Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          5bpWvWJcbQWKAUZpY4I35kAPOx55ch/8Oh6HGI1LonI=
Subject key identifier:   79:FD:88:C1:B2:D2:B2:42:6A:8A:E8:66:43:3F:88:EE:85:1F:C3:98
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019E2F96580E3D5716B84508F68C122DF1FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          1240
Signing time:             Sat 16 May 2026 07:00:42 +0000
Manifest this update:     Sat 16 May 2026 07:00:42 +0000
Manifest next update:     Sun 17 May 2026 07:00:42 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: zOa4XhTtrtYCRpU3mmS0Dpx48Mim0T4P2RRB8O3ffOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:58:0e:3d:57:16:b8:45:08:f6:8c:12:2d:f1:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: May 16 07:00:42 2026 GMT
            Not After : May 17 07:00:42 2026 GMT
        Subject: CN=79fd88c1b2d2b2426a8ae866433f88ee851fc398
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:59:b5:49:81:56:35:7c:23:5b:a8:30:e9:d4:
                    60:8d:6f:6b:0e:94:22:f9:aa:89:e8:96:82:c3:c8:
                    b1:83:16:77:73:b8:79:8d:a7:b5:e9:1a:d7:f7:86:
                    e1:c6:92:2e:2c:56:5a:75:08:a8:e7:7b:29:d0:dc:
                    0c:67:1a:db:96:a9:d2:ae:b1:ca:3e:16:85:a7:69:
                    b4:2f:d7:6c:61:c7:5c:49:85:bf:4c:bd:ec:87:d2:
                    e3:68:91:2c:31:44:f5:c3:ab:d3:36:ff:ed:2e:f9:
                    c4:05:8f:ca:c5:9b:a4:e2:d6:19:47:96:7f:3a:47:
                    21:85:0e:1a:98:a3:4c:7b:03:ec:d3:fe:62:44:14:
                    c5:a7:47:93:14:d4:70:93:2d:71:38:b4:36:40:7b:
                    7f:94:a6:30:8c:43:b9:dd:00:55:68:bb:72:82:72:
                    e2:68:d0:5e:06:52:4e:6a:cc:dd:90:4a:4c:2f:b8:
                    e3:ed:50:e6:c6:81:b0:f2:a6:8a:87:4c:b6:6c:05:
                    a0:5f:87:79:eb:1b:46:46:14:a6:d1:db:3d:56:cb:
                    b8:4a:2e:3f:cf:33:bd:ca:1d:6f:66:a8:a0:ef:18:
                    01:79:e6:f2:3d:11:19:d2:1e:71:02:ac:2e:80:da:
                    a7:19:11:5c:2f:cd:64:b3:68:9a:70:d8:96:c4:ec:
                    9a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:FD:88:C1:B2:D2:B2:42:6A:8A:E8:66:43:3F:88:EE:85:1F:C3:98
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:b9:0a:d8:0c:60:6f:5f:00:07:d0:0a:58:8c:01:9c:7f:54:
         15:33:f8:f1:0c:0d:b6:d1:18:a6:23:b4:d8:56:43:48:e2:11:
         4c:44:9b:9f:01:ea:bf:24:a6:12:fa:90:66:dd:1b:5b:1e:aa:
         ca:8a:bb:ca:c3:97:2a:c1:e0:0c:dc:cc:70:19:64:c2:be:14:
         ae:ea:ea:70:5f:ab:bd:f6:d7:ef:ed:03:09:9d:8a:94:e6:e1:
         85:b0:b1:18:e0:c2:a9:ca:54:ad:10:67:06:c5:d3:60:09:04:
         2f:5d:f0:75:b7:1d:f4:82:7d:f6:79:42:94:6c:3a:17:6d:eb:
         ae:80:af:ac:6b:8e:49:87:af:60:b4:84:f7:4f:47:a2:f3:b0:
         d0:ff:82:bf:50:d5:da:3c:d0:52:7e:4b:19:06:09:e1:c8:c8:
         c8:5a:9c:b0:de:c5:b3:4b:a8:da:21:d9:b9:55:8d:0a:3b:20:
         73:f1:8b:fa:16:dd:c4:30:63:b7:c4:93:ca:ab:01:d7:1e:ef:
         75:dc:6a:21:e4:94:78:9a:50:1b:b2:c9:7c:69:32:36:bd:96:
         1e:72:91:82:ed:af:b7:ac:39:5b:b1:29:24:ce:d5:3f:cd:6f:
         07:74:13:0e:4f:a5:4f:65:c6:f7:14:15:0f:d3:32:ac:83:ac:
         26:1b:51:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vllgOPVcWuEUI9owSLfH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwNTE2MDcwMDQyWhcNMjYwNTE3MDcwMDQyWjAzMTEwLwYDVQQD
Eyg3OWZkODhjMWIyZDJiMjQyNmE4YWU4NjY0MzNmODhlZTg1MWZjMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fm1SYFWNXwjW6gw6dRgjW9rDpQi
+aqJ6JaCw8ixgxZ3c7h5jae16RrX94bhxpIuLFZadQio53sp0NwMZxrblqnSrrHK
PhaFp2m0L9dsYcdcSYW/TL3sh9LjaJEsMUT1w6vTNv/tLvnEBY/KxZuk4tYZR5Z/
OkchhQ4amKNMewPs0/5iRBTFp0eTFNRwky1xOLQ2QHt/lKYwjEO53QBVaLtygnLi
aNBeBlJOaszdkEpML7jj7VDmxoGw8qaKh0y2bAWgX4d56xtGRhSm0ds9Vsu4Si4/
zzO9yh1vZqig7xgBeebyPREZ0h5xAqwugNqnGRFcL81ks2iacNiWxOyaoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn9iMGy0rJCaoroZkM/iO6FH8OYMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxbkK2Axg
b18AB9AKWIwBnH9UFTP48QwNttEYpiO02FZDSOIRTESbnwHqvySmEvqQZt0bWx6q
yoq7ysOXKsHgDNzMcBlkwr4UrurqcF+rvfbX7+0DCZ2KlObhhbCxGODCqcpUrRBn
BsXTYAkEL13wdbcd9IJ99nlClGw6F23rroCvrGuOSYevYLSE909HovOw0P+Cv1DV
2jzQUn5LGQYJ4cjIyFqcsN7Fs0uo2iHZuVWNCjsgc/GL+hbdxDBjt8STyqsB1x7v
ddxqIeSUeJpQG7LJfGkyNr2WHnKRgu2vt6w5W7EpJM7VP81vB3QTDk+lT2XG9xQV
D9MyrIOsJhtReA==
-----END CERTIFICATE-----