Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          FGhqPdH/+9A/F5JzuHdeT19oYr35irZyqC2AgutjnYg=
Subject key identifier:   93:61:A9:57:65:B0:C8:67:AD:11:49:AD:50:ED:03:8D:29:22:27:D2
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019D37C110A1C7826F9D5B4FB8184B02747A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0C4E
Signing time:             Sun 29 Mar 2026 04:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:32 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: vie/ehXuG6w7Ae7CHzv/fP6fDPRLc2U4gvWB3ArZClM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:10:a1:c7:82:6f:9d:5b:4f:b8:18:4b:02:74:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Mar 29 04:01:32 2026 GMT
            Not After : Mar 30 04:01:32 2026 GMT
        Subject: CN=9361a95765b0c867ad1149ad50ed038d292227d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:00:ea:ca:89:af:a3:15:ac:e0:da:f0:12:0a:
                    15:50:bc:e4:b3:e0:83:f5:68:87:61:52:97:50:43:
                    91:b1:9e:45:67:1c:4a:6a:ef:e7:38:9d:4e:2e:8b:
                    8a:e0:5d:fb:ed:78:0e:8c:a4:3b:97:8c:01:c6:26:
                    aa:41:eb:18:f6:55:9d:9c:56:60:78:e1:11:79:e1:
                    35:c6:38:6d:55:d5:37:8e:4f:9a:93:4d:57:75:7f:
                    e7:86:c8:3f:0a:46:ae:fa:f0:72:f7:6d:29:a3:e2:
                    3d:50:e3:eb:d7:e1:81:dc:e9:10:00:97:8a:e8:72:
                    ac:23:93:72:b7:92:9d:67:13:e2:0e:f0:2d:a9:2f:
                    64:25:27:06:40:ee:6b:71:2c:64:09:c4:f6:7e:55:
                    4b:81:8d:09:97:2a:63:9b:e6:6a:41:c0:30:ed:fd:
                    c8:0e:61:c5:ac:21:a7:88:0c:c7:00:d4:32:06:ad:
                    e5:66:5c:60:69:f9:0a:fd:4e:17:ea:3b:b4:04:89:
                    23:3b:b0:1b:22:f3:19:23:5c:58:3f:35:c8:0e:88:
                    9e:91:1e:45:00:29:a1:8a:5c:c9:21:42:3c:9f:9b:
                    dc:ec:ab:ba:30:fe:a8:a7:95:f0:8e:d6:31:63:3a:
                    ce:9e:16:eb:5a:88:79:8e:e7:47:73:f2:0c:49:18:
                    90:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:61:A9:57:65:B0:C8:67:AD:11:49:AD:50:ED:03:8D:29:22:27:D2
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:8f:83:bf:b6:2e:06:72:b4:d2:f4:6b:75:8c:ff:d3:52:50:
         8e:cc:ce:55:fd:b8:f0:65:9a:63:b5:01:13:02:69:e3:bb:9a:
         6f:a9:08:65:66:3e:d2:92:ce:83:d9:38:fc:63:8a:a5:6d:91:
         40:d9:44:81:95:6e:5c:b2:d3:81:09:c5:25:ee:bc:35:d8:40:
         33:98:c3:0c:70:7f:69:cb:67:32:f0:c7:6d:e4:ce:3b:34:cb:
         0f:97:45:08:75:25:04:a1:33:4d:13:a5:21:6f:39:cf:80:3b:
         b0:f8:ba:f2:58:3e:1d:5f:33:3a:c3:d1:fe:7b:73:96:df:e5:
         bc:8f:c6:41:23:c6:29:48:c7:65:13:82:00:f3:99:11:7f:cd:
         ec:66:b5:29:09:7c:0a:f5:04:8f:07:36:2c:25:77:25:b1:21:
         43:a1:2d:7c:03:fc:81:9d:dd:9f:46:00:a2:57:2a:87:c0:26:
         42:ae:dc:0c:c1:ca:c5:b4:a9:70:26:d3:85:8f:47:99:eb:d1:
         a7:b2:46:cb:a3:e6:1e:e3:cc:be:2c:cb:c4:98:70:a2:69:e4:
         c4:a8:4f:3c:b9:d9:5b:d4:9e:a7:70:3b:a0:2e:88:61:ac:93:
         ae:69:6e:41:f7:4d:26:c3:95:ec:9a:af:d0:1e:9a:b9:83:20:
         f9:ad:79:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wRChx4JvnVtPuBhLAnR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjYwMzI5MDQwMTMyWhcNMjYwMzMwMDQwMTMyWjAzMTEwLwYDVQQD
Eyg5MzYxYTk1NzY1YjBjODY3YWQxMTQ5YWQ1MGVkMDM4ZDI5MjIyN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QDqyomvoxWs4NrwEgoVULzks+CD
9WiHYVKXUEORsZ5FZxxKau/nOJ1OLouK4F377XgOjKQ7l4wBxiaqQesY9lWdnFZg
eOEReeE1xjhtVdU3jk+ak01XdX/nhsg/Ckau+vBy920po+I9UOPr1+GB3OkQAJeK
6HKsI5Nyt5KdZxPiDvAtqS9kJScGQO5rcSxkCcT2flVLgY0Jlypjm+ZqQcAw7f3I
DmHFrCGniAzHANQyBq3lZlxgafkK/U4X6ju0BIkjO7AbIvMZI1xYPzXIDoiekR5F
ACmhilzJIUI8n5vc7Ku6MP6op5XwjtYxYzrOnhbrWoh5judHc/IMSRiQQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNhqVdlsMhnrRFJrVDtA40pIifSMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAho+Dv7Yu
BnK00vRrdYz/01JQjszOVf248GWaY7UBEwJp47uab6kIZWY+0pLOg9k4/GOKpW2R
QNlEgZVuXLLTgQnFJe68NdhAM5jDDHB/actnMvDHbeTOOzTLD5dFCHUlBKEzTROl
IW85z4A7sPi68lg+HV8zOsPR/ntzlt/lvI/GQSPGKUjHZROCAPOZEX/N7Ga1KQl8
CvUEjwc2LCV3JbEhQ6EtfAP8gZ3dn0YAolcqh8AmQq7cDMHKxbSpcCbThY9HmevR
p7JGy6PmHuPMvizLxJhwomnkxKhPPLnZW9Sep3A7oC6IYayTrmluQfdNJsOV7Jqv
0B6auYMg+a15mQ==
-----END CERTIFICATE-----