Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          D815+M5T5LDw1AQg398vaD+pivT5DrMH/6THsNlmpIc=
Subject key identifier:   57:DF:55:5C:63:A4:29:6A:CD:18:AC:70:D7:41:60:D6:10:DE:48:08
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019D9A3E093D9198DA8FEC9D7E022D454C91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0F9F
Signing time:             Fri 17 Apr 2026 07:00:49 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:49 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:49 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: +yB0kxfyncxsEafsAfLvhNLub+0jmquG9zRm6auk8YI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:09:3d:91:98:da:8f:ec:9d:7e:02:2d:45:4c:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Apr 17 07:00:49 2026 GMT
            Not After : Apr 18 07:00:49 2026 GMT
        Subject: CN=57df555c63a4296acd18ac70d74160d610de4808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ee:b8:90:5f:3a:5f:ae:13:50:72:b4:40:17:
                    0e:34:27:14:75:fe:a2:93:24:b1:e6:52:83:88:ff:
                    9c:dc:8c:d6:05:41:fa:ca:36:b5:95:a2:92:08:4d:
                    cd:31:18:87:3b:32:c7:99:b5:e3:8d:dd:84:ff:eb:
                    23:0d:31:27:fb:0a:9f:b3:0b:94:00:da:98:a6:e1:
                    03:0e:5b:b3:b6:07:c9:99:ef:25:72:c0:19:fc:35:
                    3b:68:2b:3e:53:ed:03:ec:ca:38:69:39:0d:11:67:
                    81:d3:13:6a:38:f1:3f:ee:09:c9:c8:4c:fb:02:86:
                    fb:00:8c:b0:45:2a:d7:60:73:6b:2b:2a:c9:51:7e:
                    11:20:5a:94:13:b9:67:11:6c:15:9e:11:be:26:04:
                    1f:5e:4f:fd:0a:3b:b8:85:55:2a:e2:8a:f4:e3:b6:
                    10:38:8a:02:7c:36:42:5e:a4:2b:8a:ef:f4:48:30:
                    30:ab:cd:e5:e6:f8:e4:fc:1f:3e:59:ca:55:60:ff:
                    c1:5f:c8:bb:6f:19:20:39:ff:20:13:2d:0f:60:e8:
                    a1:7f:97:07:f4:6a:29:83:ce:e7:b5:61:99:52:48:
                    9d:bd:17:f8:74:98:f4:65:87:dc:02:50:8e:80:05:
                    31:4d:cf:bf:59:9c:48:b0:a9:7d:c5:2d:c6:23:33:
                    c9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:DF:55:5C:63:A4:29:6A:CD:18:AC:70:D7:41:60:D6:10:DE:48:08
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:55:d6:c7:2a:3f:0f:23:85:d4:84:58:6c:da:25:30:5c:61:
         ef:9d:01:50:f7:61:3b:e0:27:f7:b4:de:29:0d:f2:11:92:7c:
         25:36:48:d3:61:3e:0f:fd:e5:90:f4:f9:20:8e:f8:b0:cd:70:
         70:0e:5e:ab:5d:54:b7:7b:56:12:13:79:61:0e:6b:a5:51:3d:
         fd:bf:7f:24:8c:1e:f4:07:c0:bf:c5:2d:8c:a8:04:a7:c5:77:
         25:38:43:1b:21:12:b1:8e:06:a0:42:fa:d5:94:11:10:65:24:
         34:76:23:2d:79:aa:be:fe:4f:f8:1a:47:3d:2d:f3:bf:59:30:
         2c:cf:04:8e:73:d3:66:47:70:f4:67:a6:24:7f:73:a9:dc:b0:
         99:ff:94:1e:7d:d7:8f:7d:52:01:92:4c:c3:79:0b:03:77:a6:
         0e:59:69:4c:38:45:e5:8f:8f:04:7a:ae:a0:68:84:7f:b9:0e:
         b9:66:79:41:77:db:ce:b3:5b:33:b3:c4:01:ab:be:02:c7:a6:
         66:34:3e:46:39:26:c6:d0:bf:0f:f0:29:e1:cd:a9:32:9f:5f:
         8a:c4:29:98:cf:2b:1d:14:9e:40:0c:53:b0:bf:e0:29:28:3b:
         cf:87:88:85:8d:5e:e8:f6:9c:f2:4a:79:de:77:c7:ea:0b:53:
         b4:d5:8f:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPgk9kZjaj+ydfgItRUyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjYwNDE3MDcwMDQ5WhcNMjYwNDE4MDcwMDQ5WjAzMTEwLwYDVQQD
Eyg1N2RmNTU1YzYzYTQyOTZhY2QxOGFjNzBkNzQxNjBkNjEwZGU0ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO64kF86X64TUHK0QBcONCcUdf6i
kySx5lKDiP+c3IzWBUH6yja1laKSCE3NMRiHOzLHmbXjjd2E/+sjDTEn+wqfswuU
ANqYpuEDDluztgfJme8lcsAZ/DU7aCs+U+0D7Mo4aTkNEWeB0xNqOPE/7gnJyEz7
Aob7AIywRSrXYHNrKyrJUX4RIFqUE7lnEWwVnhG+JgQfXk/9Cju4hVUq4or047YQ
OIoCfDZCXqQriu/0SDAwq83l5vjk/B8+WcpVYP/BX8i7bxkgOf8gEy0PYOihf5cH
9Gopg87ntWGZUkidvRf4dJj0ZYfcAlCOgAUxTc+/WZxIsKl9xS3GIzPJIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFffVVxjpClqzRiscNdBYNYQ3kgIMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1XWxyo/
DyOF1IRYbNolMFxh750BUPdhO+An97TeKQ3yEZJ8JTZI02E+D/3lkPT5II74sM1w
cA5eq11Ut3tWEhN5YQ5rpVE9/b9/JIwe9AfAv8UtjKgEp8V3JThDGyESsY4GoEL6
1ZQREGUkNHYjLXmqvv5P+BpHPS3zv1kwLM8EjnPTZkdw9GemJH9zqdywmf+UHn3X
j31SAZJMw3kLA3emDllpTDhF5Y+PBHquoGiEf7kOuWZ5QXfbzrNbM7PEAau+Asem
ZjQ+RjkmxtC/D/Ap4c2pMp9fisQpmM8rHRSeQAxTsL/gKSg7z4eIhY1e6Pac8kp5
3nfH6gtTtNWPKA==
-----END CERTIFICATE-----