Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          k1L7WixWBnBzgyCaswV0U+xf7HD5w562vHObMf5nHJQ=
Subject key identifier:   43:DA:43:BE:97:AD:AA:59:B4:61:7D:2F:31:51:11:62:07:5E:1E:F2
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019EBDDAA6A5A678367C5BEFC0053257E3BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          1036
Signing time:             Fri 12 Jun 2026 22:01:23 +0000
Manifest this update:     Fri 12 Jun 2026 22:01:23 +0000
Manifest next update:     Sat 13 Jun 2026 22:01:23 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: gDp+HHByTJwW/4WFDFDJbasBHKwBFJRCfKFA/RDmxvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 22:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bd:da:a6:a5:a6:78:36:7c:5b:ef:c0:05:32:57:e3:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Jun 12 22:01:23 2026 GMT
            Not After : Jun 13 22:01:23 2026 GMT
        Subject: CN=43da43be97adaa59b4617d2f31511162075e1ef2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fa:30:6e:94:f3:80:29:a9:41:d8:a4:33:0c:
                    17:a7:d7:d3:5e:7a:04:07:a0:7f:6c:95:54:d5:43:
                    47:df:45:cb:81:df:7d:20:ec:e9:35:be:4b:0d:33:
                    48:35:9c:e8:af:76:a4:12:3a:aa:d2:ff:66:6f:b6:
                    9e:9f:c4:58:eb:d8:79:c8:98:4f:f1:f3:0e:de:47:
                    7b:ef:74:33:2c:fe:4e:8d:7a:29:e3:d7:0c:48:27:
                    71:b3:18:63:0b:a5:dc:fa:e1:11:14:bf:a5:80:b2:
                    11:ce:7c:de:53:af:8d:12:ab:3a:b8:2c:ee:8d:69:
                    dd:97:2c:63:20:d6:7c:f6:ac:5c:4c:9f:30:41:c5:
                    11:a6:bf:cf:89:74:29:4e:19:d9:16:42:50:92:8c:
                    95:bd:41:9b:e9:a6:b2:01:2e:f8:0d:92:b0:fe:ef:
                    fd:f3:7e:78:c5:9e:b6:a9:fa:74:d1:39:40:09:e7:
                    27:fd:fe:80:01:f8:08:76:9c:30:db:cb:d6:fd:08:
                    2c:0d:81:aa:ad:f4:fc:4f:89:9d:6a:50:2e:b3:68:
                    1f:53:c2:8b:fe:ca:f4:a1:e0:5e:35:7e:fe:43:3e:
                    53:ba:d0:d3:b9:17:29:21:8e:da:95:c2:21:b9:75:
                    e4:63:55:ef:f5:61:f1:7b:fd:40:53:d6:bd:96:6e:
                    17:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:DA:43:BE:97:AD:AA:59:B4:61:7D:2F:31:51:11:62:07:5E:1E:F2
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:88:17:86:d5:91:c5:85:f3:d1:28:2a:50:0e:e9:f2:aa:28:
         46:51:2f:5a:f5:fb:cb:4b:76:8a:c8:f2:2a:11:95:a6:a1:a7:
         16:7f:07:b8:84:17:fc:7f:91:35:8f:49:59:98:08:1e:32:1c:
         89:58:78:7c:58:2f:44:41:9e:d7:e1:d9:e5:2f:d7:0f:e2:e1:
         f4:69:8d:07:4d:5b:74:1f:2b:05:c3:69:18:93:7c:12:d3:73:
         10:b0:49:5c:64:e3:7f:3d:cd:ce:e8:85:3b:01:d3:ce:33:bc:
         a0:81:a0:8a:a4:97:b2:e9:00:31:c2:e9:af:1e:7e:4e:d3:2f:
         d6:bb:76:82:71:fa:89:fb:5f:69:16:da:93:a8:ed:f4:f7:a7:
         99:c1:ab:50:c0:3d:1d:3e:94:14:fa:27:28:30:4b:63:71:fc:
         b1:3a:48:a5:2b:7e:46:3b:78:87:ed:5f:79:c4:31:24:ae:ef:
         2c:7c:30:b5:15:91:b3:40:c1:90:ca:d3:d7:a8:77:35:05:a6:
         c2:01:26:81:df:4a:e8:63:be:d6:83:03:4d:45:e2:be:00:5b:
         36:74:94:ce:47:42:e3:75:58:97:1d:1f:a7:92:20:d1:a7:62:
         09:fe:e3:ea:20:bc:30:53:e2:30:f4:05:e7:b1:ce:05:dd:be:
         eb:e4:76:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ692qalpng2fFvvwAUyV+O9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjYwNjEyMjIwMTIzWhcNMjYwNjEzMjIwMTIzWjAzMTEwLwYDVQQD
Eyg0M2RhNDNiZTk3YWRhYTU5YjQ2MTdkMmYzMTUxMTE2MjA3NWUxZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/owbpTzgCmpQdikMwwXp9fTXnoE
B6B/bJVU1UNH30XLgd99IOzpNb5LDTNINZzor3akEjqq0v9mb7aen8RY69h5yJhP
8fMO3kd773QzLP5OjXop49cMSCdxsxhjC6Xc+uERFL+lgLIRznzeU6+NEqs6uCzu
jWndlyxjINZ89qxcTJ8wQcURpr/PiXQpThnZFkJQkoyVvUGb6aayAS74DZKw/u/9
8354xZ62qfp00TlACecn/f6AAfgIdpww28vW/QgsDYGqrfT8T4mdalAus2gfU8KL
/sr0oeBeNX7+Qz5TutDTuRcpIY7alcIhuXXkY1Xv9WHxe/1AU9a9lm4XcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPaQ76XrapZtGF9LzFREWIHXh7yMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArYgXhtWR
xYXz0SgqUA7p8qooRlEvWvX7y0t2isjyKhGVpqGnFn8HuIQX/H+RNY9JWZgIHjIc
iVh4fFgvREGe1+HZ5S/XD+Lh9GmNB01bdB8rBcNpGJN8EtNzELBJXGTjfz3NzuiF
OwHTzjO8oIGgiqSXsukAMcLprx5+TtMv1rt2gnH6iftfaRbak6jt9PenmcGrUMA9
HT6UFPonKDBLY3H8sTpIpSt+Rjt4h+1fecQxJK7vLHwwtRWRs0DBkMrT16h3NQWm
wgEmgd9K6GO+1oMDTUXivgBbNnSUzkdC43VYlx0fp5Ig0adiCf7j6iC8MFPiMPQF
57HOBd2+6+R2nw==
-----END CERTIFICATE-----