Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
File:                     ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json)
Hash identifier:          hZYyxnz+05uC2bnKkATl7Cr0BcsdZlAZjjWdmK+pO5Y=
Subject key identifier:   69:A4:88:41:4C:5F:86:B4:F2:CB:44:34:0D:2A:A7:08:B4:93:DA:AA
Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A
Certificate issuer:       /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
Certificate serial:       019D3865F8ACD09B96360F23B3DA9C72D8BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
Manifest number:          05DE
Signing time:             Sun 29 Mar 2026 07:01:39 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:39 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:39 +0000
Files and hashes:         1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: HoiDr2oIIpPGAky8eOoZC6QZP3N3usayAfAHZhkSgV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f8:ac:d0:9b:96:36:0f:23:b3:da:9c:72:d8:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
        Validity
            Not Before: Mar 29 07:01:39 2026 GMT
            Not After : Mar 30 07:01:39 2026 GMT
        Subject: CN=69a488414c5f86b4f2cb44340d2aa708b493daaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:24:aa:54:51:cf:ae:7f:37:66:89:ed:0b:6d:
                    6d:0d:a4:64:e2:a9:a3:95:75:10:21:91:d6:42:69:
                    48:61:62:5f:5d:2a:9d:89:46:4e:a5:fe:ee:ec:00:
                    f4:10:33:5d:de:c9:21:02:63:df:80:88:f7:87:c8:
                    30:42:a8:a3:ff:b7:e6:59:d9:5d:81:25:cd:e1:e9:
                    02:a6:b3:61:37:4c:ec:af:bc:ae:fc:d4:1e:b1:18:
                    cb:e7:64:d3:4b:1c:e2:8f:cd:56:4d:b5:73:7c:9a:
                    05:ad:f3:c4:b5:2a:6e:4b:ff:c2:06:0e:b8:39:0a:
                    8b:d3:77:53:c8:08:6f:95:da:fa:61:f9:98:1e:d7:
                    b7:b7:97:35:9b:1f:79:7e:2c:97:f7:22:62:2d:43:
                    8c:4e:8b:1f:db:1d:29:25:06:67:bd:fa:22:b7:89:
                    be:a1:74:e7:ac:bd:e9:93:97:30:47:0f:c5:89:20:
                    d5:1a:e5:31:2d:c6:dd:8f:62:33:28:34:b4:a1:4b:
                    48:ba:18:d1:23:a7:2b:87:36:a5:bd:84:57:e9:f4:
                    f7:13:a4:f5:7c:ab:b6:85:33:97:4c:bf:a9:ec:1a:
                    d1:95:02:4b:ba:2f:2d:61:79:0e:5e:e2:aa:64:e7:
                    27:97:1d:44:60:d2:33:d6:7b:35:9c:61:9e:45:03:
                    28:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:A4:88:41:4C:5F:86:B4:F2:CB:44:34:0D:2A:A7:08:B4:93:DA:AA
            X509v3 Authority Key Identifier:
                keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:04:08:54:4f:93:a4:56:9f:a2:63:5b:4d:a7:da:ab:93:53:
         b4:6b:ec:f1:74:15:af:c5:00:f7:47:38:91:f9:86:b5:c6:ee:
         22:83:41:48:40:7f:03:c2:c3:f7:78:b7:92:12:ee:2e:26:16:
         25:80:97:d7:0b:4e:10:22:98:20:55:0e:bf:52:7c:59:1b:06:
         d9:9d:b4:af:cb:78:9e:f3:d3:30:ad:57:2b:20:17:d8:5b:7b:
         33:0a:af:45:cd:25:7f:80:0e:c3:a1:3a:f2:de:bd:1d:d7:c5:
         3b:9f:f4:e5:be:13:78:d2:27:0f:55:e8:99:4c:21:9a:25:35:
         e6:1a:84:db:99:be:52:c4:b1:f0:25:03:9d:95:bc:19:60:26:
         61:10:93:b8:5a:a3:86:b1:56:5c:ef:f9:e2:8f:9b:22:84:53:
         01:ce:02:aa:68:f2:59:2b:37:5b:7f:82:1a:3f:d0:0e:4e:50:
         8d:57:48:b1:f3:16:43:8a:c3:e5:26:d9:8c:35:aa:48:dd:5c:
         8f:1f:15:63:e1:b8:ea:e0:35:d0:02:72:62:ef:9f:78:05:7f:
         38:6c:9e:e6:9a:b7:38:8e:74:d1:61:50:fd:88:eb:23:69:11:
         75:73:c1:52:c2:5c:16:84:09:1f:68:a9:b8:da:cd:5e:5c:78:
         ce:fc:a8:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zfis0JuWNg8js9qccti9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi
ZmU5MWEwHhcNMjYwMzI5MDcwMTM5WhcNMjYwMzMwMDcwMTM5WjAzMTEwLwYDVQQD
Eyg2OWE0ODg0MTRjNWY4NmI0ZjJjYjQ0MzQwZDJhYTcwOGI0OTNkYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCSqVFHPrn83ZontC21tDaRk4qmj
lXUQIZHWQmlIYWJfXSqdiUZOpf7u7AD0EDNd3skhAmPfgIj3h8gwQqij/7fmWdld
gSXN4ekCprNhN0zsr7yu/NQesRjL52TTSxzij81WTbVzfJoFrfPEtSpuS//CBg64
OQqL03dTyAhvldr6YfmYHte3t5c1mx95fiyX9yJiLUOMTosf2x0pJQZnvfoit4m+
oXTnrL3pk5cwRw/FiSDVGuUxLcbdj2IzKDS0oUtIuhjRI6crhzalvYRX6fT3E6T1
fKu2hTOXTL+p7BrRlQJLui8tYXkOXuKqZOcnlx1EYNIz1ns1nGGeRQMo2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmkiEFMX4a08stENA0qpwi0k9qqMB8GA1UdIwQY
MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt
NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0
LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQQIVE+T
pFafomNbTafaq5NTtGvs8XQVr8UA90c4kfmGtcbuIoNBSEB/A8LD93i3khLuLiYW
JYCX1wtOECKYIFUOv1J8WRsG2Z20r8t4nvPTMK1XKyAX2Ft7MwqvRc0lf4AOw6E6
8t69HdfFO5/05b4TeNInD1XomUwhmiU15hqE25m+UsSx8CUDnZW8GWAmYRCTuFqj
hrFWXO/54o+bIoRTAc4CqmjyWSs3W3+CGj/QDk5QjVdIsfMWQ4rD5SbZjDWqSN1c
jx8VY+G46uA10AJyYu+feAV/OGye5pq3OI500WFQ/YjrI2kRdXPBUsJcFoQJH2ip
uNrNXlx4zvyoGQ==
-----END CERTIFICATE-----