Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          +esL/x+Bhz3je2fmxn78HaHF3GH4rYFCgemN/Pw/MYE=
Subject key identifier:   59:6F:AA:1A:44:C7:8F:8E:A7:B8:0D:ED:9F:D0:7B:DD:6D:A4:50:43
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019EC0A3EFCF7ADA76797C12ACB1D973D2C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0FDF
Signing time:             Sat 13 Jun 2026 11:00:29 +0000
Manifest this update:     Sat 13 Jun 2026 11:00:29 +0000
Manifest next update:     Sun 14 Jun 2026 11:00:29 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: 0jlVu5XpYzAVZXQ0iv1myXfMRfM20RzTfi/RgqICUUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 11:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:a3:ef:cf:7a:da:76:79:7c:12:ac:b1:d9:73:d2:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Jun 13 11:00:29 2026 GMT
            Not After : Jun 14 11:00:29 2026 GMT
        Subject: CN=596faa1a44c78f8ea7b80ded9fd07bdd6da45043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:35:4e:a4:f3:e3:63:42:8a:bf:ba:ce:2e:69:
                    6a:34:aa:84:5b:e0:be:d6:16:60:e6:6a:2a:56:87:
                    f9:20:fa:51:c2:9f:70:f0:e4:68:77:10:3c:b3:8b:
                    26:bc:1a:8d:ae:84:6b:e7:17:37:51:65:80:70:cd:
                    b6:13:8d:b7:3e:88:df:13:6a:b4:0a:5a:14:c4:46:
                    99:04:ce:28:69:81:b7:2d:8d:5a:87:54:68:78:b7:
                    6b:60:78:1f:b8:f9:5b:48:3a:fe:87:7c:6e:57:d4:
                    85:89:c2:c2:99:0f:e3:56:46:59:d8:59:18:0c:ca:
                    3c:99:f1:b7:67:f1:5d:b2:51:92:a9:9c:e7:0e:45:
                    de:b1:cf:70:6b:03:65:c3:45:79:72:0a:36:72:7a:
                    b4:1a:30:82:6d:1b:a3:60:77:37:4e:ef:77:86:84:
                    67:da:68:0c:86:d0:43:5f:96:ae:80:d9:09:5f:70:
                    fd:78:83:b5:63:20:8f:73:e4:1f:f6:04:69:88:27:
                    fa:22:8f:a9:12:da:f8:8a:c5:2d:94:d9:0c:68:7e:
                    5c:57:99:ac:e6:58:79:83:e4:a2:cf:aa:85:25:fe:
                    7f:85:25:ca:74:e7:cf:4d:ae:76:7c:44:46:b3:cb:
                    50:cf:d1:ba:b9:7b:8b:55:88:ea:ce:3a:67:4d:19:
                    05:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:6F:AA:1A:44:C7:8F:8E:A7:B8:0D:ED:9F:D0:7B:DD:6D:A4:50:43
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:4a:0a:0e:26:94:ba:fe:d6:26:80:3d:7a:bd:fc:e7:3a:bd:
         91:0e:4c:52:f3:95:0f:96:38:ed:3f:7b:2d:5a:00:55:2e:cf:
         69:49:18:85:8b:e0:31:98:6d:0f:c0:1b:4e:1f:b8:99:18:60:
         06:dc:e3:fb:7f:ec:9e:18:ef:8c:fb:1f:1a:a7:3b:81:99:83:
         24:e9:de:30:11:6b:a5:ca:98:89:74:6e:84:36:38:44:3b:f3:
         c9:ce:c7:a5:44:e3:d9:25:47:80:ea:75:01:22:29:16:23:7b:
         62:75:01:69:9a:e3:d3:d7:d1:04:1e:a4:59:59:3e:1b:65:fb:
         51:14:f8:dd:c7:09:71:ef:09:b2:ca:c2:9a:13:73:81:d9:26:
         b1:8f:42:5a:65:f8:85:4e:10:e5:99:27:5b:31:2d:d6:b5:6a:
         e0:d1:3c:b8:a0:42:7a:1b:d9:c7:54:3e:8c:44:57:3c:97:5b:
         cc:d4:fc:12:52:2c:69:49:27:d9:ed:fa:9a:63:aa:8a:bc:a3:
         79:b9:b8:47:d2:0a:96:a7:17:50:56:a3:73:e6:f7:4b:51:46:
         b6:0f:bf:ab:03:73:8f:f2:ec:9c:c8:73:be:74:24:c8:00:1a:
         9e:ad:b5:99:39:a0:2d:f3:23:13:c9:e6:ff:c5:31:50:e8:50:
         84:89:2f:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Ao+/Petp2eXwSrLHZc9LCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjYwNjEzMTEwMDI5WhcNMjYwNjE0MTEwMDI5WjAzMTEwLwYDVQQD
Eyg1OTZmYWExYTQ0Yzc4ZjhlYTdiODBkZWQ5ZmQwN2JkZDZkYTQ1MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DVOpPPjY0KKv7rOLmlqNKqEW+C+
1hZg5moqVof5IPpRwp9w8ORodxA8s4smvBqNroRr5xc3UWWAcM22E423PojfE2q0
CloUxEaZBM4oaYG3LY1ah1RoeLdrYHgfuPlbSDr+h3xuV9SFicLCmQ/jVkZZ2FkY
DMo8mfG3Z/FdslGSqZznDkXesc9wawNlw0V5cgo2cnq0GjCCbRujYHc3Tu93hoRn
2mgMhtBDX5augNkJX3D9eIO1YyCPc+Qf9gRpiCf6Io+pEtr4isUtlNkMaH5cV5ms
5lh5g+Siz6qFJf5/hSXKdOfPTa52fERGs8tQz9G6uXuLVYjqzjpnTRkFmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlvqhpEx4+Op7gN7Z/Qe91tpFBDMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB0oKDiaU
uv7WJoA9er385zq9kQ5MUvOVD5Y47T97LVoAVS7PaUkYhYvgMZhtD8AbTh+4mRhg
Btzj+3/snhjvjPsfGqc7gZmDJOneMBFrpcqYiXRuhDY4RDvzyc7HpUTj2SVHgOp1
ASIpFiN7YnUBaZrj09fRBB6kWVk+G2X7URT43ccJce8JssrCmhNzgdkmsY9CWmX4
hU4Q5ZknWzEt1rVq4NE8uKBCehvZx1Q+jERXPJdbzNT8ElIsaUkn2e36mmOqiryj
ebm4R9IKlqcXUFajc+b3S1FGtg+/qwNzj/LsnMhzvnQkyAAanq21mTmgLfMjE8nm
/8UxUOhQhIkvOg==
-----END CERTIFICATE-----