Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File:                     CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier:          LzK3g2PKaa+LKG7rkWouRWjOH+354AEdpbPzkLfjtb8=
Subject key identifier:   AB:C7:A6:41:3C:9F:88:9E:06:3F:AD:A1:BE:4E:7D:22:5F:EB:3D:28
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer:       /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial:       019E1EA2B70235B50995B71C878E1BE2123E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number:          0C5E
Signing time:             Wed 13 May 2026 00:00:40 +0000
Manifest this update:     Wed 13 May 2026 00:00:40 +0000
Manifest next update:     Thu 14 May 2026 00:00:40 +0000
Files and hashes:         1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: hlULT33G86Z1C8YnUxZJzIb9FfQCbj4H9ydM2JcPsR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a2:b7:02:35:b5:09:95:b7:1c:87:8e:1b:e2:12:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
        Validity
            Not Before: May 13 00:00:40 2026 GMT
            Not After : May 14 00:00:40 2026 GMT
        Subject: CN=abc7a6413c9f889e063fada1be4e7d225feb3d28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d7:77:c0:61:da:42:6b:13:70:ac:8c:fb:52:
                    23:ef:5c:11:28:98:da:10:3a:0a:fd:9e:88:31:86:
                    72:3f:ad:8a:cb:13:4c:30:7b:69:15:58:16:bc:7e:
                    aa:30:d6:53:ae:77:3e:93:5f:d5:1c:03:8f:a3:86:
                    c8:2b:5d:2e:83:3b:e8:a2:bd:fe:ce:4c:bf:ac:ff:
                    c4:f9:a5:6f:72:bc:88:e4:4d:40:99:14:b9:e8:2d:
                    b9:eb:16:ba:f4:9b:1f:6a:b2:3e:42:17:88:07:a9:
                    08:02:7e:5e:29:c2:43:15:6b:b8:72:97:35:6d:d5:
                    bb:0b:83:d9:ed:be:3b:a8:0d:38:bf:5b:09:96:78:
                    9b:83:3b:1a:ef:84:9f:41:82:a3:b5:a3:94:a1:1b:
                    41:95:f1:61:d5:46:b6:b5:7f:e8:f6:cb:ce:15:b2:
                    0e:71:00:1f:9f:c5:c8:79:39:3a:8c:ce:b0:cb:88:
                    ac:50:4e:c4:5d:59:af:5c:83:1f:b7:07:2a:a6:87:
                    3d:f5:90:69:a7:51:d3:0a:06:6e:4a:35:4e:75:0e:
                    78:b8:09:36:92:b1:8a:3d:94:73:b9:2d:f1:c2:e7:
                    75:3e:9d:6c:94:73:7d:ae:39:fd:bc:67:a8:2d:72:
                    5c:c1:22:59:b7:e5:44:76:12:2d:b4:1e:c2:aa:65:
                    3a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:C7:A6:41:3C:9F:88:9E:06:3F:AD:A1:BE:4E:7D:22:5F:EB:3D:28
            X509v3 Authority Key Identifier:
                keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:cf:af:d4:e3:84:7d:ea:a7:24:77:9a:51:0e:e0:1a:79:08:
         1b:12:2e:8b:fd:5e:10:13:ef:a6:e9:d2:9e:dc:26:a2:ae:e1:
         34:3c:4d:46:20:a5:a1:76:0c:de:0f:12:90:99:91:ca:4d:cf:
         a3:7d:91:4c:1b:e9:0e:87:2d:61:22:f7:89:26:e7:ec:17:4f:
         29:42:68:10:04:32:36:3b:d6:05:b6:52:fa:a1:11:04:6d:39:
         43:be:ad:0d:9f:59:90:bf:de:2b:9e:94:e9:f1:98:a9:a9:41:
         59:5b:9c:fe:66:7f:7c:e7:34:3a:42:61:38:82:b1:68:60:f4:
         8a:14:be:4e:a0:8d:99:47:ef:83:51:5d:e6:cf:b2:7d:11:f0:
         7b:d8:ae:9a:fc:f6:55:46:28:c6:b1:51:bc:cd:75:b1:24:45:
         f0:8d:e1:55:d0:67:7f:7d:c5:1e:f8:58:5e:13:6b:5b:e2:c0:
         37:ad:33:8a:f6:e0:29:53:2c:cc:12:35:29:82:1a:fe:87:86:
         27:63:3d:4f:53:52:c1:f0:f2:f7:e9:bd:48:50:d9:f6:d4:b7:
         f8:a2:91:b0:cd:d0:ba:e4:74:bf:87:fd:9a:bc:79:7d:96:0b:
         03:11:94:ee:74:45:ed:65:6e:de:ee:3c:57:30:b7:3b:7b:8a:
         14:90:95:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eorcCNbUJlbcch44b4hI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjYwNTEzMDAwMDQwWhcNMjYwNTE0MDAwMDQwWjAzMTEwLwYDVQQD
EyhhYmM3YTY0MTNjOWY4ODllMDYzZmFkYTFiZTRlN2QyMjVmZWIzZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtd3wGHaQmsTcKyM+1Ij71wRKJja
EDoK/Z6IMYZyP62KyxNMMHtpFVgWvH6qMNZTrnc+k1/VHAOPo4bIK10ugzvoor3+
zky/rP/E+aVvcryI5E1AmRS56C256xa69JsfarI+QheIB6kIAn5eKcJDFWu4cpc1
bdW7C4PZ7b47qA04v1sJlnibgzsa74SfQYKjtaOUoRtBlfFh1Ua2tX/o9svOFbIO
cQAfn8XIeTk6jM6wy4isUE7EXVmvXIMftwcqpoc99ZBpp1HTCgZuSjVOdQ54uAk2
krGKPZRzuS3xwud1Pp1slHN9rjn9vGeoLXJcwSJZt+VEdhIttB7CqmU6mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvHpkE8n4ieBj+tob5OfSJf6z0oMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8+v1OOE
feqnJHeaUQ7gGnkIGxIui/1eEBPvpunSntwmoq7hNDxNRiCloXYM3g8SkJmRyk3P
o32RTBvpDoctYSL3iSbn7BdPKUJoEAQyNjvWBbZS+qERBG05Q76tDZ9ZkL/eK56U
6fGYqalBWVuc/mZ/fOc0OkJhOIKxaGD0ihS+TqCNmUfvg1Fd5s+yfRHwe9iumvz2
VUYoxrFRvM11sSRF8I3hVdBnf33FHvhYXhNrW+LAN60zivbgKVMszBI1KYIa/oeG
J2M9T1NSwfDy9+m9SFDZ9tS3+KKRsM3QuuR0v4f9mrx5fZYLAxGU7nRF7WVu3u48
VzC3O3uKFJCVJQ==
-----END CERTIFICATE-----