Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          4EWIZhTue2CrI8zAwH781vH/SnQxjzCi0yQLwM08u3E=
Subject key identifier:   63:75:7E:BA:04:82:9E:DC:CB:CB:86:2E:DF:55:25:C4:72:B5:6B:E3
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019CAAC6907869553C42143BD5DF986D3079
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0F23
Signing time:             Sun 01 Mar 2026 19:01:05 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:05 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:05 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: FMO+IcIoqV9R+66NtJ3Mj9P12FU0MnGuefTNzXlCwbs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:90:78:69:55:3c:42:14:3b:d5:df:98:6d:30:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Mar  1 19:01:05 2026 GMT
            Not After : Mar  2 19:01:05 2026 GMT
        Subject: CN=63757eba04829edccbcb862edf5525c472b56be3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:64:46:15:7a:5e:4b:cd:ee:d7:96:d1:c0:6c:
                    f3:72:94:59:fa:19:c0:ea:f3:36:dd:f3:09:cc:33:
                    0e:30:4c:6f:aa:88:05:3c:5b:1f:cf:3c:13:17:f3:
                    f8:79:75:97:59:c9:1f:81:ab:12:4b:b6:2c:7d:9c:
                    94:9b:50:7a:32:13:fa:30:de:31:64:3d:f7:fd:59:
                    07:87:65:99:62:f1:eb:2c:db:89:b8:f5:cf:d0:d7:
                    80:03:51:15:28:25:3c:fa:8e:71:f8:22:44:68:55:
                    96:2c:b0:37:b3:b9:9f:35:09:34:9b:94:6d:95:bd:
                    26:8f:98:1d:7f:9d:75:02:de:12:f7:9c:33:b6:39:
                    74:05:d9:66:91:45:5d:9f:06:1f:44:37:34:e1:46:
                    75:74:5c:ff:b8:d2:0e:7f:43:a2:12:27:eb:5f:87:
                    6b:c6:36:7c:a4:38:75:98:c0:98:c7:eb:ec:e6:49:
                    bc:33:90:7c:52:14:97:ed:f8:99:da:81:d1:10:f1:
                    b6:26:a1:b9:8d:d2:71:ec:32:bb:c0:5d:bc:83:9d:
                    89:4c:a9:07:89:7f:35:3b:d3:1b:0b:e0:49:ba:ad:
                    86:72:ac:11:03:01:f5:de:43:c0:b7:d5:f9:03:b6:
                    bf:6d:aa:86:b7:06:8a:c7:b5:b5:c6:f7:46:18:d0:
                    e3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:75:7E:BA:04:82:9E:DC:CB:CB:86:2E:DF:55:25:C4:72:B5:6B:E3
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:86:27:de:98:b9:cd:36:a3:17:3d:5b:cc:87:84:44:fa:00:
         6d:99:9a:99:0b:ce:9a:70:58:d6:14:3a:0a:4d:f4:d7:66:ea:
         17:8c:f7:9b:7a:34:e0:a5:ae:75:ab:f6:d6:ac:b3:ec:b6:fa:
         5a:df:0d:42:d0:ad:d2:02:6b:5b:7b:e7:e3:14:c9:c9:c0:96:
         b6:64:95:54:b8:83:3b:dd:b6:8e:8a:bd:87:46:b3:ef:e4:48:
         de:99:d9:5a:53:7f:50:50:0c:69:7d:30:4b:f9:b5:78:e2:c6:
         17:06:f8:a3:e1:3d:65:16:e0:56:73:8f:9a:e5:25:c5:59:40:
         62:55:37:b4:fa:c5:05:cf:ac:e6:df:0f:3e:0d:72:72:be:15:
         43:a6:01:cf:2d:51:13:ba:9f:e8:3d:9c:82:8c:c5:37:41:06:
         f3:73:d6:17:e6:77:d7:0b:9e:0d:7e:b7:2a:45:2e:65:b7:3b:
         26:30:ea:83:8f:3d:56:6d:67:5e:bf:41:1d:fa:6b:2b:03:0c:
         6b:fc:09:c4:55:1d:5f:ae:7e:26:75:e6:18:2e:fb:47:34:ed:
         e9:1d:f7:80:ac:2b:c0:99:1f:16:2c:c4:df:35:33:17:8f:37:
         76:4a:b4:3d:fc:43:dc:d2:94:69:57:9b:f5:45:0c:47:45:de:
         c6:cc:17:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxpB4aVU8QhQ71d+YbTB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjYwMzAxMTkwMTA1WhcNMjYwMzAyMTkwMTA1WjAzMTEwLwYDVQQD
Eyg2Mzc1N2ViYTA0ODI5ZWRjY2JjYjg2MmVkZjU1MjVjNDcyYjU2YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2RGFXpeS83u15bRwGzzcpRZ+hnA
6vM23fMJzDMOMExvqogFPFsfzzwTF/P4eXWXWckfgasSS7YsfZyUm1B6MhP6MN4x
ZD33/VkHh2WZYvHrLNuJuPXP0NeAA1EVKCU8+o5x+CJEaFWWLLA3s7mfNQk0m5Rt
lb0mj5gdf511At4S95wztjl0BdlmkUVdnwYfRDc04UZ1dFz/uNIOf0OiEifrX4dr
xjZ8pDh1mMCYx+vs5km8M5B8UhSX7fiZ2oHREPG2JqG5jdJx7DK7wF28g52JTKkH
iX81O9MbC+BJuq2GcqwRAwH13kPAt9X5A7a/baqGtwaKx7W1xvdGGNDjwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGN1froEgp7cy8uGLt9VJcRytWvjMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4Yn3pi5
zTajFz1bzIeERPoAbZmamQvOmnBY1hQ6Ck3012bqF4z3m3o04KWudav21qyz7Lb6
Wt8NQtCt0gJrW3vn4xTJycCWtmSVVLiDO922joq9h0az7+RI3pnZWlN/UFAMaX0w
S/m1eOLGFwb4o+E9ZRbgVnOPmuUlxVlAYlU3tPrFBc+s5t8PPg1ycr4VQ6YBzy1R
E7qf6D2cgozFN0EG83PWF+Z31wueDX63KkUuZbc7JjDqg489Vm1nXr9BHfprKwMM
a/wJxFUdX65+JnXmGC77RzTt6R33gKwrwJkfFizE3zUzF483dkq0PfxD3NKUaVeb
9UUMR0XexswXyQ==
-----END CERTIFICATE-----