Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft
File:                     l5SL1vKtFY5iT9jonp718b2x05o.mft (raw, json)
Hash identifier:          O+g2cuRDJNS5hulJityWjXd2JTo2IIgMwuhp+iaLV0M=
Subject key identifier:   91:76:0A:23:9B:0B:8F:0A:BE:21:F5:FE:79:6E:36:0B:C3:68:FA:3F
Authority key identifier: 97:94:8B:D6:F2:AD:15:8E:62:4F:D8:E8:9E:9E:F5:F1:BD:B1:D3:9A
Certificate issuer:       /CN=97948bd6f2ad158e624fd8e89e9ef5f1bdb1d39a
Certificate serial:       019D3A54A0B8C5DC5017326893CE0B75B242
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l5SL1vKtFY5iT9jonp718b2x05o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft
Manifest number:          05BF
Signing time:             Sun 29 Mar 2026 16:01:57 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:57 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:57 +0000
Files and hashes:         1: l5SL1vKtFY5iT9jonp718b2x05o.crl (hash: TmWYCw0s07J0f4SsHwDc6bvYS9lN693VO9xPD6boglc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l5SL1vKtFY5iT9jonp718b2x05o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:a0:b8:c5:dc:50:17:32:68:93:ce:0b:75:b2:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97948bd6f2ad158e624fd8e89e9ef5f1bdb1d39a
        Validity
            Not Before: Mar 29 16:01:57 2026 GMT
            Not After : Mar 30 16:01:57 2026 GMT
        Subject: CN=91760a239b0b8f0abe21f5fe796e360bc368fa3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7c:01:ad:24:f9:0a:20:b7:49:fd:04:b7:50:
                    66:fd:59:1b:9e:17:24:62:c1:8f:1d:8a:41:2a:d4:
                    4f:c1:68:7b:b7:e2:4c:05:84:09:d5:13:85:ef:1c:
                    d2:f2:4c:e8:18:3d:38:66:0d:13:06:a5:f9:a5:50:
                    53:a8:e1:80:ec:02:69:66:5b:7d:26:b1:0b:ac:c9:
                    0e:3b:22:08:db:ea:76:31:6d:1e:3f:28:07:1d:4a:
                    50:df:e8:51:fe:5a:fa:0b:49:f8:c6:f6:76:57:ce:
                    84:f0:ea:a3:2b:65:b5:ce:8c:f3:87:aa:8f:65:63:
                    51:3d:8a:aa:0c:19:22:83:37:29:0e:49:cc:eb:1b:
                    96:b2:9c:7d:8d:a3:4f:4b:32:49:31:9b:6d:ce:99:
                    d1:f6:49:11:75:88:82:ac:34:2f:0f:06:e2:60:22:
                    52:1a:f9:cd:38:65:67:4d:df:29:23:0f:e3:e0:61:
                    b1:e3:00:0a:a8:5d:f4:3a:58:a0:a7:55:6d:4a:ea:
                    17:d3:44:34:a9:28:fc:43:3a:9e:56:3f:ed:5f:49:
                    5a:8e:4e:6c:82:02:57:e3:2f:85:d3:50:84:8a:e3:
                    68:79:ff:5c:13:c8:57:c6:e1:70:9e:f7:c9:e6:c3:
                    50:60:4c:c6:83:7f:5d:a1:11:6e:6f:43:e5:91:b9:
                    22:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:76:0A:23:9B:0B:8F:0A:BE:21:F5:FE:79:6E:36:0B:C3:68:FA:3F
            X509v3 Authority Key Identifier:
                keyid:97:94:8B:D6:F2:AD:15:8E:62:4F:D8:E8:9E:9E:F5:F1:BD:B1:D3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5SL1vKtFY5iT9jonp718b2x05o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:39:55:c2:28:f0:3d:fb:7f:6e:5c:37:a8:7a:73:80:57:9a:
         08:41:81:78:76:c1:d3:e0:c6:5a:12:db:99:a4:05:c3:ef:8c:
         e8:cd:49:81:12:bd:e5:fb:19:b5:4f:0a:c6:f5:76:4a:c6:a3:
         dd:e3:98:8c:8b:7f:e1:71:8b:a5:5a:13:15:7f:37:d9:2e:1d:
         53:4e:a0:3b:86:8f:4c:24:47:20:a1:cf:79:3f:8e:9c:cd:b1:
         bd:6a:91:55:04:8a:10:eb:25:27:6b:83:68:b4:d9:3e:a6:13:
         aa:a7:b3:68:76:9a:92:b1:70:75:d7:9e:84:fe:c0:06:36:f1:
         83:7f:83:80:aa:1c:70:fb:05:8d:ad:07:c6:3c:19:72:16:b7:
         df:1e:b4:3f:f3:a7:12:05:9e:00:dc:5f:e2:69:ce:4d:af:d2:
         48:52:04:7c:ed:08:b3:03:9f:1a:6b:93:94:52:fc:b4:da:0c:
         53:40:4c:a1:70:63:01:6f:df:02:6c:73:43:5e:52:01:15:f3:
         34:fa:69:68:75:2e:7d:af:d1:1f:56:25:f8:f8:4e:12:5c:97:
         e4:02:1e:ff:f1:88:4b:2e:8a:32:96:0a:e9:0d:7e:22:a5:20:
         54:cb:40:98:66:c7:ba:7b:ff:c6:78:de:30:eb:2f:b4:07:80:
         fd:4c:e1:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VKC4xdxQFzJok84LdbJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTQ4YmQ2ZjJhZDE1OGU2MjRmZDhlODllOWVmNWYxYmRi
MWQzOWEwHhcNMjYwMzI5MTYwMTU3WhcNMjYwMzMwMTYwMTU3WjAzMTEwLwYDVQQD
Eyg5MTc2MGEyMzliMGI4ZjBhYmUyMWY1ZmU3OTZlMzYwYmMzNjhmYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunwBrST5CiC3Sf0Et1Bm/Vkbnhck
YsGPHYpBKtRPwWh7t+JMBYQJ1ROF7xzS8kzoGD04Zg0TBqX5pVBTqOGA7AJpZlt9
JrELrMkOOyII2+p2MW0ePygHHUpQ3+hR/lr6C0n4xvZ2V86E8OqjK2W1zozzh6qP
ZWNRPYqqDBkigzcpDknM6xuWspx9jaNPSzJJMZttzpnR9kkRdYiCrDQvDwbiYCJS
GvnNOGVnTd8pIw/j4GGx4wAKqF30Oligp1VtSuoX00Q0qSj8QzqeVj/tX0lajk5s
ggJX4y+F01CEiuNoef9cE8hXxuFwnvfJ5sNQYEzGg39doRFub0Plkbki5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJF2CiObC48KviH1/nluNgvDaPo/MB8GA1UdIwQY
MBaAFJeUi9byrRWOYk/Y6J6e9fG9sdOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVTTDF2S3RGWTVpVDlqb25wNzE4YjJ4MDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jNzI3YmYtNzcwOS00YjMzLWI2MTgt
YTZjNTAwMGM3MTg0LzEvbDVTTDF2S3RGWTVpVDlqb25wNzE4YjJ4MDVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jNzI3YmYtNzcwOS00YjMzLWI2MTgtYTZjNTAwMGM3MTg0
LzEvbDVTTDF2S3RGWTVpVDlqb25wNzE4YjJ4MDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATDlVwijw
Pft/blw3qHpzgFeaCEGBeHbB0+DGWhLbmaQFw++M6M1JgRK95fsZtU8KxvV2Ssaj
3eOYjIt/4XGLpVoTFX832S4dU06gO4aPTCRHIKHPeT+OnM2xvWqRVQSKEOslJ2uD
aLTZPqYTqqezaHaakrFwddeehP7ABjbxg3+DgKoccPsFja0HxjwZcha33x60P/On
EgWeANxf4mnOTa/SSFIEfO0IswOfGmuTlFL8tNoMU0BMoXBjAW/fAmxzQ15SARXz
NPppaHUufa/RH1Yl+PhOElyX5AIe//GISy6KMpYK6Q1+IqUgVMtAmGbHunv/xnje
MOsvtAeA/Uzhnw==
-----END CERTIFICATE-----