Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft
File:                     o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft (raw, json)
Hash identifier:          cZ3KCdUcw6QhkdPkXY+IRsR/eSvT/rlJqM1a+KBtjxw=
Subject key identifier:   0F:A2:5D:56:35:C4:98:FD:F1:D0:2B:F0:D7:B3:00:4A:5B:96:92:CF
Authority key identifier: A3:92:FC:96:A4:87:89:51:4E:B0:9F:56:74:B5:9D:A5:2C:91:14:83
Certificate issuer:       /CN=a392fc96a48789514eb09f5674b59da52c911483
Certificate serial:       019D38D37FD42A07DE1F22BDFA313AD3A5F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft
Manifest number:          0D05
Signing time:             Sun 29 Mar 2026 09:01:18 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:18 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:18 +0000
Files and hashes:         1: o5L8lqSHiVFOsJ9WdLWdpSyRFIM.crl (hash: plM6/1Xdl515kxbm2BSEKtfoMuWjVd1y13Xzzrz3joY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:7f:d4:2a:07:de:1f:22:bd:fa:31:3a:d3:a5:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a392fc96a48789514eb09f5674b59da52c911483
        Validity
            Not Before: Mar 29 09:01:18 2026 GMT
            Not After : Mar 30 09:01:18 2026 GMT
        Subject: CN=0fa25d5635c498fdf1d02bf0d7b3004a5b9692cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:6e:5c:90:09:4e:13:d0:20:ce:34:83:a3:15:
                    cc:7b:a3:ef:97:a9:d0:d8:ee:d1:10:43:5e:61:0b:
                    1d:42:28:59:bb:50:b3:66:1c:3b:04:26:a1:18:b8:
                    d9:cc:dc:a5:e5:f4:18:06:2f:f5:05:ba:7f:a3:e7:
                    33:f5:44:e5:d9:6f:fe:d9:51:a1:13:5e:62:ca:17:
                    86:d1:ba:79:7e:35:5f:96:fa:31:20:60:3a:90:12:
                    bc:4c:2e:1b:50:44:71:6f:82:ca:90:c1:71:17:38:
                    ca:36:3a:a9:b0:d9:7f:4a:85:ea:b3:5e:0f:38:2c:
                    e3:6d:e2:b9:b1:fc:88:90:18:9f:61:1c:2c:81:e5:
                    93:bb:92:72:da:11:3a:d9:00:4d:ca:55:34:4e:bd:
                    8c:a8:5b:76:10:cc:36:b0:aa:79:af:8d:d3:d6:7c:
                    0c:76:d5:e2:b1:a5:02:35:a3:d4:49:56:1b:2f:1e:
                    cf:87:1d:0c:c7:68:0f:f5:65:2c:e7:bb:9e:71:ce:
                    bc:b3:ac:85:69:cf:ec:61:b2:1e:49:6e:8a:45:b5:
                    a3:cc:4f:35:6e:2e:e3:32:73:59:0f:b4:f0:16:30:
                    9c:47:01:28:b0:f9:d1:50:19:cf:d8:ca:66:cb:f1:
                    a8:f8:5e:45:33:bd:a1:87:11:28:1c:3e:f1:8d:ca:
                    77:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:A2:5D:56:35:C4:98:FD:F1:D0:2B:F0:D7:B3:00:4A:5B:96:92:CF
            X509v3 Authority Key Identifier:
                keyid:A3:92:FC:96:A4:87:89:51:4E:B0:9F:56:74:B5:9D:A5:2C:91:14:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:ec:c7:b1:bc:12:3c:d1:fc:e8:98:6f:ac:89:1a:7e:2b:9e:
         d9:1a:e8:93:48:ae:6e:d9:e2:2e:4f:78:bd:bc:27:59:fb:a1:
         1d:cc:20:6a:6e:00:e0:c8:fd:42:90:e5:8c:a5:e6:0c:9c:58:
         7e:7c:85:1d:3e:d4:4a:ed:37:13:54:cd:3e:6f:88:26:68:c2:
         e7:1f:84:45:30:18:eb:17:39:e5:bc:17:d6:2d:f5:67:58:11:
         67:f2:03:c0:99:01:8f:96:fc:2f:89:5d:d7:15:aa:30:f6:62:
         32:29:a8:b2:7f:51:4a:f1:a3:c5:21:6f:cb:2b:c7:d6:5a:91:
         e1:50:1c:fd:28:34:db:ae:fe:67:ea:f7:24:3f:9e:82:96:77:
         1d:6d:2f:f7:df:4c:83:62:28:7c:df:73:f4:8f:b8:2b:97:98:
         3d:52:7c:a6:70:14:74:60:65:37:e6:ab:7e:ef:4a:a0:b8:fb:
         60:f8:5a:df:bc:72:7b:84:cd:4b:48:42:e1:52:d5:d8:6a:52:
         99:7b:40:5f:67:58:da:61:1f:18:ad:6c:d0:65:31:0b:11:ef:
         70:40:40:47:ec:a6:4a:0b:f7:7f:3f:92:8d:93:5e:f3:7d:a5:
         15:ba:42:44:cd:49:45:cf:73:1d:c0:4b:65:d5:f7:93:77:ef:
         c8:6c:3a:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0403/UKgfeHyK9+jE606XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOTJmYzk2YTQ4Nzg5NTE0ZWIwOWY1Njc0YjU5ZGE1MmM5
MTE0ODMwHhcNMjYwMzI5MDkwMTE4WhcNMjYwMzMwMDkwMTE4WjAzMTEwLwYDVQQD
EygwZmEyNWQ1NjM1YzQ5OGZkZjFkMDJiZjBkN2IzMDA0YTViOTY5MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW5ckAlOE9AgzjSDoxXMe6Pvl6nQ
2O7REENeYQsdQihZu1CzZhw7BCahGLjZzNyl5fQYBi/1Bbp/o+cz9UTl2W/+2VGh
E15iyheG0bp5fjVflvoxIGA6kBK8TC4bUERxb4LKkMFxFzjKNjqpsNl/SoXqs14P
OCzjbeK5sfyIkBifYRwsgeWTu5Jy2hE62QBNylU0Tr2MqFt2EMw2sKp5r43T1nwM
dtXisaUCNaPUSVYbLx7Phx0Mx2gP9WUs57uecc68s6yFac/sYbIeSW6KRbWjzE81
bi7jMnNZD7TwFjCcRwEosPnRUBnP2Mpmy/Go+F5FM72hhxEoHD7xjcp3mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+iXVY1xJj98dAr8NezAEpblpLPMB8GA1UdIwQY
MBaAFKOS/Jakh4lRTrCfVnS1naUskRSDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzVMOGxxU0hpVkZPc0o5V2RMV2RwU3lSRklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNzhmODMtNTM4NC00YzM2LThmNTEt
ODgzZjJmNmNiZjA0LzEvbzVMOGxxU0hpVkZPc0o5V2RMV2RwU3lSRklNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNzhmODMtNTM4NC00YzM2LThmNTEtODgzZjJmNmNiZjA0
LzEvbzVMOGxxU0hpVkZPc0o5V2RMV2RwU3lSRklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAouzHsbwS
PNH86JhvrIkafiue2Rrok0iubtniLk94vbwnWfuhHcwgam4A4Mj9QpDljKXmDJxY
fnyFHT7USu03E1TNPm+IJmjC5x+ERTAY6xc55bwX1i31Z1gRZ/IDwJkBj5b8L4ld
1xWqMPZiMimosn9RSvGjxSFvyyvH1lqR4VAc/Sg0267+Z+r3JD+egpZ3HW0v999M
g2IofN9z9I+4K5eYPVJ8pnAUdGBlN+arfu9KoLj7YPha37xye4TNS0hC4VLV2GpS
mXtAX2dY2mEfGK1s0GUxCxHvcEBAR+ymSgv3fz+SjZNe832lFbpCRM1JRc9zHcBL
ZdX3k3fvyGw6bQ==
-----END CERTIFICATE-----