Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          0htsoa7MSTqTJJ/wKY0NqpcAuJs4EhK8h9w//oluQ/w=
Subject key identifier:   D1:48:C8:DC:F2:07:74:07:63:C5:E4:82:5B:94:79:39:9C:35:CB:68
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       019E30051D1A630D75BDF39D5E1CF0558B74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          08A9
Signing time:             Sat 16 May 2026 09:01:41 +0000
Manifest this update:     Sat 16 May 2026 09:01:41 +0000
Manifest next update:     Sun 17 May 2026 09:01:41 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: Z4X7lWCzPIfeXw2vm91nZSoCMxFAGPEUoiRyZteirfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:05:1d:1a:63:0d:75:bd:f3:9d:5e:1c:f0:55:8b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: May 16 09:01:41 2026 GMT
            Not After : May 17 09:01:41 2026 GMT
        Subject: CN=d148c8dcf207740763c5e4825b9479399c35cb68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:45:b4:8f:07:88:5c:bb:fc:fb:90:15:3b:5d:
                    70:d6:4b:32:ab:4f:0a:d9:4d:35:34:26:10:b9:8a:
                    20:20:50:a4:6b:98:bc:19:73:6a:67:90:cf:51:4e:
                    d3:5d:58:b3:75:26:86:cf:c6:e7:52:ce:6c:ae:40:
                    a4:83:54:41:36:d5:27:a2:5e:92:95:74:39:f1:d9:
                    aa:a5:e6:ca:07:30:79:81:50:0d:62:47:c5:e1:2e:
                    5d:08:9e:ba:8f:a4:0d:50:78:3e:94:70:03:9f:28:
                    8b:f3:56:57:4a:6b:65:3b:99:18:0c:af:2f:ca:d0:
                    57:d1:71:a6:c7:58:03:1a:72:93:e3:97:07:83:4b:
                    2e:17:f5:ae:68:24:d6:28:6b:ce:6b:68:95:80:0a:
                    b7:e8:ff:f0:78:eb:92:27:54:6d:7d:ff:5a:fe:9b:
                    16:80:a6:4e:70:c8:95:3a:55:96:63:f0:0b:6d:94:
                    7d:76:6c:35:e0:00:38:66:3e:7d:28:4f:38:21:bc:
                    9b:c2:8a:46:f9:d6:63:17:ec:9a:04:ed:0d:64:26:
                    c7:dc:5f:84:a3:96:ae:51:89:20:81:86:51:c1:02:
                    97:58:4c:eb:ba:55:d4:92:35:94:8b:ee:bf:e1:e3:
                    21:d6:63:c6:6f:8d:b4:78:bc:ab:88:de:4b:79:e6:
                    c4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:48:C8:DC:F2:07:74:07:63:C5:E4:82:5B:94:79:39:9C:35:CB:68
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:52:1a:a4:ea:46:5e:37:0b:ca:c7:c2:e4:19:ba:6a:a0:19:
         2b:00:7b:fb:a3:e2:e3:95:6c:f9:d0:48:eb:01:f2:f3:96:a8:
         c4:79:48:4c:bf:69:a9:84:64:df:68:41:31:ef:fe:e0:c7:a7:
         ca:87:f3:f3:b8:85:90:c9:5a:0a:d3:c7:4f:aa:8b:5a:f4:d6:
         c3:cd:4d:33:39:02:5b:50:ff:ce:52:48:52:47:9d:a4:a7:df:
         31:f5:02:5c:01:07:36:88:80:c3:33:76:95:86:85:e7:4a:4f:
         7f:1d:4d:91:5f:ce:bc:f8:f3:f3:a7:6f:d3:68:96:c2:17:4a:
         13:b8:1c:48:0a:98:d9:15:9b:00:28:1c:ad:15:c9:ce:a8:49:
         ce:7e:05:c3:d4:bb:38:e4:ee:7e:f3:a8:ee:94:11:a6:08:d0:
         b9:29:48:61:1b:2c:ac:08:29:72:e0:88:a8:f6:94:72:a6:7e:
         02:f9:86:8b:65:2f:b0:4d:02:47:60:f5:ce:8d:46:cf:ff:07:
         1f:85:e3:a2:23:4c:87:0d:21:36:c6:2d:54:c9:6d:66:f9:dc:
         92:32:c5:1d:5f:b2:73:ce:31:0b:0a:05:fe:e0:cb:c0:d2:a2:
         8e:e3:20:c3:1b:8c:0f:79:a5:1a:90:4a:7b:75:58:89:12:4e:
         9a:50:d7:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBR0aYw11vfOdXhzwVYt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjYwNTE2MDkwMTQxWhcNMjYwNTE3MDkwMTQxWjAzMTEwLwYDVQQD
EyhkMTQ4YzhkY2YyMDc3NDA3NjNjNWU0ODI1Yjk0NzkzOTljMzVjYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUW0jweIXLv8+5AVO11w1ksyq08K
2U01NCYQuYogIFCka5i8GXNqZ5DPUU7TXVizdSaGz8bnUs5srkCkg1RBNtUnol6S
lXQ58dmqpebKBzB5gVANYkfF4S5dCJ66j6QNUHg+lHADnyiL81ZXSmtlO5kYDK8v
ytBX0XGmx1gDGnKT45cHg0suF/WuaCTWKGvOa2iVgAq36P/weOuSJ1Rtff9a/psW
gKZOcMiVOlWWY/ALbZR9dmw14AA4Zj59KE84IbybwopG+dZjF+yaBO0NZCbH3F+E
o5auUYkggYZRwQKXWEzrulXUkjWUi+6/4eMh1mPGb420eLyriN5LeebEywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFIyNzyB3QHY8XkgluUeTmcNctoMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArlIapOpG
XjcLysfC5Bm6aqAZKwB7+6Pi45Vs+dBI6wHy85aoxHlITL9pqYRk32hBMe/+4Men
yofz87iFkMlaCtPHT6qLWvTWw81NMzkCW1D/zlJIUkedpKffMfUCXAEHNoiAwzN2
lYaF50pPfx1NkV/OvPjz86dv02iWwhdKE7gcSAqY2RWbACgcrRXJzqhJzn4Fw9S7
OOTufvOo7pQRpgjQuSlIYRssrAgpcuCIqPaUcqZ+AvmGi2UvsE0CR2D1zo1Gz/8H
H4XjoiNMhw0hNsYtVMltZvnckjLFHV+yc84xCwoF/uDLwNKijuMgwxuMD3mlGpBK
e3VYiRJOmlDXyg==
-----END CERTIFICATE-----