Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          J6f8hVtViwQAZ/U1PoVkMKYTL+HYRSvKc7BWostJ/RQ=
Subject key identifier:   6B:6F:D9:99:1E:A9:F5:0D:D2:70:0A:B3:27:89:A4:22:64:4A:64:4A
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019D26282349A8442DAE6AA534E3877B4A3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          05AF
Signing time:             Wed 25 Mar 2026 18:00:57 +0000
Manifest this update:     Wed 25 Mar 2026 18:00:57 +0000
Manifest next update:     Thu 26 Mar 2026 18:00:57 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: 22LEgdR3cdlXW9jkkAAPTGdP4m0Bn/HWCZFJxm9qYUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 18:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:23:49:a8:44:2d:ae:6a:a5:34:e3:87:7b:4a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Mar 25 18:00:57 2026 GMT
            Not After : Mar 26 18:00:57 2026 GMT
        Subject: CN=6b6fd9991ea9f50dd2700ab32789a422644a644a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:90:6f:06:c7:c9:c6:54:26:fd:d2:c8:6d:80:
                    7b:93:9f:08:7b:29:1d:96:ec:64:6f:1c:e7:c3:95:
                    c4:b5:14:9a:20:62:13:3a:e0:98:6b:22:6e:82:1d:
                    24:79:22:a4:76:a6:b6:1d:d4:bc:40:00:25:0e:7e:
                    db:e6:e8:48:2c:c7:b5:67:72:e4:47:04:4a:d4:ee:
                    8a:67:d5:35:a4:e5:d1:a5:16:2e:da:93:96:4e:09:
                    22:83:86:61:55:d8:4c:0c:72:bd:51:1e:7e:6d:25:
                    cb:1d:a5:f1:49:b5:17:af:9f:6d:55:e7:1b:6e:44:
                    e3:a9:bd:4d:e2:1f:f5:49:2c:ed:dc:50:59:1e:9f:
                    19:64:43:a6:67:f4:4a:07:a6:7f:98:83:df:cd:68:
                    be:a5:0b:75:d5:c1:61:6e:9a:bd:64:fd:56:8e:16:
                    eb:98:c0:aa:20:18:64:5c:31:26:58:77:83:2c:0a:
                    71:43:d8:11:8e:55:ad:e0:0e:5c:e5:18:b5:39:51:
                    63:26:cd:0f:a6:ec:da:1d:05:65:ca:93:45:e0:47:
                    d4:49:df:9d:83:d4:67:40:7d:78:31:4f:8d:c8:78:
                    37:7f:b0:50:86:85:a8:f8:f4:e7:7e:01:33:92:45:
                    5c:57:2f:b6:45:9d:da:33:a3:2f:ca:f6:74:b7:e7:
                    d1:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:6F:D9:99:1E:A9:F5:0D:D2:70:0A:B3:27:89:A4:22:64:4A:64:4A
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:90:51:76:1d:1a:54:c9:67:e7:37:99:4f:66:87:a0:2a:b8:
         cd:b4:00:91:1b:b3:7c:62:01:ec:62:01:f1:ee:f9:f2:e4:2c:
         ce:28:38:a0:06:5a:95:e3:10:04:8d:4a:24:74:b8:78:0a:8c:
         7e:85:54:11:3f:16:91:12:d8:22:63:26:d6:61:22:70:57:30:
         ed:94:c9:3a:d7:4a:0c:3f:4d:2f:08:26:2d:7a:ad:3e:7d:4e:
         a0:6b:2b:5d:fd:0d:7b:f5:15:76:e0:de:70:c4:25:95:42:60:
         d9:7c:cd:05:b1:9f:7a:d2:db:42:6d:ef:c1:a4:39:8a:7d:81:
         bf:2f:21:c0:28:81:ed:4c:b4:5a:ef:02:48:dd:98:3d:5a:82:
         80:24:b3:ec:46:64:fc:a8:a6:32:e8:ee:60:2b:67:fd:b7:04:
         97:21:b2:1e:97:cd:c3:7f:ce:26:6b:19:ce:0a:87:87:dd:cf:
         9f:cf:b3:59:1e:0d:3e:a3:c3:17:71:4b:dd:ba:87:58:ed:59:
         d0:93:5f:49:ed:07:9f:a5:76:3d:4f:6d:45:b5:52:94:61:19:
         b6:7e:4b:78:65:16:95:cb:00:d2:23:80:68:58:3c:50:00:dc:
         97:95:e9:e3:e8:ad:5b:e3:61:07:47:06:27:94:ff:8e:cc:f5:
         b2:79:69:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKCNJqEQtrmqlNOOHe0o8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjYwMzI1MTgwMDU3WhcNMjYwMzI2MTgwMDU3WjAzMTEwLwYDVQQD
Eyg2YjZmZDk5OTFlYTlmNTBkZDI3MDBhYjMyNzg5YTQyMjY0NGE2NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5BvBsfJxlQm/dLIbYB7k58Ieykd
luxkbxznw5XEtRSaIGITOuCYayJugh0keSKkdqa2HdS8QAAlDn7b5uhILMe1Z3Lk
RwRK1O6KZ9U1pOXRpRYu2pOWTgkig4ZhVdhMDHK9UR5+bSXLHaXxSbUXr59tVecb
bkTjqb1N4h/1SSzt3FBZHp8ZZEOmZ/RKB6Z/mIPfzWi+pQt11cFhbpq9ZP1Wjhbr
mMCqIBhkXDEmWHeDLApxQ9gRjlWt4A5c5Ri1OVFjJs0PpuzaHQVlypNF4EfUSd+d
g9RnQH14MU+NyHg3f7BQhoWo+PTnfgEzkkVcVy+2RZ3aM6MvyvZ0t+fR0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtv2ZkeqfUN0nAKsyeJpCJkSmRKMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpBRdh0a
VMln5zeZT2aHoCq4zbQAkRuzfGIB7GIB8e758uQszig4oAZaleMQBI1KJHS4eAqM
foVUET8WkRLYImMm1mEicFcw7ZTJOtdKDD9NLwgmLXqtPn1OoGsrXf0Ne/UVduDe
cMQllUJg2XzNBbGfetLbQm3vwaQ5in2Bvy8hwCiB7Uy0Wu8CSN2YPVqCgCSz7EZk
/KimMujuYCtn/bcElyGyHpfNw3/OJmsZzgqHh93Pn8+zWR4NPqPDF3FL3bqHWO1Z
0JNfSe0Hn6V2PU9tRbVSlGEZtn5LeGUWlcsA0iOAaFg8UADcl5Xp4+itW+NhB0cG
J5T/jsz1snlplw==
-----END CERTIFICATE-----