Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          kxm5tF5fA8EoV2hJ8xopOJY4OnXlZMuXIZ1Lmb9Zk4Y=
Subject key identifier:   BF:5F:19:58:52:D1:A9:C1:5E:A3:28:2E:F6:0B:62:0B:88:0E:9B:CD
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019D39410D9C1B1E6A72795EDDF0F2F27902
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          05A7
Signing time:             Sun 29 Mar 2026 11:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:57 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: DW1YTk3PbIZlSHHuFbbogjpQmL5VyYj/E+IgI0MWMkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:0d:9c:1b:1e:6a:72:79:5e:dd:f0:f2:f2:79:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Mar 29 11:00:57 2026 GMT
            Not After : Mar 30 11:00:57 2026 GMT
        Subject: CN=bf5f195852d1a9c15ea3282ef60b620b880e9bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fc:89:41:09:10:44:78:c6:d1:32:f1:81:87:
                    4f:3e:64:1b:15:0f:ed:a1:ee:be:f2:68:c7:b0:f9:
                    52:de:94:40:73:4a:88:1e:21:06:5d:0e:49:65:51:
                    0c:86:e9:db:51:e4:89:ac:44:df:d6:58:d2:2b:b9:
                    07:c5:d4:ab:f3:28:b9:6b:7d:76:04:32:f6:ab:40:
                    97:e6:8c:3f:72:ca:2c:9d:84:1d:e9:a8:fe:95:1e:
                    5b:a3:d5:04:c6:e6:ac:81:23:c1:8b:4f:ee:c7:4c:
                    23:d5:48:eb:3e:f8:72:4f:29:ba:fa:91:5a:dc:96:
                    eb:d7:ee:39:a3:1c:fd:60:0d:4b:4e:a7:0b:4b:37:
                    03:66:33:0a:f6:b2:79:fe:1a:c6:a0:4b:c4:bf:cc:
                    f1:e7:ba:82:7e:e1:1d:d9:65:64:9c:e7:71:33:25:
                    45:75:8c:53:97:30:18:88:74:1a:b9:a5:14:6f:46:
                    b9:30:dc:b5:06:92:1c:f7:4b:35:27:b5:3c:b5:49:
                    1b:3e:95:21:a3:11:f7:25:3a:40:13:e1:cd:83:fc:
                    a2:48:1f:2c:44:5c:9d:50:3c:c4:62:fa:6c:1a:99:
                    3e:1b:9e:8b:5f:32:f1:7b:d2:5b:7c:9a:b8:78:02:
                    f6:c8:88:2f:ca:73:2c:f7:03:38:36:88:20:75:0e:
                    19:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:5F:19:58:52:D1:A9:C1:5E:A3:28:2E:F6:0B:62:0B:88:0E:9B:CD
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:8a:38:8d:d9:3d:4c:7c:57:23:92:86:9b:6a:79:97:52:d4:
         52:77:1d:6f:05:31:d4:7e:97:06:ac:20:50:aa:57:8d:10:b0:
         46:4d:e3:9c:8c:c0:6e:f1:17:f0:fe:8a:42:ea:82:0d:a5:dc:
         aa:d0:61:09:c7:f7:13:82:78:d8:4a:96:df:ed:bd:3c:01:1b:
         07:bc:d2:80:26:03:25:f1:91:47:a9:a2:6e:17:f6:81:e8:76:
         95:ee:58:44:9c:5b:dc:20:3f:d2:48:f2:6b:02:3d:9b:80:8a:
         36:2a:35:a1:5f:b2:e1:d8:09:b9:3f:2a:10:5e:0e:82:2e:84:
         bc:69:66:d4:e9:88:bd:d1:94:32:d0:16:bb:30:13:f5:c5:70:
         d8:a4:c5:c1:f3:49:5f:84:2e:50:34:9c:5f:15:40:4a:6c:92:
         8b:33:47:b2:ad:ff:14:54:41:fb:21:88:73:04:6d:79:30:1a:
         35:a7:9e:d2:3b:ea:3f:f3:a3:da:54:68:d9:f5:db:17:cc:e1:
         c0:63:13:dd:ce:e6:cd:19:9d:54:68:72:69:91:62:03:bd:db:
         95:c7:9d:25:9a:69:46:6f:62:c5:00:f8:7c:18:0e:34:b3:ce:
         91:5b:d2:40:e9:42:95:dc:e5:20:22:5e:4d:17:23:58:fe:37:
         07:df:37:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QQ2cGx5qcnle3fDy8nkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjYwMzI5MTEwMDU3WhcNMjYwMzMwMTEwMDU3WjAzMTEwLwYDVQQD
EyhiZjVmMTk1ODUyZDFhOWMxNWVhMzI4MmVmNjBiNjIwYjg4MGU5YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPyJQQkQRHjG0TLxgYdPPmQbFQ/t
oe6+8mjHsPlS3pRAc0qIHiEGXQ5JZVEMhunbUeSJrETf1ljSK7kHxdSr8yi5a312
BDL2q0CX5ow/csosnYQd6aj+lR5bo9UExuasgSPBi0/ux0wj1UjrPvhyTym6+pFa
3Jbr1+45oxz9YA1LTqcLSzcDZjMK9rJ5/hrGoEvEv8zx57qCfuEd2WVknOdxMyVF
dYxTlzAYiHQauaUUb0a5MNy1BpIc90s1J7U8tUkbPpUhoxH3JTpAE+HNg/yiSB8s
RFydUDzEYvpsGpk+G56LXzLxe9JbfJq4eAL2yIgvynMs9wM4NoggdQ4ZGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9fGVhS0anBXqMoLvYLYguIDpvNMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEIo4jdk9
THxXI5KGm2p5l1LUUncdbwUx1H6XBqwgUKpXjRCwRk3jnIzAbvEX8P6KQuqCDaXc
qtBhCcf3E4J42EqW3+29PAEbB7zSgCYDJfGRR6mibhf2geh2le5YRJxb3CA/0kjy
awI9m4CKNio1oV+y4dgJuT8qEF4Ogi6EvGlm1OmIvdGUMtAWuzAT9cVw2KTFwfNJ
X4QuUDScXxVASmySizNHsq3/FFRB+yGIcwRteTAaNaee0jvqP/Oj2lRo2fXbF8zh
wGMT3c7mzRmdVGhyaZFiA73blcedJZppRm9ixQD4fBgONLPOkVvSQOlCldzlICJe
TRcjWP43B983UQ==
-----END CERTIFICATE-----