Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          WMTJVR8l/TsNIEE5aRp19YekFJcna2bFdxgWCwZPNms=
Subject key identifier:   2E:7C:A6:45:42:A8:4E:96:D0:53:D7:09:95:5A:0E:2A:AC:06:C0:8A
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019D992BA57D1ABC7154BB1C89B70DD0AD94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0F46
Signing time:             Fri 17 Apr 2026 02:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 02:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 02:01:07 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: LK3l+jCGcY5X2KlM40LTSLGo4mdlsNbxK1oUiwMiIRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 02:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:a5:7d:1a:bc:71:54:bb:1c:89:b7:0d:d0:ad:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Apr 17 02:01:07 2026 GMT
            Not After : Apr 18 02:01:07 2026 GMT
        Subject: CN=2e7ca64542a84e96d053d709955a0e2aac06c08a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4e:a3:62:41:e4:af:cc:97:59:6e:1a:d4:1b:
                    f4:29:a4:37:d4:49:31:be:de:54:c6:2f:d0:52:e1:
                    72:df:da:c2:9e:91:fa:99:dd:bb:55:0c:e7:c5:d4:
                    90:82:b6:f7:55:ab:4d:29:13:32:8f:6e:22:00:f2:
                    56:44:79:4d:ac:54:df:e2:05:2e:95:61:77:57:73:
                    44:20:21:7e:56:89:ae:07:aa:10:fe:03:e0:81:28:
                    0e:e9:49:68:5c:f1:29:f0:2e:f5:8c:54:a1:b0:a7:
                    fe:2e:fb:ac:06:df:55:6c:b0:34:a6:ac:7c:be:25:
                    29:ec:80:97:ee:ad:3b:0b:2d:ef:4f:7a:4e:be:e0:
                    e3:e3:cf:1a:a9:9c:d1:92:dd:e3:1d:af:94:79:9f:
                    27:b9:65:97:ba:a7:0b:a8:5b:c8:d4:8f:44:40:15:
                    df:47:57:b3:7c:85:12:1a:fc:29:b1:9c:90:34:2e:
                    58:e8:01:0d:21:89:11:96:37:88:a3:c5:5f:36:27:
                    b9:3e:8a:94:99:6b:cc:4b:cd:47:bc:5f:8d:a2:c5:
                    16:1e:02:6b:63:60:09:31:1c:25:b8:f5:79:0c:8b:
                    3a:a5:7a:e7:42:62:ac:75:a9:cb:20:22:d9:bc:51:
                    6b:be:07:ad:8e:14:5e:3d:3a:25:ad:2e:4e:ef:49:
                    91:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:7C:A6:45:42:A8:4E:96:D0:53:D7:09:95:5A:0E:2A:AC:06:C0:8A
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:fb:97:4a:5e:07:6e:d8:b9:ab:87:b8:4f:29:9b:9c:5d:ea:
         9a:51:38:e7:33:b8:c9:e9:8b:18:45:f8:43:dd:e3:a2:62:ed:
         c2:13:84:36:8f:ae:38:6f:bf:74:b4:a0:a8:77:4f:dd:f9:23:
         20:c9:54:c7:0b:43:98:42:6d:08:48:4e:08:b1:1d:00:4e:d5:
         25:e0:20:ee:09:c4:d9:c2:43:c3:00:6b:bd:19:f8:ca:f8:7d:
         07:dc:1e:b4:c7:43:66:fa:d1:df:ea:e7:a9:2c:46:d9:1d:f3:
         48:80:a1:72:80:ff:48:d6:c9:3e:59:94:06:c4:15:0c:c0:5f:
         e2:44:e3:94:41:48:ae:5f:9c:a2:01:4e:81:93:d2:ba:8b:04:
         e8:bb:02:a8:e0:af:44:c9:83:48:8c:09:1f:8c:48:a4:97:c2:
         35:a6:c8:a0:ef:17:07:80:bc:ab:d1:a8:5e:1b:95:55:f9:18:
         cf:1e:61:e4:37:1d:b4:3f:b6:57:1d:b7:99:62:43:c1:70:f3:
         21:93:65:b1:cb:11:c4:42:15:7d:f6:77:09:ba:21:4f:71:d3:
         ed:ac:5a:8d:34:38:e0:62:0f:6f:ab:c6:1a:ae:69:c1:e6:95:
         97:24:61:c6:6b:e0:f4:f8:89:74:02:12:2b:05:d5:be:29:f8:
         75:be:07:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK6V9GrxxVLscibcN0K2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjYwNDE3MDIwMTA3WhcNMjYwNDE4MDIwMTA3WjAzMTEwLwYDVQQD
EygyZTdjYTY0NTQyYTg0ZTk2ZDA1M2Q3MDk5NTVhMGUyYWFjMDZjMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU6jYkHkr8yXWW4a1Bv0KaQ31Ekx
vt5Uxi/QUuFy39rCnpH6md27VQznxdSQgrb3VatNKRMyj24iAPJWRHlNrFTf4gUu
lWF3V3NEICF+VomuB6oQ/gPggSgO6UloXPEp8C71jFShsKf+LvusBt9VbLA0pqx8
viUp7ICX7q07Cy3vT3pOvuDj488aqZzRkt3jHa+UeZ8nuWWXuqcLqFvI1I9EQBXf
R1ezfIUSGvwpsZyQNC5Y6AENIYkRljeIo8VfNie5PoqUmWvMS81HvF+NosUWHgJr
Y2AJMRwluPV5DIs6pXrnQmKsdanLICLZvFFrvgetjhRePTolrS5O70mRKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC58pkVCqE6W0FPXCZVaDiqsBsCKMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPPuXSl4H
bti5q4e4TymbnF3qmlE45zO4yemLGEX4Q93jomLtwhOENo+uOG+/dLSgqHdP3fkj
IMlUxwtDmEJtCEhOCLEdAE7VJeAg7gnE2cJDwwBrvRn4yvh9B9wetMdDZvrR3+rn
qSxG2R3zSIChcoD/SNbJPlmUBsQVDMBf4kTjlEFIrl+cogFOgZPSuosE6LsCqOCv
RMmDSIwJH4xIpJfCNabIoO8XB4C8q9GoXhuVVfkYzx5h5DcdtD+2Vx23mWJDwXDz
IZNlscsRxEIVffZ3CbohT3HT7axajTQ44GIPb6vGGq5pweaVlyRhxmvg9PiJdAIS
KwXVvin4db4H1Q==
-----END CERTIFICATE-----