Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
File:                     5J1E2IEnX8osC2s_fs7i0iIUb9I.mft (raw, json)
Hash identifier:          8Te6+CmVRanC0e2fiLfk1IDFBnlDrAnjR6V9XdC4Uik=
Subject key identifier:   4C:A0:F3:9E:6B:0D:08:84:50:68:1D:C7:34:BA:01:95:96:D8:8D:9B
Authority key identifier: E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2
Certificate issuer:       /CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
Certificate serial:       019D37898294DB7FFB76A1A5137A160CB825
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
Manifest number:          15B8
Signing time:             Sun 29 Mar 2026 03:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:51 +0000
Files and hashes:         1: 5J1E2IEnX8osC2s_fs7i0iIUb9I.crl (hash: 3Kag6WMMViWjs76c1vUJZFY71KhIAqIodksOXOXoa6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:82:94:db:7f:fb:76:a1:a5:13:7a:16:0c:b8:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
        Validity
            Not Before: Mar 29 03:00:51 2026 GMT
            Not After : Mar 30 03:00:51 2026 GMT
        Subject: CN=4ca0f39e6b0d088450681dc734ba019596d88d9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:db:0c:27:7a:9d:9c:4d:82:31:51:08:75:9d:
                    c1:03:01:89:88:d2:42:92:17:35:4e:d4:a4:37:35:
                    13:93:c6:f9:a1:e0:65:fe:09:bf:8d:52:32:3a:31:
                    f8:9a:52:54:cd:66:aa:32:16:30:be:a4:29:b9:35:
                    98:20:e7:1c:c4:cc:c1:04:8e:00:82:21:5c:0d:1d:
                    ac:ca:cf:71:2e:e3:b4:0d:9b:8b:38:45:19:17:96:
                    98:a3:a7:13:f4:bd:c1:cd:26:6e:e3:99:7f:8c:f2:
                    12:22:13:f8:ed:c4:47:c2:5f:95:fb:eb:6c:72:c0:
                    e1:39:bf:c6:e3:24:d4:85:49:15:12:87:04:a7:ab:
                    44:24:c6:6b:09:8d:b6:7a:fa:dc:7e:ae:30:4d:c9:
                    d9:fd:b3:91:a3:9f:ce:be:6c:dc:17:c7:95:95:40:
                    06:26:89:14:bf:15:13:18:a2:49:32:79:30:4b:ac:
                    f3:a0:26:87:18:26:64:5f:50:dd:9c:e3:8a:81:a9:
                    a8:6f:1d:6a:60:cf:56:81:cd:4f:23:cd:ad:63:42:
                    79:45:c6:38:a6:a5:a9:c1:4b:76:3b:59:d9:11:7b:
                    6d:fc:71:d5:b1:63:73:aa:06:c1:e8:c0:ab:96:0c:
                    b1:3d:58:d8:87:61:27:eb:e8:a6:64:e0:69:21:ee:
                    46:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A0:F3:9E:6B:0D:08:84:50:68:1D:C7:34:BA:01:95:96:D8:8D:9B
            X509v3 Authority Key Identifier:
                keyid:E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:f8:a2:1e:8d:6e:9f:55:30:54:17:aa:91:9d:ed:13:73:49:
         47:e2:87:35:be:3a:19:32:e1:3c:7e:bf:ad:a2:50:71:0e:cb:
         b9:1b:8b:12:42:4a:d7:81:98:c5:9a:db:d0:61:52:a6:b5:ea:
         24:dc:74:5c:20:49:97:45:72:57:bf:bd:c7:26:32:38:84:8f:
         8e:35:15:d9:0d:83:58:a7:e2:90:44:95:c9:ac:f3:0b:d4:ac:
         dc:5b:6e:64:1d:5d:cb:b2:8a:88:48:61:c7:4c:99:51:71:a4:
         c5:a7:0e:06:19:ea:69:94:2d:e8:92:77:cd:03:74:c4:d9:e2:
         ca:de:2b:1a:2d:ab:8e:f8:62:f6:7d:f6:bb:ec:84:37:b0:e6:
         8a:bf:1a:e9:9c:a5:40:0d:cb:79:00:cd:8b:db:81:c8:36:5a:
         ef:3f:e9:2a:0f:23:3e:93:c0:42:6a:db:b8:3b:77:40:98:ff:
         ab:6e:19:cf:e9:81:de:c5:48:c2:ac:b0:5c:f8:84:0c:f8:aa:
         33:b4:d7:2c:1b:d2:4a:49:36:2d:4e:31:c8:80:29:43:95:38:
         51:06:d8:7b:33:8f:c7:e2:aa:9e:1d:d3:36:f5:cc:ee:fd:42:
         e4:4e:4f:d9:5f:17:01:78:a4:4c:c8:a8:b1:66:a4:10:39:b4:
         1f:f5:35:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iYKU23/7dqGlE3oWDLglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OWQ0NGQ4ODEyNzVmY2EyYzBiNmIzZjdlY2VlMmQyMjIx
NDZmZDIwHhcNMjYwMzI5MDMwMDUxWhcNMjYwMzMwMDMwMDUxWjAzMTEwLwYDVQQD
Eyg0Y2EwZjM5ZTZiMGQwODg0NTA2ODFkYzczNGJhMDE5NTk2ZDg4ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9sMJ3qdnE2CMVEIdZ3BAwGJiNJC
khc1TtSkNzUTk8b5oeBl/gm/jVIyOjH4mlJUzWaqMhYwvqQpuTWYIOccxMzBBI4A
giFcDR2sys9xLuO0DZuLOEUZF5aYo6cT9L3BzSZu45l/jPISIhP47cRHwl+V++ts
csDhOb/G4yTUhUkVEocEp6tEJMZrCY22evrcfq4wTcnZ/bORo5/OvmzcF8eVlUAG
JokUvxUTGKJJMnkwS6zzoCaHGCZkX1DdnOOKgamobx1qYM9Wgc1PI82tY0J5RcY4
pqWpwUt2O1nZEXtt/HHVsWNzqgbB6MCrlgyxPVjYh2En6+imZOBpIe5GDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyg855rDQiEUGgdxzS6AZWW2I2bMB8GA1UdIwQY
MBaAFOSdRNiBJ1/KLAtrP37O4tIiFG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wNTBkN2YtODQ1NS00NjVmLWIyMzkt
YzMyZDEwYzdlYTFmLzEvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8wNTBkN2YtODQ1NS00NjVmLWIyMzktYzMyZDEwYzdlYTFm
LzEvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMPiiHo1u
n1UwVBeqkZ3tE3NJR+KHNb46GTLhPH6/raJQcQ7LuRuLEkJK14GYxZrb0GFSprXq
JNx0XCBJl0VyV7+9xyYyOISPjjUV2Q2DWKfikESVyazzC9Ss3FtuZB1dy7KKiEhh
x0yZUXGkxacOBhnqaZQt6JJ3zQN0xNniyt4rGi2rjvhi9n32u+yEN7Dmir8a6Zyl
QA3LeQDNi9uByDZa7z/pKg8jPpPAQmrbuDt3QJj/q24Zz+mB3sVIwqywXPiEDPiq
M7TXLBvSSkk2LU4xyIApQ5U4UQbYezOPx+Kqnh3TNvXM7v1C5E5P2V8XAXikTMio
sWakEDm0H/U1Ng==
-----END CERTIFICATE-----