Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
File:                     5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json)
Hash identifier:          0MacPXdgMflP6bfH1vc2Xyt8mKxZ186Fn4D7/1GBILQ=
Subject key identifier:   B2:77:B7:5F:46:28:F7:55:12:66:DD:57:7F:0B:6C:E5:64:19:42:4A
Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33
Certificate issuer:       /CN=e5c7c39a5912ddc21e9f6b519896725762127833
Certificate serial:       019D3A53BADCAA7499009959AF5DB1D11989
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
Manifest number:          040A
Signing time:             Sun 29 Mar 2026 16:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:58 +0000
Files and hashes:         1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: tWyCkf4Wj8FcTtp0MMZKDnKuQYwlWwZTZ7+JmaODyAs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:ba:dc:aa:74:99:00:99:59:af:5d:b1:d1:19:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833
        Validity
            Not Before: Mar 29 16:00:58 2026 GMT
            Not After : Mar 30 16:00:58 2026 GMT
        Subject: CN=b277b75f4628f7551266dd577f0b6ce56419424a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:34:78:fa:2d:2a:eb:13:ea:79:fc:1e:03:b3:
                    9d:c4:bf:08:3a:b7:66:80:d8:2c:aa:2b:48:af:b2:
                    8a:ce:42:5b:fa:19:64:d4:1b:8c:58:df:25:99:3e:
                    ce:13:33:b3:03:43:a8:f9:34:b7:30:76:04:00:cb:
                    16:d1:70:1b:91:de:91:96:4a:28:55:4f:6d:cf:5c:
                    9b:d8:be:f1:48:38:7f:a4:52:ea:f1:ec:3b:fb:42:
                    e3:45:27:54:31:11:af:4b:d2:f2:4a:3c:35:61:b0:
                    78:df:62:5a:1a:d3:e5:58:c2:24:01:27:a7:8f:07:
                    8b:08:b5:2e:73:5f:0d:90:e8:d8:bd:c1:d0:99:ce:
                    63:3d:32:85:c0:bc:52:b4:93:d7:66:5c:91:92:fe:
                    64:e3:b7:36:f0:94:5d:0c:a4:22:d6:34:62:11:69:
                    b6:b4:8d:63:bf:fb:64:57:c4:e6:a3:f5:d5:73:93:
                    9d:15:ea:1e:9c:8d:3d:16:50:29:82:68:60:05:2e:
                    13:68:b7:4b:22:69:ab:be:c0:5a:ac:c6:86:35:79:
                    3e:49:45:bd:e9:60:0d:df:6b:cd:02:10:5d:e5:64:
                    dd:f1:0d:72:d8:96:18:d7:c5:de:14:f1:37:91:8e:
                    8c:07:f6:b4:ef:bf:1d:99:5e:64:85:e3:6b:b8:6c:
                    df:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:77:B7:5F:46:28:F7:55:12:66:DD:57:7F:0B:6C:E5:64:19:42:4A
            X509v3 Authority Key Identifier:
                keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:d0:3c:ed:cc:5e:bd:b3:89:a4:af:6c:d2:fc:bd:95:46:36:
         43:05:3d:3f:79:a3:a8:84:e5:72:92:e7:b9:e2:fe:f9:c7:53:
         59:5e:e8:16:1e:34:79:b2:42:c7:5d:24:cc:01:d3:86:8a:c8:
         37:82:5a:c2:fb:df:26:61:d9:a3:23:ed:2b:0d:59:01:52:08:
         7c:d4:03:30:b5:5e:f3:10:dd:65:21:2a:09:d7:17:8d:5e:51:
         4a:80:11:55:bd:3e:35:6f:1c:7b:2b:65:94:ab:22:b1:92:1c:
         22:80:a1:f1:4a:ce:17:12:15:b7:a9:33:a9:b4:5e:2f:7e:14:
         ed:f6:e8:c6:3e:31:c0:fd:db:13:88:4f:86:b0:c5:09:16:36:
         1c:a1:40:dd:ed:46:3a:96:c3:32:b3:96:80:d9:9c:ad:b0:c1:
         67:a0:24:b9:a6:7c:7e:f8:6d:05:9e:f7:77:7b:7e:da:19:b5:
         92:59:f3:26:ce:24:06:11:31:55:1e:34:71:e0:78:aa:e0:85:
         f0:42:56:eb:e1:46:ab:ec:a2:bf:20:e1:8f:31:3a:e0:01:92:
         c8:7f:9a:77:78:1a:01:22:62:ff:94:ad:9e:85:8e:2f:48:b0:
         bc:74:63:0a:66:66:19:ae:4f:a4:2b:3e:6e:f6:40:36:70:c2:
         9c:5b:f8:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U7rcqnSZAJlZr12x0RmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx
Mjc4MzMwHhcNMjYwMzI5MTYwMDU4WhcNMjYwMzMwMTYwMDU4WjAzMTEwLwYDVQQD
EyhiMjc3Yjc1ZjQ2MjhmNzU1MTI2NmRkNTc3ZjBiNmNlNTY0MTk0MjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTR4+i0q6xPqefweA7OdxL8IOrdm
gNgsqitIr7KKzkJb+hlk1BuMWN8lmT7OEzOzA0Oo+TS3MHYEAMsW0XAbkd6Rlkoo
VU9tz1yb2L7xSDh/pFLq8ew7+0LjRSdUMRGvS9LySjw1YbB432JaGtPlWMIkASen
jweLCLUuc18NkOjYvcHQmc5jPTKFwLxStJPXZlyRkv5k47c28JRdDKQi1jRiEWm2
tI1jv/tkV8Tmo/XVc5OdFeoenI09FlApgmhgBS4TaLdLImmrvsBarMaGNXk+SUW9
6WAN32vNAhBd5WTd8Q1y2JYY18XeFPE3kY6MB/a0778dmV5kheNruGzfswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJ3t19GKPdVEmbdV38LbOVkGUJKMB8GA1UdIwQY
MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt
MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4
LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4NA87cxe
vbOJpK9s0vy9lUY2QwU9P3mjqITlcpLnueL++cdTWV7oFh40ebJCx10kzAHThorI
N4JawvvfJmHZoyPtKw1ZAVIIfNQDMLVe8xDdZSEqCdcXjV5RSoARVb0+NW8ceytl
lKsisZIcIoCh8UrOFxIVt6kzqbReL34U7fboxj4xwP3bE4hPhrDFCRY2HKFA3e1G
OpbDMrOWgNmcrbDBZ6AkuaZ8fvhtBZ73d3t+2hm1klnzJs4kBhExVR40ceB4quCF
8EJW6+FGq+yivyDhjzE64AGSyH+ad3gaASJi/5StnoWOL0iwvHRjCmZmGa5PpCs+
bvZANnDCnFv4UQ==
-----END CERTIFICATE-----