Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft
File:                     5BCXLMRZVogEu0t5HXwTz7IoOIM.mft (raw, json)
Hash identifier:          YKHJGSjMTOyC5KTXOjHBB5g6aP6JB1Q7KRMDREWq6jM=
Subject key identifier:   38:53:88:EC:CF:0F:F7:5F:CC:87:5F:AC:37:B9:15:CE:11:4F:1C:4A
Authority key identifier: E4:10:97:2C:C4:59:56:88:04:BB:4B:79:1D:7C:13:CF:B2:28:38:83
Certificate issuer:       /CN=e410972cc459568804bb4b791d7c13cfb2283883
Certificate serial:       019D29CE472FB37FD52756D0ADB1D991E911
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BCXLMRZVogEu0t5HXwTz7IoOIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft
Manifest number:          1656
Signing time:             Thu 26 Mar 2026 11:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:17 +0000
Files and hashes:         1: 5BCXLMRZVogEu0t5HXwTz7IoOIM.crl (hash: LZgaTM/qBAbAAVFxIglXGVducGGoa79stwTXW6YcL3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BCXLMRZVogEu0t5HXwTz7IoOIM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:47:2f:b3:7f:d5:27:56:d0:ad:b1:d9:91:e9:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e410972cc459568804bb4b791d7c13cfb2283883
        Validity
            Not Before: Mar 26 11:01:17 2026 GMT
            Not After : Mar 27 11:01:17 2026 GMT
        Subject: CN=385388eccf0ff75fcc875fac37b915ce114f1c4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:de:26:7d:3a:6f:09:07:bb:01:30:98:2c:df:
                    a6:3e:cb:72:e1:8a:77:b1:fa:b2:f4:fd:6c:4f:97:
                    f2:e9:b0:63:23:4e:01:4d:bf:54:3d:7e:99:30:c7:
                    81:0e:09:b0:08:0d:e2:9d:6e:2a:f2:29:fe:9b:5a:
                    c9:0c:0e:46:ad:ce:4b:e4:e8:e1:44:a3:3c:bb:5f:
                    02:fa:55:81:16:1d:63:96:99:17:75:2d:ef:9f:9b:
                    a7:4d:32:52:89:71:dc:08:b5:8c:49:a2:ac:43:de:
                    28:13:c9:f0:5e:a4:a3:2c:5c:45:89:06:30:a3:65:
                    d0:7a:62:98:41:8d:6e:9d:77:b0:5e:76:9b:bd:4e:
                    90:78:89:3c:cd:2b:a7:42:f6:e1:a5:34:b8:e6:d7:
                    b9:7a:e5:eb:47:f9:fb:c4:b9:ee:59:75:f3:b3:46:
                    38:b5:22:8f:32:ed:02:a6:08:54:71:00:ad:64:b3:
                    0f:ef:5c:7a:69:46:6a:46:6d:5d:0f:df:87:e5:26:
                    f4:7c:c5:47:10:ed:20:59:22:8e:93:a8:3f:87:71:
                    3c:05:f4:cb:ef:b3:09:17:8c:b5:8e:27:4f:c9:61:
                    a3:84:a7:0e:5b:45:42:5f:a9:9a:38:42:30:f7:f3:
                    d2:d7:02:19:1d:09:0c:ee:36:42:91:f7:6b:b0:80:
                    40:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:53:88:EC:CF:0F:F7:5F:CC:87:5F:AC:37:B9:15:CE:11:4F:1C:4A
            X509v3 Authority Key Identifier:
                keyid:E4:10:97:2C:C4:59:56:88:04:BB:4B:79:1D:7C:13:CF:B2:28:38:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BCXLMRZVogEu0t5HXwTz7IoOIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/306e62-e584-492a-bf46-f27cef4ba224/1/5BCXLMRZVogEu0t5HXwTz7IoOIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:0f:e6:3c:69:77:8b:8a:7c:e9:59:22:9e:6e:4f:94:a7:46:
         a9:75:84:bb:d0:e1:3c:f2:76:7d:09:37:f7:5d:e7:f0:bd:8a:
         42:9f:0e:ee:10:4a:ab:5f:53:15:6f:d1:e6:44:2d:5d:fc:e4:
         0d:89:b1:1b:a8:4e:1e:41:34:fa:f3:6c:5a:2f:a4:c4:8a:fd:
         0f:28:e8:84:d1:08:79:9e:ec:17:bb:09:99:f9:21:99:a0:94:
         c7:66:90:68:72:45:49:17:e5:a2:34:53:66:26:c1:4b:45:59:
         2d:fc:d2:ba:6b:c4:c3:a0:93:f2:d3:68:2f:49:32:80:af:d8:
         04:fe:9c:d9:6b:4a:41:a4:95:3e:ec:c4:e1:a1:2b:f4:c5:41:
         9d:d9:8d:a7:b8:82:a3:09:83:68:be:df:d0:a0:2d:5f:fc:d9:
         85:4a:84:2c:73:bc:49:64:5b:9a:3f:42:1d:d7:83:57:0c:8b:
         4f:3e:3b:87:c1:7f:d5:e8:83:d8:a3:f8:a6:81:7d:cf:cc:02:
         5d:65:9a:d6:12:ea:bc:8a:46:a2:39:8f:5e:c3:78:ea:cd:98:
         54:ac:d7:e6:f0:98:2e:40:d6:a8:60:c6:34:77:a0:a4:d1:41:
         fa:da:ff:1f:ee:de:cc:0b:fb:03:09:7b:87:13:29:a4:b9:48:
         85:fb:cd:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzkcvs3/VJ1bQrbHZkekRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MTA5NzJjYzQ1OTU2ODgwNGJiNGI3OTFkN2MxM2NmYjIy
ODM4ODMwHhcNMjYwMzI2MTEwMTE3WhcNMjYwMzI3MTEwMTE3WjAzMTEwLwYDVQQD
EygzODUzODhlY2NmMGZmNzVmY2M4NzVmYWMzN2I5MTVjZTExNGYxYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd4mfTpvCQe7ATCYLN+mPsty4Yp3
sfqy9P1sT5fy6bBjI04BTb9UPX6ZMMeBDgmwCA3inW4q8in+m1rJDA5Grc5L5Ojh
RKM8u18C+lWBFh1jlpkXdS3vn5unTTJSiXHcCLWMSaKsQ94oE8nwXqSjLFxFiQYw
o2XQemKYQY1unXewXnabvU6QeIk8zSunQvbhpTS45te5euXrR/n7xLnuWXXzs0Y4
tSKPMu0CpghUcQCtZLMP71x6aUZqRm1dD9+H5Sb0fMVHEO0gWSKOk6g/h3E8BfTL
77MJF4y1jidPyWGjhKcOW0VCX6maOEIw9/PS1wIZHQkM7jZCkfdrsIBA7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhTiOzPD/dfzIdfrDe5Fc4RTxxKMB8GA1UdIwQY
MBaAFOQQlyzEWVaIBLtLeR18E8+yKDiDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJDWExNUlpWb2dFdTB0NUhYd1R6N0lvT0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMDZlNjItZTU4NC00OTJhLWJmNDYt
ZjI3Y2VmNGJhMjI0LzEvNUJDWExNUlpWb2dFdTB0NUhYd1R6N0lvT0lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMDZlNjItZTU4NC00OTJhLWJmNDYtZjI3Y2VmNGJhMjI0
LzEvNUJDWExNUlpWb2dFdTB0NUhYd1R6N0lvT0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfg/mPGl3
i4p86Vkinm5PlKdGqXWEu9DhPPJ2fQk3913n8L2KQp8O7hBKq19TFW/R5kQtXfzk
DYmxG6hOHkE0+vNsWi+kxIr9DyjohNEIeZ7sF7sJmfkhmaCUx2aQaHJFSRflojRT
ZibBS0VZLfzSumvEw6CT8tNoL0kygK/YBP6c2WtKQaSVPuzE4aEr9MVBndmNp7iC
owmDaL7f0KAtX/zZhUqELHO8SWRbmj9CHdeDVwyLTz47h8F/1eiD2KP4poF9z8wC
XWWa1hLqvIpGojmPXsN46s2YVKzX5vCYLkDWqGDGNHegpNFB+tr/H+7ezAv7Awl7
hxMppLlIhfvNVw==
-----END CERTIFICATE-----