Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          8wtYhq8XpdNfHI58pfVrlOlwNUbgexKDQbb/WJ8dNbQ=
Subject key identifier:   79:7B:11:47:22:CF:23:0C:E0:12:FD:11:5E:97:8E:88:62:BD:4E:05
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019CABA1C42C6C844AF54679E7BE5FA40D65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0ECB
Signing time:             Sun 01 Mar 2026 23:00:31 +0000
Manifest this update:     Sun 01 Mar 2026 23:00:31 +0000
Manifest next update:     Mon 02 Mar 2026 23:00:31 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: 1+te2maD4VX7Bo6bckwGOw/en2PGP726eRn9LjkbfjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a1:c4:2c:6c:84:4a:f5:46:79:e7:be:5f:a4:0d:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Mar  1 23:00:31 2026 GMT
            Not After : Mar  2 23:00:31 2026 GMT
        Subject: CN=797b114722cf230ce012fd115e978e8862bd4e05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:37:c5:fa:71:36:10:3b:6b:b8:9e:4d:1e:9d:
                    ce:3d:60:34:07:4e:ec:19:e7:3d:70:bc:73:b1:81:
                    80:32:46:4a:b8:3e:31:4d:49:67:f4:49:77:c4:26:
                    c1:e5:d7:a3:d5:b8:1b:c2:e2:08:ad:55:86:fd:ec:
                    23:c2:9e:c5:be:5e:57:e6:af:b0:54:37:05:04:a7:
                    ca:d4:b9:df:e4:3b:b0:ba:1b:b1:8d:91:3d:47:03:
                    04:af:61:a3:fa:94:79:43:99:cd:d1:e6:54:00:0f:
                    b7:d8:68:e9:44:2e:43:7f:b9:ec:16:21:1b:66:8d:
                    21:98:25:67:ba:d9:fb:18:ef:94:04:a7:49:37:ff:
                    ed:c0:7c:d9:85:50:f2:a9:c0:0f:2a:3e:0f:8f:fa:
                    c2:c2:d0:e8:8f:70:96:6c:26:b8:bf:bb:74:04:69:
                    74:25:67:58:9a:09:fc:af:40:9b:b7:fe:dc:2a:26:
                    fe:76:06:b5:34:ca:15:ec:ee:91:24:f5:2b:e8:1d:
                    a0:a0:4c:39:c0:d4:63:71:1e:e3:4a:bc:58:56:84:
                    8c:7d:de:ec:d9:ef:6d:c6:35:3d:aa:c1:08:95:44:
                    aa:ec:45:79:94:1b:24:e8:73:03:64:da:1f:b0:6e:
                    95:d8:7c:bf:49:59:e6:33:9d:5e:74:48:52:a6:76:
                    19:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:7B:11:47:22:CF:23:0C:E0:12:FD:11:5E:97:8E:88:62:BD:4E:05
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:2e:3b:14:ff:26:38:ad:fb:bb:c6:09:28:a3:c7:29:98:40:
         52:02:48:e5:67:c9:3e:4f:d5:67:a9:01:27:88:de:ba:a8:84:
         d5:5b:ad:ed:c0:02:00:e3:32:c3:7c:9d:e7:b8:93:19:d8:5c:
         65:db:9a:fc:39:a0:64:f7:40:2a:50:c7:44:67:13:56:cb:a1:
         b5:89:01:66:42:cb:2b:6f:7a:6f:5e:d5:46:b0:1e:8f:5f:2d:
         ef:c0:04:93:13:36:6c:f7:10:46:63:e8:f9:30:e3:1b:2c:e2:
         46:65:29:fe:87:aa:29:df:c0:94:51:71:48:55:b9:1b:d1:9f:
         26:a3:83:63:f8:2c:1b:d9:d7:85:62:0e:69:d6:9e:13:df:52:
         ed:ef:7a:59:e6:8e:6a:4c:83:7c:2b:4b:53:27:c6:2c:31:19:
         1c:33:c1:ae:3b:00:a7:73:ce:09:a6:e3:69:f3:a2:8e:ed:8c:
         91:73:5c:74:b3:1a:c9:aa:43:06:12:cc:65:40:0b:06:de:1f:
         ee:52:b5:cf:e4:c4:97:86:34:22:ca:f6:10:cb:09:fa:c5:b2:
         0d:47:38:50:6a:93:61:d8:af:1b:86:e1:12:3f:e8:9c:7b:40:
         60:85:42:7f:e2:60:c7:db:8c:54:8c:84:7a:2d:b6:5b:58:cc:
         3f:d4:b4:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrocQsbIRK9UZ5575fpA1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjYwMzAxMjMwMDMxWhcNMjYwMzAyMjMwMDMxWjAzMTEwLwYDVQQD
Eyg3OTdiMTE0NzIyY2YyMzBjZTAxMmZkMTE1ZTk3OGU4ODYyYmQ0ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzfF+nE2EDtruJ5NHp3OPWA0B07s
Gec9cLxzsYGAMkZKuD4xTUln9El3xCbB5dej1bgbwuIIrVWG/ewjwp7Fvl5X5q+w
VDcFBKfK1Lnf5DuwuhuxjZE9RwMEr2Gj+pR5Q5nN0eZUAA+32GjpRC5Df7nsFiEb
Zo0hmCVnutn7GO+UBKdJN//twHzZhVDyqcAPKj4Pj/rCwtDoj3CWbCa4v7t0BGl0
JWdYmgn8r0Cbt/7cKib+dga1NMoV7O6RJPUr6B2goEw5wNRjcR7jSrxYVoSMfd7s
2e9txjU9qsEIlUSq7EV5lBsk6HMDZNofsG6V2Hy/SVnmM51edEhSpnYZhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHl7EUcizyMM4BL9EV6XjohivU4FMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHi47FP8m
OK37u8YJKKPHKZhAUgJI5WfJPk/VZ6kBJ4jeuqiE1Vut7cACAOMyw3yd57iTGdhc
Zdua/DmgZPdAKlDHRGcTVsuhtYkBZkLLK296b17VRrAej18t78AEkxM2bPcQRmPo
+TDjGyziRmUp/oeqKd/AlFFxSFW5G9GfJqODY/gsG9nXhWIOadaeE99S7e96WeaO
akyDfCtLUyfGLDEZHDPBrjsAp3POCabjafOiju2MkXNcdLMayapDBhLMZUALBt4f
7lK1z+TEl4Y0Isr2EMsJ+sWyDUc4UGqTYdivG4bhEj/onHtAYIVCf+Jgx9uMVIyE
ei22W1jMP9S0QQ==
-----END CERTIFICATE-----