Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          TELgsrui3smef+zR0YqqwOlHy8G8pvRpjcO6bW7hPfo=
Subject key identifier:   07:F5:F3:13:B9:A4:6E:25:EF:6A:8C:20:3C:DF:FB:CF:38:AF:A0:69
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019CAAC61248EA117737A6092229B53811A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0C05
Signing time:             Sun 01 Mar 2026 19:00:33 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:33 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:33 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: SNl3iFtyaSSZ2CA4U+d8mJWuf3b+WRWiHKL4qI7c2Xo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:12:48:ea:11:77:37:a6:09:22:29:b5:38:11:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Mar  1 19:00:33 2026 GMT
            Not After : Mar  2 19:00:33 2026 GMT
        Subject: CN=07f5f313b9a46e25ef6a8c203cdffbcf38afa069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:5b:dd:96:47:c3:a3:da:80:20:8e:71:62:49:
                    8a:d1:29:14:fe:cc:5c:e8:96:15:58:98:c1:9a:fe:
                    0b:6a:c8:61:b3:58:63:d1:13:1c:09:3b:0f:24:ed:
                    45:fc:da:a9:16:09:f9:91:e9:8b:fd:34:b8:d7:8b:
                    b5:e3:33:f7:9a:e2:1d:54:5c:ce:9f:28:31:f6:1b:
                    ec:74:55:fe:04:6c:4e:08:0f:b9:d1:f1:bc:f2:00:
                    53:9f:5b:34:4a:7f:02:08:e1:1c:af:a8:36:91:1b:
                    5e:ef:ef:58:70:de:8d:4b:b3:77:aa:64:4d:6a:f9:
                    25:09:56:4b:bc:f1:89:2e:c2:d1:5e:a2:3a:75:38:
                    b3:59:d7:f0:5d:9d:bb:5e:f8:16:9a:9f:03:f4:f0:
                    35:a7:79:17:29:4f:90:36:8e:78:de:43:b2:e8:f3:
                    90:11:eb:62:43:12:74:b5:a1:fa:c2:ba:44:2e:35:
                    e5:98:58:0e:ae:c7:b5:a5:f5:72:89:c4:d7:54:e2:
                    9f:91:3b:82:59:35:a2:5b:9d:16:5c:8a:98:3d:66:
                    21:c8:f8:39:f9:ea:b3:0e:94:48:78:c3:51:55:cc:
                    97:42:9b:58:08:a2:ea:c9:47:85:d3:51:17:07:4b:
                    8d:d1:8c:6d:99:31:eb:18:5b:92:42:4c:5a:d6:04:
                    96:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F5:F3:13:B9:A4:6E:25:EF:6A:8C:20:3C:DF:FB:CF:38:AF:A0:69
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:54:59:75:68:81:fa:8c:c9:c7:e8:08:a6:8c:b4:e6:86:d8:
         e2:7f:2a:54:05:e2:5a:0f:29:d0:9e:a5:e0:83:a1:4e:d8:77:
         73:25:5b:aa:30:f1:0e:37:56:e3:47:c0:2a:df:f3:d4:bf:f7:
         cd:66:c5:c0:32:a0:05:2b:98:12:4e:c8:76:f8:c1:20:44:dd:
         c3:6d:6f:cd:7f:d3:13:7a:7a:f4:dc:bc:36:b7:d6:e3:e9:c8:
         11:0a:bd:05:6f:36:ee:0b:63:c7:a7:ff:de:0a:76:7f:4a:35:
         63:5f:cb:21:14:4d:17:cb:33:01:a4:17:91:70:df:39:98:ed:
         ed:45:49:3c:f6:35:25:88:63:c5:7b:07:6c:67:b5:58:c3:f0:
         5f:c4:ba:24:05:6a:8e:24:d0:3e:28:30:84:c9:f9:8f:03:62:
         13:6b:00:2b:69:8a:13:6d:c8:e8:30:ba:b9:1c:a4:3a:b7:52:
         83:74:df:cb:2a:d4:5b:bf:9e:48:30:96:f3:45:69:a4:17:7a:
         eb:d8:cf:3f:a6:fa:ea:f4:9e:9f:8c:b6:ff:ed:3a:00:f9:bf:
         ae:92:7d:7d:e2:ec:42:5f:fa:81:24:f0:af:9f:c5:ad:1d:e5:
         ec:b4:26:ff:40:7c:b5:63:45:ba:67:4d:00:2e:c9:2f:31:a1:
         93:5a:79:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxhJI6hF3N6YJIim1OBGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjYwMzAxMTkwMDMzWhcNMjYwMzAyMTkwMDMzWjAzMTEwLwYDVQQD
EygwN2Y1ZjMxM2I5YTQ2ZTI1ZWY2YThjMjAzY2RmZmJjZjM4YWZhMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31vdlkfDo9qAII5xYkmK0SkU/sxc
6JYVWJjBmv4Lashhs1hj0RMcCTsPJO1F/NqpFgn5kemL/TS414u14zP3muIdVFzO
nygx9hvsdFX+BGxOCA+50fG88gBTn1s0Sn8CCOEcr6g2kRte7+9YcN6NS7N3qmRN
avklCVZLvPGJLsLRXqI6dTizWdfwXZ27XvgWmp8D9PA1p3kXKU+QNo543kOy6POQ
EetiQxJ0taH6wrpELjXlmFgOrse1pfVyicTXVOKfkTuCWTWiW50WXIqYPWYhyPg5
+eqzDpRIeMNRVcyXQptYCKLqyUeF01EXB0uN0YxtmTHrGFuSQkxa1gSWewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAf18xO5pG4l72qMIDzf+884r6BpMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa1RZdWiB
+ozJx+gIpoy05obY4n8qVAXiWg8p0J6l4IOhTth3cyVbqjDxDjdW40fAKt/z1L/3
zWbFwDKgBSuYEk7IdvjBIETdw21vzX/TE3p69Ny8NrfW4+nIEQq9BW827gtjx6f/
3gp2f0o1Y1/LIRRNF8szAaQXkXDfOZjt7UVJPPY1JYhjxXsHbGe1WMPwX8S6JAVq
jiTQPigwhMn5jwNiE2sAK2mKE23I6DC6uRykOrdSg3TfyyrUW7+eSDCW80VppBd6
69jPP6b66vSen4y2/+06APm/rpJ9feLsQl/6gSTwr5/FrR3l7LQm/0B8tWNFumdN
AC7JLzGhk1p5tA==
-----END CERTIFICATE-----