Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
File:                     L5FDTuFsYTNOwnDfVox3oLXeBSo.mft (raw, json)
Hash identifier:          Rb/ifMysBQmgn+8/x/a1va4+2C46UVlg+mMgnLHge74=
Subject key identifier:   C8:F2:5F:0E:E4:36:DD:FE:16:0C:0D:59:54:B6:7E:51:B7:39:A2:9F
Authority key identifier: 2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A
Certificate issuer:       /CN=2f91434ee16c61334ec270df568c77a0b5de052a
Certificate serial:       019D258331761A881428CEEA06DCF2A36F7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
Manifest number:          0F6A
Signing time:             Wed 25 Mar 2026 15:00:47 +0000
Manifest this update:     Wed 25 Mar 2026 15:00:47 +0000
Manifest next update:     Thu 26 Mar 2026 15:00:47 +0000
Files and hashes:         1: L5FDTuFsYTNOwnDfVox3oLXeBSo.crl (hash: wm7OCBFM0eQQRTgVbJD2NuHCjdavW+5Xlv1bZJqtFNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:31:76:1a:88:14:28:ce:ea:06:dc:f2:a3:6f:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f91434ee16c61334ec270df568c77a0b5de052a
        Validity
            Not Before: Mar 25 15:00:47 2026 GMT
            Not After : Mar 26 15:00:47 2026 GMT
        Subject: CN=c8f25f0ee436ddfe160c0d5954b67e51b739a29f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:49:ef:db:77:0e:23:e2:cb:56:50:92:52:00:
                    47:79:37:1e:52:0b:66:65:80:33:ee:fd:32:f0:07:
                    ff:cf:43:99:94:97:19:19:93:2c:5f:b1:bc:89:02:
                    fb:05:9d:9f:06:6a:af:bb:b0:ef:d3:ec:2f:78:fe:
                    c7:6d:f3:bc:bc:2b:24:79:56:c7:26:c2:64:de:7b:
                    7b:cd:d4:91:11:e2:a9:e4:d6:8a:05:23:f5:39:f3:
                    66:89:5e:97:bf:2e:67:1e:d2:39:fd:e5:f7:f4:c9:
                    8f:51:b7:ca:be:00:63:62:10:a1:c5:84:f4:5a:c2:
                    89:df:2b:c3:b6:85:6f:e1:b3:93:d9:f1:c9:21:65:
                    24:3c:48:f7:72:df:57:98:30:41:16:81:39:6c:a7:
                    c3:ff:de:20:a0:43:1f:73:31:a0:90:bd:d1:3f:88:
                    9b:e9:dd:93:fe:fa:0f:c6:e4:84:80:f7:a4:5a:ed:
                    78:09:c1:52:74:43:64:2d:45:b3:ed:47:db:22:0c:
                    e0:a7:b4:a9:51:25:a9:60:21:ab:9b:d4:28:3f:03:
                    cf:cf:2c:74:4b:aa:a1:ed:70:9c:91:76:f2:a7:b9:
                    75:92:f5:5d:e9:76:58:2d:c0:c9:94:e6:a8:37:2f:
                    cf:fe:ba:75:df:1e:58:fc:86:fd:39:b9:d6:bc:84:
                    e5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:F2:5F:0E:E4:36:DD:FE:16:0C:0D:59:54:B6:7E:51:B7:39:A2:9F
            X509v3 Authority Key Identifier:
                keyid:2F:91:43:4E:E1:6C:61:33:4E:C2:70:DF:56:8C:77:A0:B5:DE:05:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5FDTuFsYTNOwnDfVox3oLXeBSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/cd41ba-2ea7-474f-8941-5fdb3228fe1f/1/L5FDTuFsYTNOwnDfVox3oLXeBSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:a9:ec:1a:25:ef:1b:3c:55:cd:7f:4b:52:c6:02:31:63:ac:
         03:21:58:1d:e6:0a:1d:62:32:93:54:d2:fb:ee:33:5e:f9:92:
         0e:c3:44:ba:60:9a:7b:19:a6:5c:e3:c3:1c:1c:d2:bd:ce:f8:
         73:e8:7d:b5:76:01:1d:db:2f:2f:29:4b:2e:c1:38:0d:7d:21:
         c9:35:f4:47:65:f1:bd:8e:80:dc:e9:3e:56:11:0a:02:19:ee:
         e9:dc:48:f2:88:f9:a8:67:83:79:41:10:82:61:4d:24:72:59:
         72:76:00:66:90:16:51:0a:6a:b1:06:01:12:74:20:96:b4:fa:
         a6:46:e3:fd:de:42:aa:7c:f2:52:ff:c5:7f:ad:3d:26:ac:7b:
         b1:9b:3e:61:2e:6b:e7:6b:0c:a7:9c:60:42:4d:fe:20:33:a6:
         4a:3e:2e:41:c8:21:b7:57:e2:ee:1a:44:d7:6d:ac:68:78:7e:
         52:a6:7e:6f:3b:2e:e8:00:7f:8b:5e:29:4a:67:08:bf:3e:bc:
         bb:6d:04:e5:d4:cb:04:ed:59:78:0b:f2:12:a0:94:a2:6d:b4:
         e7:e2:a9:14:52:08:4a:5a:cf:1e:bd:c1:2c:cd:7f:b9:07:1f:
         fc:02:2d:26:21:32:53:0b:f6:b1:67:6d:5a:62:d8:94:a9:a9:
         37:9f:ca:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lgzF2GogUKM7qBtzyo29/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTE0MzRlZTE2YzYxMzM0ZWMyNzBkZjU2OGM3N2EwYjVk
ZTA1MmEwHhcNMjYwMzI1MTUwMDQ3WhcNMjYwMzI2MTUwMDQ3WjAzMTEwLwYDVQQD
EyhjOGYyNWYwZWU0MzZkZGZlMTYwYzBkNTk1NGI2N2U1MWI3MzlhMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Env23cOI+LLVlCSUgBHeTceUgtm
ZYAz7v0y8Af/z0OZlJcZGZMsX7G8iQL7BZ2fBmqvu7Dv0+wveP7HbfO8vCskeVbH
JsJk3nt7zdSREeKp5NaKBSP1OfNmiV6Xvy5nHtI5/eX39MmPUbfKvgBjYhChxYT0
WsKJ3yvDtoVv4bOT2fHJIWUkPEj3ct9XmDBBFoE5bKfD/94goEMfczGgkL3RP4ib
6d2T/voPxuSEgPekWu14CcFSdENkLUWz7UfbIgzgp7SpUSWpYCGrm9QoPwPPzyx0
S6qh7XCckXbyp7l1kvVd6XZYLcDJlOaoNy/P/rp13x5Y/Ib9ObnWvITl3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjyXw7kNt3+FgwNWVS2flG3OaKfMB8GA1UdIwQY
MBaAFC+RQ07hbGEzTsJw31aMd6C13gUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jZDQxYmEtMmVhNy00NzRmLTg5NDEt
NWZkYjMyMjhmZTFmLzEvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jZDQxYmEtMmVhNy00NzRmLTg5NDEtNWZkYjMyMjhmZTFm
LzEvTDVGRFR1RnNZVE5Pd25EZlZveDNvTFhlQlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA06nsGiXv
GzxVzX9LUsYCMWOsAyFYHeYKHWIyk1TS++4zXvmSDsNEumCaexmmXOPDHBzSvc74
c+h9tXYBHdsvLylLLsE4DX0hyTX0R2XxvY6A3Ok+VhEKAhnu6dxI8oj5qGeDeUEQ
gmFNJHJZcnYAZpAWUQpqsQYBEnQglrT6pkbj/d5CqnzyUv/Ff609Jqx7sZs+YS5r
52sMp5xgQk3+IDOmSj4uQcght1fi7hpE122saHh+UqZ+bzsu6AB/i14pSmcIvz68
u20E5dTLBO1ZeAvyEqCUom205+KpFFIISlrPHr3BLM1/uQcf/AItJiEyUwv2sWdt
WmLYlKmpN5/Kww==
-----END CERTIFICATE-----