Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          S0VoDLaG6xpKCrIhky7fBi6tyJ2F7GvZlKhbILyg3r8=
Subject key identifier:   90:80:F2:F2:3C:78:95:BA:C8:05:1E:E1:3E:80:81:40:CA:CE:23:05
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019D98F5534E8C323F9A760C9A1BC92A07BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          11F2
Signing time:             Fri 17 Apr 2026 01:01:47 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:47 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:47 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: IFAI2l5tdr1aJW57Stq2Q56qvVjxHL/pcatOz8sgTQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:53:4e:8c:32:3f:9a:76:0c:9a:1b:c9:2a:07:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Apr 17 01:01:47 2026 GMT
            Not After : Apr 18 01:01:47 2026 GMT
        Subject: CN=9080f2f23c7895bac8051ee13e808140cace2305
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:0f:20:db:4d:e3:85:ed:2c:00:a7:85:4e:30:
                    41:21:60:90:af:df:d0:c9:16:0e:0d:8a:89:22:2c:
                    02:8c:a2:02:2e:d0:a4:a7:8d:6c:fd:97:13:f1:dd:
                    7f:1e:ab:98:86:61:57:3b:b7:68:ad:39:a3:6d:5f:
                    89:07:c8:b9:8c:41:dd:88:59:ee:02:f6:b8:4c:de:
                    fa:4d:0e:95:d6:50:f5:35:de:5d:c6:7a:48:50:c4:
                    8c:fe:19:1f:ea:81:26:31:2d:f9:84:74:fa:f6:96:
                    44:42:a7:40:08:55:01:bb:7a:2a:bd:32:ae:3c:78:
                    32:9a:c4:b3:83:d7:ed:23:a2:bc:19:ff:65:ad:83:
                    c2:c7:ce:d3:c5:dc:dc:a8:8e:ae:bc:db:bd:a6:34:
                    54:0f:8b:0f:9b:8d:25:3e:40:01:88:66:a5:b5:5e:
                    24:91:f4:1a:bd:a3:0b:08:e5:ec:07:eb:e3:78:d4:
                    35:a2:75:5d:18:ce:28:7d:61:49:fd:bb:89:53:c2:
                    ce:4d:07:59:77:ae:2e:dc:fe:51:e6:ad:49:eb:ea:
                    1c:19:e4:68:8d:30:76:84:ac:2c:21:bb:08:da:42:
                    69:e0:36:98:a1:74:da:c3:89:1c:77:a0:04:20:9a:
                    9e:8d:37:fe:e9:92:90:5c:bf:29:3c:3a:0c:1c:4e:
                    fd:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:80:F2:F2:3C:78:95:BA:C8:05:1E:E1:3E:80:81:40:CA:CE:23:05
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:09:d3:7d:2e:fb:fb:9d:3d:b7:95:4f:a7:1b:63:f6:eb:ec:
         06:37:3c:02:56:20:95:e6:d1:0c:53:4d:66:b8:3c:e2:be:05:
         b5:de:77:d8:ac:33:b2:8c:2f:26:bd:a1:68:96:22:36:7c:36:
         e8:62:ea:04:1c:e0:ff:62:69:31:64:27:97:d9:50:ed:66:78:
         8e:97:8a:a9:91:00:05:44:45:ee:1a:63:7d:17:9e:d4:9a:16:
         3d:41:58:ee:60:c7:aa:2c:0d:4c:30:80:7d:fd:7c:2f:7d:58:
         46:90:94:38:7f:ef:30:24:54:11:98:69:a6:e6:3a:f1:b6:f8:
         16:f5:a6:1c:6a:ee:9f:1b:9c:19:22:34:04:70:83:60:59:6c:
         75:dd:9b:81:91:a2:48:c0:c4:08:9b:63:3d:76:b0:58:3f:04:
         b5:da:28:28:e2:58:8c:d4:f5:59:f5:73:d7:57:98:fc:1f:f1:
         c5:27:1e:48:d5:b6:d6:66:9d:16:9d:97:35:13:fc:86:cc:fc:
         57:44:53:f7:ea:3a:52:90:b9:cc:a8:84:b2:0c:e5:4d:35:e5:
         d3:39:40:a6:65:32:e3:3b:0e:4d:bf:14:1f:43:77:fe:8a:ae:
         91:02:30:21:28:9b:6d:7a:b4:5d:94:2f:86:77:6c:41:16:7a:
         31:03:ae:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9VNOjDI/mnYMmhvJKge6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwNDE3MDEwMTQ3WhcNMjYwNDE4MDEwMTQ3WjAzMTEwLwYDVQQD
Eyg5MDgwZjJmMjNjNzg5NWJhYzgwNTFlZTEzZTgwODE0MGNhY2UyMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Q8g203jhe0sAKeFTjBBIWCQr9/Q
yRYODYqJIiwCjKICLtCkp41s/ZcT8d1/HquYhmFXO7dorTmjbV+JB8i5jEHdiFnu
Ava4TN76TQ6V1lD1Nd5dxnpIUMSM/hkf6oEmMS35hHT69pZEQqdACFUBu3oqvTKu
PHgymsSzg9ftI6K8Gf9lrYPCx87TxdzcqI6uvNu9pjRUD4sPm40lPkABiGaltV4k
kfQavaMLCOXsB+vjeNQ1onVdGM4ofWFJ/buJU8LOTQdZd64u3P5R5q1J6+ocGeRo
jTB2hKwsIbsI2kJp4DaYoXTaw4kcd6AEIJqejTf+6ZKQXL8pPDoMHE79awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCA8vI8eJW6yAUe4T6AgUDKziMFMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPAnTfS77
+509t5VPpxtj9uvsBjc8AlYglebRDFNNZrg84r4Ftd532KwzsowvJr2haJYiNnw2
6GLqBBzg/2JpMWQnl9lQ7WZ4jpeKqZEABURF7hpjfRee1JoWPUFY7mDHqiwNTDCA
ff18L31YRpCUOH/vMCRUEZhppuY68bb4FvWmHGrunxucGSI0BHCDYFlsdd2bgZGi
SMDECJtjPXawWD8EtdooKOJYjNT1WfVz11eY/B/xxSceSNW21madFp2XNRP8hsz8
V0RT9+o6UpC5zKiEsgzlTTXl0zlApmUy4zsOTb8UH0N3/oqukQIwISibbXq0XZQv
hndsQRZ6MQOutQ==
-----END CERTIFICATE-----