Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          gR/sf+Hz/7Y0NHLwTilA+/Oa7pJs9FO8OvejfVYxmh0=
Subject key identifier:   B3:FF:24:7D:0E:5C:13:FF:43:9D:A6:D7:0E:8A:43:A6:EB:2B:FD:AB
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019D3866B1CF5AC6D36EB8B2881D4EECA0F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          11C0
Signing time:             Sun 29 Mar 2026 07:02:27 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:27 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:27 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: GJDXYl+Ui03qHdmt55kt0rUUjU4D4WiG0mAFV72y+cY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:b1:cf:5a:c6:d3:6e:b8:b2:88:1d:4e:ec:a0:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Mar 29 07:02:27 2026 GMT
            Not After : Mar 30 07:02:27 2026 GMT
        Subject: CN=b3ff247d0e5c13ff439da6d70e8a43a6eb2bfdab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c1:09:90:0e:f9:0d:d8:21:b7:4f:63:71:8d:
                    19:c9:c2:bc:1f:e6:c2:cb:64:8b:86:aa:52:ad:a4:
                    7e:90:2f:a7:44:53:af:2a:8f:77:ae:06:8a:69:6a:
                    89:6e:e7:fc:a2:72:56:86:42:dd:73:ca:6a:df:b6:
                    44:41:f4:69:94:df:e7:1d:1d:05:1e:d3:46:b6:06:
                    7a:ec:4c:31:6f:5a:c2:24:b8:21:fd:0f:3f:31:cc:
                    04:05:04:41:92:df:fe:7a:de:58:29:bd:4e:21:50:
                    83:78:a4:9c:a2:df:f2:96:54:b9:93:4b:d6:ae:d2:
                    d4:40:43:0c:f9:88:6d:ce:4a:af:82:06:1f:92:7f:
                    ab:cc:4b:d3:78:48:9a:8a:8c:14:c0:71:f0:f1:72:
                    d3:69:9e:c6:d2:f5:a9:0e:e8:76:11:89:02:00:7a:
                    9e:0b:45:86:1e:54:21:bc:c3:03:27:ad:61:78:a3:
                    c8:01:b0:7b:55:8e:3e:15:9d:66:62:87:03:a2:07:
                    1d:59:11:55:5b:aa:b7:5a:49:ce:23:2c:5e:6a:34:
                    54:7d:f9:94:79:55:05:15:55:e1:08:32:d8:33:44:
                    7d:b7:94:4c:d6:47:1b:af:28:db:94:6a:29:bc:96:
                    ee:46:02:16:ca:c8:ef:e1:f4:59:f4:65:2a:e9:c6:
                    a0:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:FF:24:7D:0E:5C:13:FF:43:9D:A6:D7:0E:8A:43:A6:EB:2B:FD:AB
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:bb:71:35:fb:c9:2e:0f:76:cd:03:5b:0a:bd:36:f8:54:06:
         00:90:85:4b:6d:6c:36:95:33:17:a3:5f:aa:8d:89:44:0d:5f:
         45:6a:3f:f4:26:dd:ef:d9:f1:10:1b:84:9d:08:bf:24:a1:92:
         96:bd:af:a0:ac:53:99:4d:c2:64:db:fe:1e:ee:5b:b3:ac:d1:
         c7:a6:2d:f5:01:93:ab:b1:7b:56:bf:18:4d:94:52:49:18:97:
         f2:d6:12:44:ab:b9:f9:d1:b7:5b:62:d0:2d:44:c6:67:11:65:
         9f:e8:21:aa:94:ad:8e:79:23:7a:e9:c4:6a:c3:de:16:9e:87:
         4f:62:04:58:e0:1e:e6:da:b4:c4:b7:37:40:10:83:77:93:9b:
         da:e2:1d:9d:2d:42:42:b3:f8:97:eb:4b:64:49:38:12:90:ed:
         21:a7:0d:e0:38:bb:dd:1c:e8:aa:59:6c:f1:4d:7b:d4:86:66:
         b0:e6:b7:f1:a7:c3:da:35:1b:a5:df:5d:c6:a2:d2:24:b8:b5:
         93:ba:4f:47:b1:73:88:58:ca:3a:15:f0:f2:c4:1d:0c:37:d6:
         ec:14:a0:fb:06:a2:63:a9:e0:8e:b4:91:cf:85:6c:4e:66:ba:
         4d:8e:35:67:97:7e:34:a7:ea:a1:9a:01:b6:ed:d4:21:95:c1:
         11:1c:63:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZrHPWsbTbriyiB1O7KD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwMzI5MDcwMjI3WhcNMjYwMzMwMDcwMjI3WjAzMTEwLwYDVQQD
EyhiM2ZmMjQ3ZDBlNWMxM2ZmNDM5ZGE2ZDcwZThhNDNhNmViMmJmZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMEJkA75Ddght09jcY0ZycK8H+bC
y2SLhqpSraR+kC+nRFOvKo93rgaKaWqJbuf8onJWhkLdc8pq37ZEQfRplN/nHR0F
HtNGtgZ67Ewxb1rCJLgh/Q8/McwEBQRBkt/+et5YKb1OIVCDeKScot/yllS5k0vW
rtLUQEMM+YhtzkqvggYfkn+rzEvTeEiaiowUwHHw8XLTaZ7G0vWpDuh2EYkCAHqe
C0WGHlQhvMMDJ61heKPIAbB7VY4+FZ1mYocDogcdWRFVW6q3WknOIyxeajRUffmU
eVUFFVXhCDLYM0R9t5RM1kcbryjblGopvJbuRgIWysjv4fRZ9GUq6cagDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLP/JH0OXBP/Q52m1w6KQ6brK/2rMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASbtxNfvJ
Lg92zQNbCr02+FQGAJCFS21sNpUzF6Nfqo2JRA1fRWo/9Cbd79nxEBuEnQi/JKGS
lr2voKxTmU3CZNv+Hu5bs6zRx6Yt9QGTq7F7Vr8YTZRSSRiX8tYSRKu5+dG3W2LQ
LUTGZxFln+ghqpStjnkjeunEasPeFp6HT2IEWOAe5tq0xLc3QBCDd5Ob2uIdnS1C
QrP4l+tLZEk4EpDtIacN4Di73Rzoqlls8U171IZmsOa38afD2jUbpd9dxqLSJLi1
k7pPR7FziFjKOhXw8sQdDDfW7BSg+waiY6ngjrSRz4VsTma6TY41Z5d+NKfqoZoB
tu3UIZXBERxjrg==
-----END CERTIFICATE-----