Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          fbFdFpFHrXZgGkgM43zWyzWJT4DJrarOla/xvU1NzwQ=
Subject key identifier:   41:ED:E4:8B:FB:AF:6A:E3:A4:BE:7E:E9:4F:15:39:4E:F5:0E:09:5C
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       019CADC7BCF58CCEB579D6F260FD635CC91B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          1788
Signing time:             Mon 02 Mar 2026 09:01:14 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:14 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:14 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: LY1zTJR7P9ghpenS/8qVvLoQiSftGmn/IaGmCAkzeQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:bc:f5:8c:ce:b5:79:d6:f2:60:fd:63:5c:c9:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: Mar  2 09:01:14 2026 GMT
            Not After : Mar  3 09:01:14 2026 GMT
        Subject: CN=41ede48bfbaf6ae3a4be7ee94f15394ef50e095c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:82:bc:d6:07:b0:83:e2:56:0d:e7:d7:1c:00:
                    79:ef:95:c3:f0:cd:54:5e:c5:29:7d:c6:0f:5e:4a:
                    cb:32:c1:c0:58:9c:1c:81:9c:f0:09:00:14:b8:02:
                    c5:0f:53:14:35:7f:2e:68:88:bb:63:7c:97:82:8e:
                    ec:19:81:ac:8c:75:59:4f:0f:1b:8c:af:1b:ac:53:
                    98:8c:ce:32:19:80:59:ed:7e:16:3b:c9:67:2b:c5:
                    49:dd:02:80:42:b9:88:f3:91:9b:2d:4b:23:e5:d0:
                    45:ee:23:da:df:b6:9d:ee:b4:f4:b6:2f:09:ad:74:
                    c4:2a:cf:cd:66:ff:c7:fd:59:06:c7:7c:6a:42:35:
                    df:6a:a7:9e:b4:2e:e6:98:b8:5e:61:ca:04:b9:3f:
                    78:6d:a0:41:cb:9a:1e:c6:26:ae:d7:6d:80:03:87:
                    d8:5e:3f:5f:d5:d0:02:19:87:cc:b1:25:14:7e:5d:
                    ea:85:b1:9a:76:f3:75:77:af:24:5b:41:d2:be:20:
                    00:c0:c7:27:82:86:9d:31:5c:f0:06:94:91:40:78:
                    fe:6d:33:ee:10:f8:74:ac:25:4b:12:84:04:6a:b8:
                    5b:80:62:99:b9:e9:df:f5:21:70:7f:48:59:65:50:
                    5b:0d:2a:f1:e2:1a:06:84:27:6b:e0:cb:37:28:a8:
                    43:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:ED:E4:8B:FB:AF:6A:E3:A4:BE:7E:E9:4F:15:39:4E:F5:0E:09:5C
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:17:c5:2e:44:29:99:45:2f:71:00:b8:d2:bb:02:4b:ee:7c:
         8a:b5:4c:62:6a:3a:f4:b3:52:76:20:96:38:f4:19:d3:d3:4a:
         48:96:9f:d4:ad:43:6f:c2:43:93:b2:87:eb:a7:82:39:af:97:
         fb:f1:60:d0:95:37:e9:57:cc:08:54:d1:8f:c1:b5:aa:bd:0c:
         8c:60:9e:41:60:64:3c:8e:bc:f6:ee:c2:4d:3a:09:88:49:d0:
         22:2d:b0:b8:18:3b:ed:4d:3e:1b:fe:0f:2e:f7:b3:50:5b:72:
         c9:c4:f3:81:d3:88:21:2d:1e:c2:0b:b8:b4:53:4e:a5:6e:3c:
         ea:cc:e5:eb:f6:96:76:f6:15:c9:48:20:44:95:3f:b3:d1:e4:
         c8:06:c8:0c:67:f8:83:3d:4b:f2:e7:77:7f:b4:3d:97:92:c9:
         e0:b4:b4:ae:d4:a7:ee:9f:8a:89:14:55:da:18:5f:2d:03:99:
         76:40:c8:34:c9:b1:39:0c:7e:8c:12:df:e8:49:18:ec:71:64:
         55:04:12:3f:36:b2:4e:ae:92:92:ac:1c:af:89:c0:58:bb:ed:
         50:6f:4f:b7:79:26:e0:5a:05:d0:89:0d:82:4d:75:25:a7:49:
         4a:c8:e2:f5:42:49:24:0b:2d:71:b3:0f:88:3f:b1:05:ef:98:
         44:bd:e1:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx7z1jM61edbyYP1jXMkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjYwMzAyMDkwMTE0WhcNMjYwMzAzMDkwMTE0WjAzMTEwLwYDVQQD
Eyg0MWVkZTQ4YmZiYWY2YWUzYTRiZTdlZTk0ZjE1Mzk0ZWY1MGUwOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIK81gewg+JWDefXHAB575XD8M1U
XsUpfcYPXkrLMsHAWJwcgZzwCQAUuALFD1MUNX8uaIi7Y3yXgo7sGYGsjHVZTw8b
jK8brFOYjM4yGYBZ7X4WO8lnK8VJ3QKAQrmI85GbLUsj5dBF7iPa37ad7rT0ti8J
rXTEKs/NZv/H/VkGx3xqQjXfaqeetC7mmLheYcoEuT94baBBy5oexiau122AA4fY
Xj9f1dACGYfMsSUUfl3qhbGadvN1d68kW0HSviAAwMcngoadMVzwBpSRQHj+bTPu
EPh0rCVLEoQEarhbgGKZuenf9SFwf0hZZVBbDSrx4hoGhCdr4Ms3KKhD0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHt5Iv7r2rjpL5+6U8VOU71DglcMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWhfFLkQp
mUUvcQC40rsCS+58irVMYmo69LNSdiCWOPQZ09NKSJaf1K1Db8JDk7KH66eCOa+X
+/Fg0JU36VfMCFTRj8G1qr0MjGCeQWBkPI689u7CTToJiEnQIi2wuBg77U0+G/4P
LvezUFtyycTzgdOIIS0ewgu4tFNOpW486szl6/aWdvYVyUggRJU/s9HkyAbIDGf4
gz1L8ud3f7Q9l5LJ4LS0rtSn7p+KiRRV2hhfLQOZdkDINMmxOQx+jBLf6EkY7HFk
VQQSPzayTq6Skqwcr4nAWLvtUG9Pt3km4FoF0IkNgk11JadJSsji9UJJJAstcbMP
iD+xBe+YRL3hYA==
-----END CERTIFICATE-----