Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          PYtBiihtFp4WFnoX2u0reUzNSygkzHr69ojGCFkW0pA=
Subject key identifier:   13:A7:8F:AA:2F:CE:41:06:E7:F7:A4:8B:76:79:E5:3A:BE:32:16:C6
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019D9A3EDBE8047B0D21172F58A0736C6E7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0C81
Signing time:             Fri 17 Apr 2026 07:01:43 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:43 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:43 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: Lw0smayvHTFoPwX0+ZANZmlXPVNMi1olDcwmbiqY24k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:db:e8:04:7b:0d:21:17:2f:58:a0:73:6c:6e:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Apr 17 07:01:43 2026 GMT
            Not After : Apr 18 07:01:43 2026 GMT
        Subject: CN=13a78faa2fce4106e7f7a48b7679e53abe3216c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4c:5c:5e:e5:d3:4c:80:6e:cb:61:f9:c7:96:
                    0c:87:62:eb:44:8f:c0:53:ff:9d:54:fb:15:b4:b2:
                    c2:da:c4:23:01:2e:5d:77:b9:e6:ec:3f:f8:6b:04:
                    67:a2:e5:8c:48:5d:73:e5:1e:34:f1:81:d1:45:a9:
                    f4:a0:46:e1:0a:6a:fb:99:d0:db:29:88:3a:f6:e7:
                    95:fc:c0:e6:f6:1a:32:54:20:99:a7:a6:43:e2:94:
                    5d:4c:65:e5:8e:ff:f8:77:92:f4:57:b2:ca:97:94:
                    fa:97:81:72:83:01:b8:ea:46:55:e9:2c:78:a2:41:
                    ce:9b:4e:a6:57:2b:53:4d:00:46:fc:85:ed:d8:9b:
                    b5:65:76:d5:dc:7c:56:49:00:93:63:54:18:19:a0:
                    50:18:d8:70:b5:f5:b4:3d:b7:49:2b:d6:b9:88:cc:
                    69:8e:1f:a0:e7:e5:49:08:a8:bf:b7:b1:83:46:74:
                    46:9f:0b:47:bf:54:39:2b:6f:86:01:0e:a9:4d:72:
                    3a:d1:8a:24:27:25:60:19:f1:27:07:62:e4:08:d5:
                    87:80:d9:28:60:45:e7:3d:66:de:0e:13:7e:52:0d:
                    31:d9:0f:5e:2c:d8:d6:2c:9c:85:bf:44:8c:2f:90:
                    6a:21:5b:c9:9d:09:89:a0:e4:72:10:19:37:98:4a:
                    63:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:A7:8F:AA:2F:CE:41:06:E7:F7:A4:8B:76:79:E5:3A:BE:32:16:C6
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:d5:79:52:f4:e3:12:fd:34:58:e5:79:27:ec:83:0f:97:f8:
         4b:df:6f:71:81:05:0f:ca:79:91:03:83:ea:7f:0d:51:c6:25:
         9a:8c:49:b6:d2:7f:69:2b:34:7f:c3:58:cc:a5:a6:0b:84:4a:
         e1:7f:30:9d:d2:97:c0:81:53:81:71:e1:0b:e7:d9:5f:66:3a:
         a8:81:15:7e:fa:4d:c4:4f:b7:88:82:08:52:72:3f:07:b6:f7:
         c8:7d:23:69:d2:95:8a:2c:84:4b:df:f0:ba:08:99:dd:5e:11:
         0c:6d:89:28:a0:67:4a:7e:e5:78:c1:88:23:15:0c:67:58:85:
         12:91:f7:7f:6a:fe:20:24:f4:b5:b3:99:71:1d:7a:62:04:66:
         95:cf:e4:9a:3a:4e:3c:d0:f1:ea:7d:b2:b3:c3:a3:b1:ae:52:
         c9:d6:82:59:3b:7b:9a:ca:42:98:62:e5:77:07:c4:66:9e:12:
         be:b7:47:68:28:b4:c4:23:a6:4e:3c:1d:a7:ba:a6:03:15:cb:
         9d:cf:61:20:ec:2c:19:93:27:95:2e:69:1c:ec:58:f3:5b:81:
         1e:0d:da:a3:74:ff:09:9c:98:a8:ab:f3:5b:c3:c2:b6:d1:8c:
         80:e6:f1:18:4c:9c:1d:e5:eb:0a:2c:66:92:52:61:96:72:5d:
         21:bf:97:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPtvoBHsNIRcvWKBzbG57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjYwNDE3MDcwMTQzWhcNMjYwNDE4MDcwMTQzWjAzMTEwLwYDVQQD
EygxM2E3OGZhYTJmY2U0MTA2ZTdmN2E0OGI3Njc5ZTUzYWJlMzIxNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUxcXuXTTIBuy2H5x5YMh2LrRI/A
U/+dVPsVtLLC2sQjAS5dd7nm7D/4awRnouWMSF1z5R408YHRRan0oEbhCmr7mdDb
KYg69ueV/MDm9hoyVCCZp6ZD4pRdTGXljv/4d5L0V7LKl5T6l4FygwG46kZV6Sx4
okHOm06mVytTTQBG/IXt2Ju1ZXbV3HxWSQCTY1QYGaBQGNhwtfW0PbdJK9a5iMxp
jh+g5+VJCKi/t7GDRnRGnwtHv1Q5K2+GAQ6pTXI60YokJyVgGfEnB2LkCNWHgNko
YEXnPWbeDhN+Ug0x2Q9eLNjWLJyFv0SML5BqIVvJnQmJoORyEBk3mEpjbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOnj6ovzkEG5/eki3Z55Tq+MhbGMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFdV5UvTj
Ev00WOV5J+yDD5f4S99vcYEFD8p5kQOD6n8NUcYlmoxJttJ/aSs0f8NYzKWmC4RK
4X8wndKXwIFTgXHhC+fZX2Y6qIEVfvpNxE+3iIIIUnI/B7b3yH0jadKViiyES9/w
ugiZ3V4RDG2JKKBnSn7leMGIIxUMZ1iFEpH3f2r+ICT0tbOZcR16YgRmlc/kmjpO
PNDx6n2ys8Ojsa5SydaCWTt7mspCmGLldwfEZp4SvrdHaCi0xCOmTjwdp7qmAxXL
nc9hIOwsGZMnlS5pHOxY81uBHg3ao3T/CZyYqKvzW8PCttGMgObxGEycHeXrCixm
klJhlnJdIb+XJg==
-----END CERTIFICATE-----