Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          k39BJ2Ez7Cl5eTpgx/ycVQFaI5175SywyByLclxmSjs=
Subject key identifier:   51:DD:29:C3:F5:D5:2C:B7:44:37:76:24:96:43:A5:89:56:11:7D:7C
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019CABD97E836F360434C1031C63C2415734
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0EAD
Signing time:             Mon 02 Mar 2026 00:01:23 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:23 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:23 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: kdm/IoRS3xUkvCfuGrgmqdH3Uj4japVs2Nkja3sNq/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:7e:83:6f:36:04:34:c1:03:1c:63:c2:41:57:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Mar  2 00:01:23 2026 GMT
            Not After : Mar  3 00:01:23 2026 GMT
        Subject: CN=51dd29c3f5d52cb7443776249643a58956117d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:06:0e:15:98:b5:34:cf:fb:cb:3b:2f:8e:72:
                    a0:48:4c:10:c4:71:ca:4e:6c:01:21:a6:0f:63:45:
                    fa:78:ba:c0:db:f3:c6:d2:a3:d7:af:2c:f0:2f:d6:
                    1e:06:7a:98:9c:4e:15:b2:e0:8e:b5:cc:eb:8f:b5:
                    44:4d:11:b9:ee:fe:fe:43:d7:5e:81:5a:f2:ec:7e:
                    1e:02:fe:cd:d7:91:32:02:8a:b4:47:b9:fc:e3:46:
                    f2:b3:88:31:6d:11:0f:03:89:a8:13:d3:a8:1a:5d:
                    a9:5e:04:76:52:97:1b:08:9e:fa:6c:61:3c:be:3a:
                    f4:8e:7e:31:36:71:c6:77:f8:c0:13:9e:65:bb:73:
                    17:f0:79:ea:ab:f0:5c:e4:3f:e3:fe:4f:2f:5e:ec:
                    aa:57:8f:7c:0a:d4:72:e7:ef:9d:f4:de:c3:7a:3d:
                    58:6e:bc:65:8c:0b:06:ea:10:d3:03:a5:d2:b1:1c:
                    f9:4c:5d:46:03:38:7b:96:97:0b:9a:3d:2c:0d:e2:
                    8c:ee:3b:f9:09:61:20:40:68:38:df:b6:b0:ed:f9:
                    af:1e:8e:7e:22:33:95:34:fc:5e:a0:e2:02:76:3f:
                    89:5a:be:ff:77:9e:4b:e9:f8:8b:9d:6a:e3:a8:7a:
                    b3:07:08:73:d2:89:70:00:31:b5:75:8b:49:aa:f7:
                    4e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:DD:29:C3:F5:D5:2C:B7:44:37:76:24:96:43:A5:89:56:11:7D:7C
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:39:50:89:96:94:b8:a5:be:d1:c5:6f:23:da:83:d9:b0:d2:
         ad:c9:1b:9f:32:ad:8c:3b:9a:f5:fd:ea:7e:2f:91:a7:cc:d2:
         b2:ab:d5:09:5a:42:d0:3e:b5:ec:d0:f6:98:5f:86:98:87:91:
         be:20:40:25:22:72:2b:3c:e5:50:e6:89:28:ef:c6:dc:eb:06:
         8d:f1:a6:47:19:6f:f2:2f:3a:90:6a:4f:48:8f:e5:8c:69:c7:
         b4:a9:2d:6c:02:bd:36:c5:59:3c:5f:80:eb:c2:ba:5f:e7:16:
         39:0d:d6:65:2d:9d:d7:6d:04:97:45:47:cd:45:1f:08:2c:16:
         f4:2e:ad:8f:97:c5:62:a0:a4:29:e3:d7:b1:52:85:47:e9:f8:
         23:ab:cb:d9:b1:6e:a7:3f:93:de:ae:93:e9:1c:18:b5:45:c3:
         73:1a:ba:97:ed:7f:c5:1c:bb:40:e1:fa:64:8e:b5:3f:d2:83:
         de:aa:dd:09:a9:b8:cb:1a:c6:17:5d:99:ac:c8:87:cf:fa:67:
         cf:a7:a4:62:95:0f:28:b9:40:08:da:55:8b:2e:64:6b:6f:eb:
         f8:24:93:60:8b:4a:73:ef:32:6b:c1:f8:68:8d:10:55:0b:16:
         fd:6c:55:36:54:d4:69:aa:ce:5e:e0:88:36:8e:63:98:f4:89:
         ae:d7:68:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2X6DbzYENMEDHGPCQVc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjYwMzAyMDAwMTIzWhcNMjYwMzAzMDAwMTIzWjAzMTEwLwYDVQQD
Eyg1MWRkMjljM2Y1ZDUyY2I3NDQzNzc2MjQ5NjQzYTU4OTU2MTE3ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwYOFZi1NM/7yzsvjnKgSEwQxHHK
TmwBIaYPY0X6eLrA2/PG0qPXryzwL9YeBnqYnE4VsuCOtczrj7VETRG57v7+Q9de
gVry7H4eAv7N15EyAoq0R7n840bys4gxbREPA4moE9OoGl2pXgR2UpcbCJ76bGE8
vjr0jn4xNnHGd/jAE55lu3MX8Hnqq/Bc5D/j/k8vXuyqV498CtRy5++d9N7Dej1Y
brxljAsG6hDTA6XSsRz5TF1GAzh7lpcLmj0sDeKM7jv5CWEgQGg437aw7fmvHo5+
IjOVNPxeoOICdj+JWr7/d55L6fiLnWrjqHqzBwhz0olwADG1dYtJqvdOmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHdKcP11Sy3RDd2JJZDpYlWEX18MB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmTlQiZaU
uKW+0cVvI9qD2bDSrckbnzKtjDua9f3qfi+Rp8zSsqvVCVpC0D617ND2mF+GmIeR
viBAJSJyKzzlUOaJKO/G3OsGjfGmRxlv8i86kGpPSI/ljGnHtKktbAK9NsVZPF+A
68K6X+cWOQ3WZS2d120El0VHzUUfCCwW9C6tj5fFYqCkKePXsVKFR+n4I6vL2bFu
pz+T3q6T6RwYtUXDcxq6l+1/xRy7QOH6ZI61P9KD3qrdCam4yxrGF12ZrMiHz/pn
z6ekYpUPKLlACNpViy5ka2/r+CSTYItKc+8ya8H4aI0QVQsW/WxVNlTUaarOXuCI
No5jmPSJrtdojQ==
-----END CERTIFICATE-----