52:8d:d5:50:6f:c0:b1:68:d0:27:e2:e6:b2:db:e8:
         40:f2:e1:70:04:98:43:45:6c:05:e4:4d:70:0f:62:9d:91:ec:
         17:94:c4:ab:0a:e6:b1:20:a5:94:f5:3e:19:aa:ea:7d:f6:6c:
         f8:79:27:34:2a:36:9c:88:f7:20:66:cc:49:ca:5b:d9:ff:07:
         21:68:20:da:6c:91:94:84:bc:3e:e6:e6:17:72:61:1b:2b:13:
         a6:43:b1:50:52:44:dc:d5:98:db:fe:fa:90:70:58:2d:4a:d9:
         a9:4f:eb:49:f9:34:2e:a0:d3:15:5e:8d:6a:91:c7:f6:2b:79:
         66:f6:65:67:0d:2e:bf:e3:c7:cf:01:11:da:9a:c0:ea:c9:a0:
         a6:ab:e1:53:a5:12:3c:6d:79:48:fc:c4:0d:89:c6:68:9d:8e:
         60:62:da:a0:98:03:30:02:b5:aa:31:73:a1:45:9d:d4:4e:cd:
         17:b4:4e:f9:6f:bb:37:7f:79:af:44:32:08:60:6d:62:56:24:
         f8:54:6e:d8:9d:11:d8:6d:67:34:66:29:6e:6e:4b:dd:10:ee:
         a1:16:fc:5c:48:68:b2:0a:50:95:ec:8f:01:74:51:7d:aa:9f:
         29:45:75:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4FKzMO+bt79Rq950kJvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzcwZmIwOWU1MjIzYWQxZTQ0OGY0YzBmMTYyZmVhOTk1
YTdiNTYwHhcNMjYwMzI2MTYwMDM3WhcNMjYwMzI3MTYwMDM3WjAzMTEwLwYDVQQD
EyhhNWQ3MTBkZWQyNmQ2MjdiMzE0MDA4YjZiNDM0OWJmNWI5ZWQ3OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GN3/9m6OZXBcnx+Sd30fXz6AOsj
8B0agJYLRDy/tKUkAasXhAmQqDHeAjqizYvxqWHlTqoHwBJBGPmoINdK0t4BTMHz
TcsomAvMSQmpnQIEfMjT521uxOHuQkyF03wFt136ZNMPrRLhynRnBNlyYmxcO208
ryE1XqdfUC7hBf3Qj8L2v0eXxeDnuC+10CTuE+sCgtACTnljVcPcXH2HQ6I6eWtW
sZDEefsam5Sbo3MAVZsiWcETb9NVhvwy8hqWQHZZxqpAgZYxlQK5vmn/hM8guogi
4vWQeCiLrdNjFpf6q/y1qikbCHW4SY7jy2yYkBcB4uKi0V6w4SPJlfRh0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXXEN7SbWJ7MUAItrQ0m/W57XjSMB8GA1UdIwQY
MBaAFOc3D7CeUiOtHkSPTA8WL+qZWntWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUt
OTdlMzU1ZTUxZWYzLzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUtOTdlMzU1ZTUxZWYz
LzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbUxGg+Tx
ZumORFdH8H5gRgaCNO2yUo3VUG/AsWjQJ+LmstvoQPLhcASYQ0VsBeRNcA9inZHs
F5TEqwrmsSCllPU+GarqffZs+HknNCo2nIj3IGbMScpb2f8HIWgg2myRlIS8Pubm
F3JhGysTpkOxUFJE3NWY2/76kHBYLUrZqU/rSfk0LqDTFV6NapHH9it5ZvZlZw0u
v+PHzwER2prA6smgpqvhU6USPG15SPzEDYnGaJ2OYGLaoJgDMAK1qjFzoUWd1E7N
F7RO+W+7N395r0QyCGBtYlYk+FRu2J0R2G1nNGYpbm5L3RDuoRb8XEhosgpQleyP
AXRRfaqfKUV1fA==
-----END CERTIFICATE-----