Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          IK+NxNwfcl7GU954tXQ9/RdmxvFrI8oofHqPCMuRtWE=
Subject key identifier:   58:75:F5:A0:A5:D4:A8:54:B1:E7:87:C0:10:2D:4C:E1:4E:5F:11:98
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       019E1E35E56C754E1D66D0D62344A3CE58C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0C23
Signing time:             Tue 12 May 2026 22:01:49 +0000
Manifest this update:     Tue 12 May 2026 22:01:49 +0000
Manifest next update:     Wed 13 May 2026 22:01:49 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: f3U5fecvKMelYlp4V/RiKQaGShHf1/ig7zUSPwKaTLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 20:10:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:e5:6c:75:4e:1d:66:d0:d6:23:44:a3:ce:58:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: May 12 22:01:49 2026 GMT
            Not After : May 13 22:01:49 2026 GMT
        Subject: CN=5875f5a0a5d4a854b1e787c0102d4ce14e5f1198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d6:3e:5b:18:fd:e6:82:33:0f:59:59:cb:62:
                    a5:43:b4:8b:53:e7:c3:1a:6b:31:94:aa:10:8d:aa:
                    26:06:34:80:27:66:92:27:4b:c2:21:f2:b6:33:c6:
                    fa:c8:03:b4:17:86:ef:f2:e3:3f:da:85:e7:61:ea:
                    3a:75:20:72:5f:d4:aa:85:a2:34:4d:44:33:50:b5:
                    51:fa:b2:88:81:dc:8a:03:91:3b:44:75:a0:75:ef:
                    5b:be:f6:ec:7c:f4:c1:ff:ad:49:2a:ee:d0:0f:6c:
                    29:fa:64:e8:2d:3a:c4:d0:ac:96:86:ae:14:a6:8d:
                    0d:8f:43:a7:f5:8e:60:3c:c3:dc:06:b9:2b:c5:56:
                    c2:4f:d4:65:bb:2e:34:a1:52:cd:20:5d:a5:55:ea:
                    90:bd:4d:61:34:0d:55:33:a6:42:66:94:46:12:a5:
                    dc:66:0d:24:aa:19:a0:eb:4f:f1:ce:22:a0:90:06:
                    b7:05:2b:b1:ac:d8:8f:c0:17:34:61:dd:49:54:0e:
                    a3:72:7a:c4:c4:89:06:91:65:43:a7:42:f1:6f:af:
                    02:76:30:71:f9:cc:81:b0:ae:46:33:d0:4a:20:82:
                    eb:82:ac:c3:46:1d:83:9a:0e:c8:c5:1b:2e:a1:3d:
                    85:d2:1b:de:8f:ea:14:df:c8:e2:f3:2b:12:e6:57:
                    08:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:75:F5:A0:A5:D4:A8:54:B1:E7:87:C0:10:2D:4C:E1:4E:5F:11:98
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:44:37:c0:70:a3:89:7d:5c:22:1d:12:9d:74:56:fc:34:d4:
         2b:e7:15:42:46:35:cd:59:e3:c1:1b:6e:5b:f7:fe:7e:ae:d9:
         07:10:f3:3e:94:8a:5b:48:36:0b:a3:f2:38:74:a5:84:cf:af:
         de:8e:44:ad:8e:7e:21:f9:fb:31:b5:b8:1f:00:86:4a:cd:92:
         89:42:b6:28:a5:63:e4:e1:06:ab:7e:b9:53:1d:60:77:5c:a0:
         8c:74:ff:ea:db:12:b6:e0:2d:8f:f7:a1:6d:dd:0a:04:d0:8e:
         68:bc:4c:75:09:eb:4f:c2:70:9a:00:49:fc:74:03:b6:a2:97:
         c2:90:c7:94:8f:6f:67:87:df:69:1e:41:f4:67:33:6d:6a:91:
         51:6c:ba:bc:a7:ac:35:84:c3:f3:4c:84:4d:a4:64:3b:30:86:
         e2:ce:79:3f:0e:a6:c4:bc:e2:62:da:00:0d:41:63:ab:a1:f2:
         a3:df:19:b8:ae:b5:db:af:f9:3e:dd:7b:cf:52:7e:37:9d:fe:
         22:1c:bc:b1:db:74:fd:d2:fb:bc:12:96:f4:a5:10:ca:d3:d7:
         4a:fd:ab:31:57:36:9f:8d:51:91:61:98:85:48:32:3f:17:a9:
         c2:61:d1:aa:62:4e:ac:2f:aa:09:0f:40:a5:2d:55:2b:57:d4:
         7e:c6:60:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNeVsdU4dZtDWI0SjzljHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjYwNTEyMjIwMTQ5WhcNMjYwNTEzMjIwMTQ5WjAzMTEwLwYDVQQD
Eyg1ODc1ZjVhMGE1ZDRhODU0YjFlNzg3YzAxMDJkNGNlMTRlNWYxMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9Y+Wxj95oIzD1lZy2KlQ7SLU+fD
GmsxlKoQjaomBjSAJ2aSJ0vCIfK2M8b6yAO0F4bv8uM/2oXnYeo6dSByX9SqhaI0
TUQzULVR+rKIgdyKA5E7RHWgde9bvvbsfPTB/61JKu7QD2wp+mToLTrE0KyWhq4U
po0Nj0On9Y5gPMPcBrkrxVbCT9Rluy40oVLNIF2lVeqQvU1hNA1VM6ZCZpRGEqXc
Zg0kqhmg60/xziKgkAa3BSuxrNiPwBc0Yd1JVA6jcnrExIkGkWVDp0Lxb68CdjBx
+cyBsK5GM9BKIILrgqzDRh2Dmg7IxRsuoT2F0hvej+oU38ji8ysS5lcIoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFh19aCl1KhUseeHwBAtTOFOXxGYMB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXkQ3wHCj
iX1cIh0SnXRW/DTUK+cVQkY1zVnjwRtuW/f+fq7ZBxDzPpSKW0g2C6PyOHSlhM+v
3o5ErY5+Ifn7MbW4HwCGSs2SiUK2KKVj5OEGq365Ux1gd1ygjHT/6tsStuAtj/eh
bd0KBNCOaLxMdQnrT8JwmgBJ/HQDtqKXwpDHlI9vZ4ffaR5B9GczbWqRUWy6vKes
NYTD80yETaRkOzCG4s55Pw6mxLziYtoADUFjq6Hyo98ZuK6126/5Pt17z1J+N53+
Ihy8sdt0/dL7vBKW9KUQytPXSv2rMVc2n41RkWGYhUgyPxepwmHRqmJOrC+qCQ9A
pS1VK1fUfsZg7w==
-----END CERTIFICATE-----