Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
File:                     5zcPsJ5SI60eRI9MDxYv6plae1Y.mft (raw, json)
Hash identifier:          0eK+/Qbq6Yt3nteSRgN1wxdVK/XI+B0asRY/8Pugxu0=
Subject key identifier:   42:63:86:FD:7B:19:DB:4C:CC:33:A0:6B:54:34:B6:96:AA:94:17:C1
Authority key identifier: E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56
Certificate issuer:       /CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
Certificate serial:       019E1E35BC71E03E6929000D0D05C31A821C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
Manifest number:          1725
Signing time:             Tue 12 May 2026 22:01:38 +0000
Manifest this update:     Tue 12 May 2026 22:01:38 +0000
Manifest next update:     Wed 13 May 2026 22:01:38 +0000
Files and hashes:         1: 5zcPsJ5SI60eRI9MDxYv6plae1Y.crl (hash: 6/+5Li0XkPV4Z+d7n/b1TaPK7ncD0KFEDfrSkiYctKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:bc:71:e0:3e:69:29:00:0d:0d:05:c3:1a:82:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7370fb09e5223ad1e448f4c0f162fea995a7b56
        Validity
            Not Before: May 12 22:01:38 2026 GMT
            Not After : May 13 22:01:38 2026 GMT
        Subject: CN=426386fd7b19db4ccc33a06b5434b696aa9417c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fa:8b:24:77:28:1b:97:a7:57:60:1d:db:00:
                    e1:a5:94:02:9e:ef:24:4b:c5:59:af:bb:97:15:c2:
                    0f:09:f9:dd:94:ea:5b:ea:fa:35:db:e2:8d:d2:08:
                    eb:eb:c1:c8:34:3e:8c:2d:67:3b:0b:71:31:41:d0:
                    47:70:38:ce:83:18:78:d6:69:bb:f8:3b:ad:29:c3:
                    49:62:73:91:bc:eb:f8:6a:f3:81:7a:cd:90:c1:ee:
                    97:b2:f8:58:58:b3:54:46:c6:79:c3:ea:d4:67:da:
                    61:0e:73:3f:b0:17:33:6d:7f:45:25:c8:11:b4:21:
                    03:5d:e3:b4:5f:f7:1c:b3:4e:4a:8e:62:1f:9f:ed:
                    4a:6a:3d:eb:64:6b:7d:52:08:d3:34:32:2e:23:31:
                    48:af:26:71:4a:6e:29:58:1e:97:43:0c:bf:8e:92:
                    76:2c:3a:41:ea:6f:64:ee:17:cb:31:c7:c3:44:31:
                    e2:5a:3a:67:33:8d:55:ad:b7:b1:44:a4:2c:d9:90:
                    c4:e1:82:f2:5c:fc:22:db:dc:0e:15:30:1f:ca:91:
                    91:ec:f9:30:8a:60:d1:29:fc:7c:70:e4:86:97:2c:
                    a7:ed:c8:1d:49:d4:22:26:d8:07:17:66:0b:7a:ba:
                    c0:1a:6f:ad:03:22:a9:4f:0f:a0:2f:00:8c:da:90:
                    ca:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:63:86:FD:7B:19:DB:4C:CC:33:A0:6B:54:34:B6:96:AA:94:17:C1
            X509v3 Authority Key Identifier:
                keyid:E7:37:0F:B0:9E:52:23:AD:1E:44:8F:4C:0F:16:2F:EA:99:5A:7B:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zcPsJ5SI60eRI9MDxYv6plae1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f2293-7dba-437b-af85-97e355e51ef3/1/5zcPsJ5SI60eRI9MDxYv6plae1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:a0:89:44:6c:60:27:1c:c4:fd:cd:eb:83:b6:49:70:07:8d:
         97:31:77:b9:45:a5:0e:e3:58:d4:3c:f4:e1:26:0a:71:6e:2b:
         d7:7e:42:f6:41:ed:c9:2d:4a:d4:80:2f:ba:5b:86:90:6e:e5:
         89:f8:4c:70:cd:38:00:62:fb:55:a8:17:bb:11:10:57:e1:04:
         24:f2:c9:54:de:ee:69:71:da:13:03:d5:2f:5e:db:d1:6b:64:
         cc:fd:e2:02:a2:c4:82:d3:30:0f:11:b5:72:59:f1:69:f7:66:
         88:f2:da:c2:46:e4:6b:a5:f2:80:04:3b:15:6f:1d:58:c3:37:
         e4:3f:bb:44:cb:75:07:4d:cc:15:f2:c3:15:c2:a5:c1:9b:b7:
         68:38:84:a7:c2:91:e6:75:ff:aa:8a:ba:cf:83:bb:bc:b4:2e:
         00:a5:22:0b:87:46:f9:4d:5f:7d:7a:fb:39:5b:e3:7e:a9:a2:
         cc:63:9d:a4:34:e7:e3:4d:37:ad:c3:e0:6f:37:19:81:e9:61:
         d9:25:1e:f8:7a:7a:5c:53:4b:0e:c0:b9:1f:30:36:e6:6b:af:
         e0:b6:f2:a6:99:64:c1:0d:22:76:1f:9e:b5:04:b8:6e:d7:bc:
         7c:d7:e1:3d:d9:cb:02:ff:5e:2e:df:ca:33:5e:db:f1:bf:19:
         85:b5:1e:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNbxx4D5pKQANDQXDGoIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzcwZmIwOWU1MjIzYWQxZTQ0OGY0YzBmMTYyZmVhOTk1
YTdiNTYwHhcNMjYwNTEyMjIwMTM4WhcNMjYwNTEzMjIwMTM4WjAzMTEwLwYDVQQD
Eyg0MjYzODZmZDdiMTlkYjRjY2MzM2EwNmI1NDM0YjY5NmFhOTQxN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PqLJHcoG5enV2Ad2wDhpZQCnu8k
S8VZr7uXFcIPCfndlOpb6vo12+KN0gjr68HIND6MLWc7C3ExQdBHcDjOgxh41mm7
+DutKcNJYnORvOv4avOBes2Qwe6XsvhYWLNURsZ5w+rUZ9phDnM/sBczbX9FJcgR
tCEDXeO0X/ccs05KjmIfn+1Kaj3rZGt9UgjTNDIuIzFIryZxSm4pWB6XQwy/jpJ2
LDpB6m9k7hfLMcfDRDHiWjpnM41VrbexRKQs2ZDE4YLyXPwi29wOFTAfypGR7Pkw
imDRKfx8cOSGlyyn7cgdSdQiJtgHF2YLerrAGm+tAyKpTw+gLwCM2pDKWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJjhv17GdtMzDOga1Q0tpaqlBfBMB8GA1UdIwQY
MBaAFOc3D7CeUiOtHkSPTA8WL+qZWntWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUt
OTdlMzU1ZTUxZWYzLzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjIyOTMtN2RiYS00MzdiLWFmODUtOTdlMzU1ZTUxZWYz
LzEvNXpjUHNKNVNJNjBlUkk5TUR4WXY2cGxhZTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6CJRGxg
JxzE/c3rg7ZJcAeNlzF3uUWlDuNY1Dz04SYKcW4r135C9kHtyS1K1IAvuluGkG7l
ifhMcM04AGL7VagXuxEQV+EEJPLJVN7uaXHaEwPVL17b0WtkzP3iAqLEgtMwDxG1
clnxafdmiPLawkbka6XygAQ7FW8dWMM35D+7RMt1B03MFfLDFcKlwZu3aDiEp8KR
5nX/qoq6z4O7vLQuAKUiC4dG+U1ffXr7OVvjfqmizGOdpDTn4003rcPgbzcZgelh
2SUe+Hp6XFNLDsC5HzA25muv4LbypplkwQ0idh+etQS4bte8fNfhPdnLAv9eLt/K
M17b8b8ZhbUelQ==
-----END CERTIFICATE-----