Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
File:                     v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft (raw, json)
Hash identifier:          Wn2JxRS+l5wE76g4aBY4a3qYYEiHY0vaCiGyLdtEmww=
Subject key identifier:   C7:94:4C:CF:5F:52:BD:62:AF:05:CD:A1:47:68:5B:9C:CE:61:CE:A9
Authority key identifier: BF:EE:53:11:55:60:71:46:30:4D:C6:5D:D5:76:FB:EE:9F:0D:6E:4E
Certificate issuer:       /CN=bfee531155607146304dc65dd576fbee9f0d6e4e
Certificate serial:       019CABA24BBF417B5DDD1C7C591E3092ADAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
Manifest number:          0668
Signing time:             Sun 01 Mar 2026 23:01:05 +0000
Manifest this update:     Sun 01 Mar 2026 23:01:05 +0000
Manifest next update:     Mon 02 Mar 2026 23:01:05 +0000
Files and hashes:         1: v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl (hash: 9/qYpOIgQ3Su8pe3JicBPoFfI9U5WtayQdqrnwfW0PM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 23:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a2:4b:bf:41:7b:5d:dd:1c:7c:59:1e:30:92:ad:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfee531155607146304dc65dd576fbee9f0d6e4e
        Validity
            Not Before: Mar  1 23:01:05 2026 GMT
            Not After : Mar  2 23:01:05 2026 GMT
        Subject: CN=c7944ccf5f52bd62af05cda147685b9cce61cea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:11:26:61:29:ae:c9:3d:69:03:eb:b6:55:80:
                    74:49:78:ce:a1:6f:3d:3d:95:f6:2d:ee:ae:0a:5e:
                    9c:5e:3a:95:d3:bf:9c:33:b6:d2:d4:cf:3e:60:c1:
                    0e:e4:f8:98:49:18:04:c9:fc:0e:b5:63:b2:d3:df:
                    a5:c6:b8:b4:2e:14:59:af:42:f6:8b:49:00:b8:e4:
                    91:28:e2:f6:10:b7:4c:82:94:35:06:e5:b9:2f:ea:
                    26:1d:3b:fd:66:f2:6f:2c:53:e8:11:62:18:ea:92:
                    60:ad:04:7b:aa:c2:f1:b8:6d:12:ed:74:9b:1a:d3:
                    6d:d3:31:60:3e:d1:36:37:fb:1d:e9:b7:ba:be:6e:
                    76:c1:eb:1a:9b:d8:ef:32:70:f6:f1:43:8d:a6:71:
                    5f:68:60:13:9a:be:5f:e0:a0:6b:44:87:dc:f3:af:
                    7d:bb:05:dd:bf:a1:19:a6:86:ad:9e:17:3c:bb:a4:
                    5c:3a:bd:f0:44:c3:06:fb:1d:79:ce:d3:0e:d2:eb:
                    af:8d:a7:4c:9d:8c:6c:eb:95:61:67:58:76:e5:73:
                    db:b3:3a:a4:83:25:3e:c7:0d:74:4e:ac:73:d0:49:
                    82:a3:fa:dd:e8:97:d2:de:2e:96:12:ee:c6:6e:54:
                    bd:90:e7:ea:13:4f:81:1f:5f:85:3c:87:37:3d:04:
                    1d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:94:4C:CF:5F:52:BD:62:AF:05:CD:A1:47:68:5B:9C:CE:61:CE:A9
            X509v3 Authority Key Identifier:
                keyid:BF:EE:53:11:55:60:71:46:30:4D:C6:5D:D5:76:FB:EE:9F:0D:6E:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ec64b-d3a1-4331-9252-d4f83380a9c5/1/v-5TEVVgcUYwTcZd1Xb77p8Nbk4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:d9:23:da:4e:eb:ff:35:6a:c5:2b:c8:95:df:34:a0:6e:b9:
         fe:02:f4:d8:1a:de:72:e3:5a:fd:8d:07:53:d2:9e:c8:b9:54:
         8b:31:98:fb:38:f7:b2:93:3d:3c:d2:ae:50:51:ff:28:2d:69:
         06:23:94:34:45:04:3b:89:73:b4:40:f0:3f:be:f5:2e:de:1d:
         e6:93:65:47:fc:67:91:04:3c:3b:50:48:36:ef:84:60:65:57:
         ab:08:26:6c:e1:2a:ef:50:bc:d9:e5:8e:5c:84:2f:6b:13:0d:
         9f:aa:ec:7f:c4:00:72:55:fa:ef:7b:76:8a:83:0e:0d:85:8c:
         8d:64:a4:ea:bc:e4:14:9f:c9:ea:cc:3c:15:3d:5c:58:85:4a:
         06:52:35:f8:cf:b1:71:4b:49:16:6d:c6:d8:77:9d:d6:1a:71:
         7d:f7:61:0e:d1:c6:e1:64:7e:5f:d4:02:0d:35:8d:4f:2c:3d:
         c4:72:0b:eb:b0:22:e0:1e:4f:b7:67:10:12:2c:a7:26:53:80:
         74:75:e2:bd:47:95:23:66:22:0c:7d:3e:7a:41:a7:81:17:2e:
         e7:03:98:28:cf:d1:ea:9b:43:b4:7a:f4:23:2e:10:e9:ca:dc:
         f7:91:ee:bd:fb:af:fe:7a:84:1e:3c:26:a9:e3:4f:c0:04:3e:
         0b:de:e8:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyroku/QXtd3Rx8WR4wkq2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZWU1MzExNTU2MDcxNDYzMDRkYzY1ZGQ1NzZmYmVlOWYw
ZDZlNGUwHhcNMjYwMzAxMjMwMTA1WhcNMjYwMzAyMjMwMTA1WjAzMTEwLwYDVQQD
EyhjNzk0NGNjZjVmNTJiZDYyYWYwNWNkYTE0NzY4NWI5Y2NlNjFjZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xEmYSmuyT1pA+u2VYB0SXjOoW89
PZX2Le6uCl6cXjqV07+cM7bS1M8+YMEO5PiYSRgEyfwOtWOy09+lxri0LhRZr0L2
i0kAuOSRKOL2ELdMgpQ1BuW5L+omHTv9ZvJvLFPoEWIY6pJgrQR7qsLxuG0S7XSb
GtNt0zFgPtE2N/sd6be6vm52wesam9jvMnD28UONpnFfaGATmr5f4KBrRIfc8699
uwXdv6EZpoatnhc8u6RcOr3wRMMG+x15ztMO0uuvjadMnYxs65VhZ1h25XPbszqk
gyU+xw10Tqxz0EmCo/rd6JfS3i6WEu7GblS9kOfqE0+BH1+FPIc3PQQdLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeUTM9fUr1irwXNoUdoW5zOYc6pMB8GA1UdIwQY
MBaAFL/uUxFVYHFGME3GXdV2++6fDW5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWM2NGItZDNhMS00MzMxLTkyNTIt
ZDRmODMzODBhOWM1LzEvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWM2NGItZDNhMS00MzMxLTkyNTItZDRmODMzODBhOWM1
LzEvdi01VEVWVmdjVVl3VGNaZDFYYjc3cDhOYms0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAstkj2k7r
/zVqxSvIld80oG65/gL02BrecuNa/Y0HU9KeyLlUizGY+zj3spM9PNKuUFH/KC1p
BiOUNEUEO4lztEDwP771Lt4d5pNlR/xnkQQ8O1BINu+EYGVXqwgmbOEq71C82eWO
XIQvaxMNn6rsf8QAclX673t2ioMODYWMjWSk6rzkFJ/J6sw8FT1cWIVKBlI1+M+x
cUtJFm3G2Hed1hpxffdhDtHG4WR+X9QCDTWNTyw9xHIL67Ai4B5Pt2cQEiynJlOA
dHXivUeVI2YiDH0+ekGngRcu5wOYKM/R6ptDtHr0Iy4Q6crc95Huvfuv/nqEHjwm
qeNPwAQ+C97otA==
-----END CERTIFICATE-----