Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          0stPpFTowMwDyTxvP9l1JM8128GIeAJaF54P25FeCs8=
Subject key identifier:   5E:82:46:F1:00:7A:E4:2A:61:F0:13:3C:9C:37:34:94:F3:7A:1B:F3
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       019D99623DD0756FD0C2A8C8115CE69C546A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0F28
Signing time:             Fri 17 Apr 2026 03:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:45 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: wADrgNqYvAAVBimdWpmnlPzvJVCcUca8PQ836YbhyJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:3d:d0:75:6f:d0:c2:a8:c8:11:5c:e6:9c:54:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Apr 17 03:00:45 2026 GMT
            Not After : Apr 18 03:00:45 2026 GMT
        Subject: CN=5e8246f1007ae42a61f0133c9c373494f37a1bf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a9:41:97:83:b1:62:1d:a6:c3:59:e9:13:2b:
                    d9:75:42:7a:ca:3a:89:c2:48:d7:53:fa:11:ec:d1:
                    30:5c:d8:45:dc:23:ea:e1:1a:c5:35:de:c5:1f:ce:
                    36:22:80:f8:88:df:02:f9:d5:df:40:8e:a8:5a:00:
                    d2:54:2e:da:a3:db:07:47:4d:6c:97:89:76:32:41:
                    0e:7b:40:13:af:86:29:3b:fb:df:45:df:5e:b5:86:
                    05:4a:4c:02:51:09:7a:65:73:ed:1d:55:f3:01:5d:
                    c9:43:4e:7f:65:9e:18:ab:9e:b1:84:69:a0:9f:bf:
                    8e:ee:4b:94:6a:4f:d2:6c:0e:cd:81:5b:fa:41:0a:
                    b2:6f:b1:7c:9b:88:fc:94:89:23:fc:47:cf:4a:0a:
                    ee:57:33:fc:6b:da:4e:20:43:e8:24:7c:4c:0a:1b:
                    58:10:77:2f:e5:8c:ba:b0:d1:2a:53:be:0e:ab:04:
                    5c:6f:f8:71:c2:78:5d:0b:7b:ed:e3:1c:a7:0e:85:
                    83:97:1a:cd:7d:48:f2:24:33:d1:50:00:d3:5f:5c:
                    3f:45:08:3a:16:96:ed:81:c1:72:53:e3:1a:96:40:
                    b8:f6:1a:cd:2f:12:1e:89:f2:5e:2e:e8:b7:3d:6c:
                    e9:e6:96:9a:77:a8:bf:88:bc:b5:c0:4d:de:1b:fd:
                    bd:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:82:46:F1:00:7A:E4:2A:61:F0:13:3C:9C:37:34:94:F3:7A:1B:F3
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:36:0a:ca:52:8d:9f:69:ce:8f:36:58:ef:e0:28:45:09:d6:
         50:7a:25:ec:8d:4a:26:be:21:d9:d3:c9:8a:81:4e:4f:ce:20:
         7f:37:ee:fa:2a:56:ed:53:ca:89:14:0b:e8:bd:5d:f8:4c:77:
         bb:6e:f8:ea:13:73:73:b1:27:e6:56:3b:bf:b2:78:5d:9b:5e:
         9e:c7:41:af:6b:bf:a6:10:62:a2:04:f2:81:00:28:93:8f:a1:
         a8:9f:ec:66:4f:02:f5:61:c0:e6:e3:5b:11:c2:e1:6d:e2:a5:
         f7:88:28:4f:f1:ae:8f:7e:e8:e9:8b:7b:04:2b:01:5a:7f:94:
         02:7f:9b:6c:d5:d2:9d:08:46:4f:03:f1:60:77:82:01:81:4a:
         c5:25:3a:a5:67:66:e8:80:07:f2:c6:f2:18:82:6b:60:f0:8b:
         84:2e:2a:c5:9c:a7:89:92:5d:3e:a5:3a:c9:17:b6:d0:9d:63:
         4a:ad:b4:94:91:0b:27:68:a3:69:96:76:c2:6b:09:96:b4:cc:
         38:1a:6a:aa:4f:5b:c3:90:e9:49:d0:0f:ca:df:ef:8a:bc:64:
         a8:15:1a:f7:1e:ed:8e:1d:1e:cb:28:1a:c3:cf:d8:df:de:b1:
         ad:c0:66:53:97:eb:5f:30:6e:bb:ed:10:24:a8:d7:ce:a7:82:
         3d:1e:ab:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYj3QdW/QwqjIEVzmnFRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjYwNDE3MDMwMDQ1WhcNMjYwNDE4MDMwMDQ1WjAzMTEwLwYDVQQD
Eyg1ZTgyNDZmMTAwN2FlNDJhNjFmMDEzM2M5YzM3MzQ5NGYzN2ExYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6lBl4OxYh2mw1npEyvZdUJ6yjqJ
wkjXU/oR7NEwXNhF3CPq4RrFNd7FH842IoD4iN8C+dXfQI6oWgDSVC7ao9sHR01s
l4l2MkEOe0ATr4YpO/vfRd9etYYFSkwCUQl6ZXPtHVXzAV3JQ05/ZZ4Yq56xhGmg
n7+O7kuUak/SbA7NgVv6QQqyb7F8m4j8lIkj/EfPSgruVzP8a9pOIEPoJHxMChtY
EHcv5Yy6sNEqU74OqwRcb/hxwnhdC3vt4xynDoWDlxrNfUjyJDPRUADTX1w/RQg6
FpbtgcFyU+MalkC49hrNLxIeifJeLui3PWzp5paad6i/iLy1wE3eG/29cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6CRvEAeuQqYfATPJw3NJTzehvzMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzYKylKN
n2nOjzZY7+AoRQnWUHol7I1KJr4h2dPJioFOT84gfzfu+ipW7VPKiRQL6L1d+Ex3
u2746hNzc7En5lY7v7J4XZtensdBr2u/phBiogTygQAok4+hqJ/sZk8C9WHA5uNb
EcLhbeKl94goT/Guj37o6Yt7BCsBWn+UAn+bbNXSnQhGTwPxYHeCAYFKxSU6pWdm
6IAH8sbyGIJrYPCLhC4qxZyniZJdPqU6yRe20J1jSq20lJELJ2ijaZZ2wmsJlrTM
OBpqqk9bw5DpSdAPyt/virxkqBUa9x7tjh0eyygaw8/Y396xrcBmU5frXzBuu+0Q
JKjXzqeCPR6rsQ==
-----END CERTIFICATE-----