Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
File:                     5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json)
Hash identifier:          yGGVQJNKmot1i3BbrwFP+n3P0WQlqZblNfwazRXokh4=
Subject key identifier:   DE:5C:7F:0A:8E:C6:C3:5F:31:8C:D3:E6:C9:80:94:DE:E0:43:58:F1
Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32
Certificate issuer:       /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
Certificate serial:       019D3A8A5B5BB3D60EAE3365C2CD9534FE2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
Manifest number:          0F15
Signing time:             Sun 29 Mar 2026 17:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 17:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 17:00:38 +0000
Files and hashes:         1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: Yu0auHqysxJijlQX2+7vKyaHLSCClh5cUG9th9IB9+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:5b:5b:b3:d6:0e:ae:33:65:c2:cd:95:34:fe:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232
        Validity
            Not Before: Mar 29 17:00:38 2026 GMT
            Not After : Mar 30 17:00:38 2026 GMT
        Subject: CN=de5c7f0a8ec6c35f318cd3e6c98094dee04358f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:14:8b:ae:e2:48:77:54:3e:36:ba:74:39:32:
                    6d:94:6e:ee:56:cd:9f:f7:52:cf:21:42:c7:c2:44:
                    50:57:b1:ee:e8:9b:83:fb:8c:f2:48:14:f1:84:c7:
                    0d:db:17:cc:74:2e:7d:e9:9c:e5:8c:0f:41:fb:82:
                    14:f7:ce:16:f5:30:70:0d:1b:31:21:ff:23:ee:d8:
                    31:0a:30:a9:46:b0:d8:75:2d:d5:d7:03:fe:cd:a5:
                    48:7f:7a:1d:e2:50:e2:5e:e7:f5:39:af:ed:14:d7:
                    5b:47:8a:b1:e0:18:d9:41:78:1e:f2:15:5c:1b:bf:
                    c9:b9:38:1c:ee:42:d6:79:24:a7:5b:9d:d5:34:6f:
                    c9:8e:95:a6:5c:86:02:e2:d5:00:79:79:88:62:69:
                    0a:79:ba:ac:ae:bd:80:3f:f6:55:80:18:0c:a1:b8:
                    61:20:ad:46:4a:7f:96:3e:28:2d:f1:a7:82:c7:29:
                    54:8f:bc:50:b7:9d:ed:04:99:26:03:27:da:56:e1:
                    3b:dc:79:53:78:32:26:fc:59:c4:18:78:77:22:32:
                    20:12:b0:0b:ff:f3:d7:59:48:6c:34:f7:fd:f3:9d:
                    19:4d:35:64:0c:7e:c3:2e:6e:40:79:40:fb:01:d3:
                    bf:db:4b:a2:83:0e:40:ed:05:b0:73:b6:4e:0a:ce:
                    a4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5C:7F:0A:8E:C6:C3:5F:31:8C:D3:E6:C9:80:94:DE:E0:43:58:F1
            X509v3 Authority Key Identifier:
                keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:b6:f3:83:1e:07:b1:96:4e:56:73:60:53:21:f8:42:9d:db:
         c6:35:03:b3:b8:fb:ed:41:24:16:4c:fa:07:6b:0a:c4:ee:ff:
         b0:6a:b3:2d:0b:60:88:d7:d8:87:12:a7:bc:80:44:28:62:b2:
         ab:f0:7a:f6:d8:b6:6c:6f:d4:f7:3e:ed:f5:36:17:58:89:98:
         af:41:f5:d3:ba:e7:1e:81:a9:c2:4e:8b:ba:99:fa:6e:99:cf:
         c4:b9:18:9b:b9:ff:d6:dd:38:97:1c:d6:09:18:b8:83:d8:55:
         ea:c0:5b:28:ac:8b:a0:81:2c:19:84:48:99:94:dc:fa:ad:75:
         9f:0e:d2:85:01:36:9c:cb:1f:38:6c:21:c0:a0:ae:b0:1e:6f:
         18:f0:93:8d:55:33:00:fa:4c:73:e1:b1:8e:2e:01:f9:07:88:
         e5:63:c7:9f:bc:38:d9:f4:8c:61:a0:de:1b:32:13:5f:b9:60:
         cb:6e:dc:b0:4d:da:e2:e9:59:fb:62:52:67:c8:79:19:2d:9a:
         47:68:29:bb:f2:41:a7:94:b2:68:4c:ba:cc:fa:bc:b2:c2:64:
         0a:6b:86:45:b2:f0:64:3c:34:3e:fa:2c:4a:c5:77:9e:f2:eb:
         6e:9d:31:f8:90:3c:50:b9:9e:75:fe:f9:de:ca:5c:cb:c7:e7:
         f3:2b:64:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06iltbs9YOrjNlws2VNP4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3
ZGMyMzIwHhcNMjYwMzI5MTcwMDM4WhcNMjYwMzMwMTcwMDM4WjAzMTEwLwYDVQQD
EyhkZTVjN2YwYThlYzZjMzVmMzE4Y2QzZTZjOTgwOTRkZWUwNDM1OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRSLruJId1Q+Nrp0OTJtlG7uVs2f
91LPIULHwkRQV7Hu6JuD+4zySBTxhMcN2xfMdC596ZzljA9B+4IU984W9TBwDRsx
If8j7tgxCjCpRrDYdS3V1wP+zaVIf3od4lDiXuf1Oa/tFNdbR4qx4BjZQXge8hVc
G7/JuTgc7kLWeSSnW53VNG/JjpWmXIYC4tUAeXmIYmkKebqsrr2AP/ZVgBgMobhh
IK1GSn+WPigt8aeCxylUj7xQt53tBJkmAyfaVuE73HlTeDIm/FnEGHh3IjIgErAL
//PXWUhsNPf9850ZTTVkDH7DLm5AeUD7AdO/20uigw5A7QWwc7ZOCs6kFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5cfwqOxsNfMYzT5smAlN7gQ1jxMB8GA1UdIwQY
MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt
OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm
LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhrbzgx4H
sZZOVnNgUyH4Qp3bxjUDs7j77UEkFkz6B2sKxO7/sGqzLQtgiNfYhxKnvIBEKGKy
q/B69ti2bG/U9z7t9TYXWImYr0H107rnHoGpwk6Lupn6bpnPxLkYm7n/1t04lxzW
CRi4g9hV6sBbKKyLoIEsGYRImZTc+q11nw7ShQE2nMsfOGwhwKCusB5vGPCTjVUz
APpMc+Gxji4B+QeI5WPHn7w42fSMYaDeGzITX7lgy27csE3a4ulZ+2JSZ8h5GS2a
R2gpu/JBp5SyaEy6zPq8ssJkCmuGRbLwZDw0PvosSsV3nvLrbp0x+JA8ULmedf75
3spcy8fn8ytkGQ==
-----END CERTIFICATE-----