Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
File:                     5_y3rNVfY0m52BRheGwSRY-G9y4.mft (raw, json)
Hash identifier:          z22WglpoZZftmwHEsfBx/Lk/79GU9/DphN8CwbP3wVk=
Subject key identifier:   F9:7E:F2:15:C2:58:EE:6D:62:41:E9:17:7D:50:BC:F9:92:06:13:12
Authority key identifier: E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E
Certificate issuer:       /CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
Certificate serial:       019D37C0AE88418CEF52894B6262A8E28678
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 04:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:07 +0000
Files and hashes:         1: 5_y3rNVfY0m52BRheGwSRY-G9y4.crl (hash: AokShNLsCZtGScS6SxIJfQ+KTeulqH+1U2xqegz6qsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:ae:88:41:8c:ef:52:89:4b:62:62:a8:e2:86:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7fcb7acd55f6349b9d81461786c12458f86f72e
        Validity
            Not Before: Mar 29 04:01:07 2026 GMT
            Not After : Mar 30 04:01:07 2026 GMT
        Subject: CN=f97ef215c258ee6d6241e9177d50bcf992061312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:97:5f:e3:6f:77:45:a7:a3:79:d0:ba:07:7d:
                    7a:c2:d9:41:24:0c:b1:df:67:e2:97:72:9b:c7:14:
                    e6:46:de:71:cf:cc:60:cb:9d:2d:1b:1d:2e:2d:d1:
                    cc:17:a5:46:ad:61:0e:ba:9c:42:ad:c2:da:03:ed:
                    8b:19:13:d6:92:4b:2c:77:fa:5e:e7:1c:04:08:2b:
                    2c:8c:c8:73:77:c5:9e:fa:45:e1:05:8e:92:5a:de:
                    aa:82:23:d3:fc:59:df:85:ba:c3:cd:5a:bf:b6:45:
                    5b:e3:0a:11:a8:85:77:df:63:cb:05:78:70:c6:af:
                    81:bd:60:69:fd:df:95:85:bd:78:3c:50:61:f0:92:
                    14:a2:cc:7a:e6:0e:10:04:4a:25:01:de:04:4e:62:
                    de:04:b8:44:c4:47:de:f7:3f:da:d7:26:93:46:d3:
                    98:d9:73:df:13:ff:a9:b0:01:a6:17:04:29:71:bc:
                    d0:97:21:b0:81:f4:e8:3a:54:b4:51:38:ca:6c:e8:
                    ac:f1:37:2f:b9:f2:b9:35:1e:70:fa:06:fd:f0:f4:
                    59:2a:a0:27:b5:82:7c:df:45:4d:d0:54:5e:58:87:
                    20:9e:7a:10:10:f6:c6:ce:f7:7e:a2:8c:a9:3b:96:
                    4f:64:01:c4:cd:21:28:4e:9b:b5:d5:95:5f:3a:fe:
                    bd:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:7E:F2:15:C2:58:EE:6D:62:41:E9:17:7D:50:BC:F9:92:06:13:12
            X509v3 Authority Key Identifier:
                keyid:E7:FC:B7:AC:D5:5F:63:49:B9:D8:14:61:78:6C:12:45:8F:86:F7:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_y3rNVfY0m52BRheGwSRY-G9y4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/698339-5905-4637-b983-cdb3a657d9ee/1/5_y3rNVfY0m52BRheGwSRY-G9y4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:d1:1d:38:76:95:1b:c8:4d:f6:ed:2d:55:6f:0c:e2:9f:c7:
         75:f6:d6:3e:7a:8f:d0:08:30:14:fd:c7:43:cb:71:1f:52:15:
         f0:ae:c5:7d:b2:8a:69:ec:a7:b7:cb:14:6a:b8:15:83:a0:18:
         75:e7:72:d8:b4:6a:10:6d:a4:20:a6:03:0b:11:4a:35:85:e5:
         be:97:e9:1e:f5:b7:ed:0b:18:20:13:16:eb:4c:ed:28:69:15:
         fc:af:e7:83:88:35:3a:bf:70:da:ff:0f:58:0f:98:3a:29:41:
         f7:c5:cb:75:83:8f:29:3e:d3:c1:50:54:53:c1:44:c1:09:59:
         53:d4:e8:d3:50:5d:e8:01:09:a5:b9:07:a7:22:95:3f:c1:7e:
         82:fd:23:77:dc:75:cb:bb:b5:75:74:88:99:90:22:bb:53:c2:
         d8:ef:e3:4a:2a:d9:25:ca:f3:43:7d:9b:04:fb:ed:e0:2c:52:
         ee:57:74:ef:87:27:91:6f:51:6b:13:25:c9:b1:65:35:77:a0:
         69:37:29:0b:73:71:bb:6b:5a:33:6b:00:2e:80:d4:fc:7a:ef:
         21:a7:ef:08:42:f6:8e:24:b8:6a:fd:42:dc:c8:b5:6d:ec:6c:
         9a:62:4a:b4:ef:39:88:43:d9:07:53:41:cd:e4:50:31:ad:cb:
         bb:e7:75:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wK6IQYzvUolLYmKo4oZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmNiN2FjZDU1ZjYzNDliOWQ4MTQ2MTc4NmMxMjQ1OGY4
NmY3MmUwHhcNMjYwMzI5MDQwMTA3WhcNMjYwMzMwMDQwMTA3WjAzMTEwLwYDVQQD
EyhmOTdlZjIxNWMyNThlZTZkNjI0MWU5MTc3ZDUwYmNmOTkyMDYxMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspdf4293RaejedC6B316wtlBJAyx
32fil3KbxxTmRt5xz8xgy50tGx0uLdHMF6VGrWEOupxCrcLaA+2LGRPWkkssd/pe
5xwECCssjMhzd8We+kXhBY6SWt6qgiPT/FnfhbrDzVq/tkVb4woRqIV332PLBXhw
xq+BvWBp/d+Vhb14PFBh8JIUosx65g4QBEolAd4ETmLeBLhExEfe9z/a1yaTRtOY
2XPfE/+psAGmFwQpcbzQlyGwgfToOlS0UTjKbOis8TcvufK5NR5w+gb98PRZKqAn
tYJ830VN0FReWIcgnnoQEPbGzvd+ooypO5ZPZAHEzSEoTpu11ZVfOv696QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPl+8hXCWO5tYkHpF31QvPmSBhMSMB8GA1UdIwQY
MBaAFOf8t6zVX2NJudgUYXhsEkWPhvcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMt
Y2RiM2E2NTdkOWVlLzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82OTgzMzktNTkwNS00NjM3LWI5ODMtY2RiM2E2NTdkOWVl
LzEvNV95M3JOVmZZMG01MkJSaGVHd1NSWS1HOXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv9EdOHaV
G8hN9u0tVW8M4p/HdfbWPnqP0AgwFP3HQ8txH1IV8K7FfbKKaeynt8sUargVg6AY
dedy2LRqEG2kIKYDCxFKNYXlvpfpHvW37QsYIBMW60ztKGkV/K/ng4g1Or9w2v8P
WA+YOilB98XLdYOPKT7TwVBUU8FEwQlZU9To01Bd6AEJpbkHpyKVP8F+gv0jd9x1
y7u1dXSImZAiu1PC2O/jSirZJcrzQ32bBPvt4CxS7ld074cnkW9RaxMlybFlNXeg
aTcpC3Nxu2taM2sALoDU/HrvIafvCEL2jiS4av1C3Mi1bexsmmJKtO85iEPZB1NB
zeRQMa3Lu+d1cQ==
-----END CERTIFICATE-----