Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          JAYl7nm0e5VuGmz9ZiLOwc2XcLrxsSTNybM5I2MiBGA=
Subject key identifier:   D4:A5:71:56:78:10:96:14:98:52:59:DA:E9:04:A7:3E:7C:B3:D4:2B
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       019D3909C771A8D1BCD955E1FEE920447A12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          05F6
Signing time:             Sun 29 Mar 2026 10:00:35 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:35 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:35 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: NvwuHTtc4CTZWYQhYsTr+/ilUYSo3xlaxSoMBXVQ3NQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:c7:71:a8:d1:bc:d9:55:e1:fe:e9:20:44:7a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Mar 29 10:00:35 2026 GMT
            Not After : Mar 30 10:00:35 2026 GMT
        Subject: CN=d4a5715678109614985259dae904a73e7cb3d42b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:96:f8:be:c7:ae:9d:9d:fa:5e:19:a7:09:88:
                    56:77:af:7e:dc:06:4b:35:34:7f:5d:3a:eb:09:31:
                    fe:94:66:e0:c8:a1:dd:74:c3:f1:64:ae:06:8c:3f:
                    82:64:0b:98:79:49:ac:51:63:05:9d:39:64:85:cb:
                    15:6f:83:23:59:fc:8c:a7:1e:e1:66:c7:33:7c:78:
                    88:c8:38:c9:4f:e0:d6:f0:2d:4f:c4:ed:eb:61:5c:
                    89:31:55:70:64:e1:aa:03:b7:e9:cf:5c:6d:90:53:
                    ce:ff:ac:0c:73:e4:89:33:f6:d3:31:a0:8a:94:3e:
                    48:4c:50:51:9d:fa:f6:23:32:04:35:4f:65:b5:63:
                    3e:67:d3:1c:2f:2b:3f:5e:ce:1f:25:f5:fc:22:2e:
                    2c:1b:f6:be:cd:d4:1e:12:7c:a8:1f:6e:57:b0:dc:
                    a2:81:f7:b2:19:7c:e5:3f:29:35:f9:cf:71:bf:bd:
                    60:4f:8a:88:d6:ed:db:e7:80:ec:d7:42:aa:85:9c:
                    18:a5:8c:02:c2:bf:0d:a3:cf:db:77:20:b5:e2:a9:
                    01:7e:70:90:bc:a9:09:eb:55:6e:5c:1f:9e:19:63:
                    f2:fa:1f:71:4b:64:b4:d5:b2:70:cd:66:f1:af:e4:
                    f4:fd:1f:d4:9f:61:91:fb:c6:c1:bb:04:b3:9f:29:
                    a4:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:A5:71:56:78:10:96:14:98:52:59:DA:E9:04:A7:3E:7C:B3:D4:2B
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:39:96:68:50:4f:ee:6c:16:46:66:ea:9c:1c:0c:f1:88:2e:
         c0:74:55:9d:9a:45:3d:42:1d:59:f1:87:64:d9:77:80:b6:d4:
         17:9d:e7:37:fb:60:1b:17:07:2b:ac:76:d6:d8:eb:ec:5c:99:
         0c:7b:eb:bc:99:7e:97:09:f5:cd:19:3b:da:4e:dc:f3:b7:3c:
         d1:5e:51:ac:6f:8a:72:9c:14:a2:53:61:df:db:33:53:82:44:
         c2:f6:24:5f:af:8b:a9:a3:63:e5:23:5b:fc:7f:2e:ce:37:20:
         f8:b9:71:f9:2b:37:ee:17:fb:6c:2f:ce:30:23:4e:09:8f:89:
         ba:c3:6d:2b:74:fd:78:33:31:b2:29:ae:43:0e:bc:69:ac:18:
         82:79:57:5a:92:f1:0f:f2:01:97:33:b0:f7:54:42:32:0a:fa:
         ac:15:a0:0e:84:e7:52:32:bf:ad:cd:d9:4a:4a:8e:7a:af:be:
         3b:f6:c8:e9:93:d8:fa:ed:77:08:86:17:50:70:33:81:ae:8d:
         c3:af:ad:63:6d:74:bb:2d:38:a4:c1:6c:b5:20:d2:c4:b5:7f:
         3d:79:04:a7:85:40:d9:4f:fe:89:3b:14:7c:a7:a5:ff:85:cf:
         07:d3:3d:16:ce:c0:e2:90:e1:cd:52:f1:dc:6c:62:da:70:7e:
         64:89:a6:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcdxqNG82VXh/ukgRHoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjYwMzI5MTAwMDM1WhcNMjYwMzMwMTAwMDM1WjAzMTEwLwYDVQQD
EyhkNGE1NzE1Njc4MTA5NjE0OTg1MjU5ZGFlOTA0YTczZTdjYjNkNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pb4vseunZ36XhmnCYhWd69+3AZL
NTR/XTrrCTH+lGbgyKHddMPxZK4GjD+CZAuYeUmsUWMFnTlkhcsVb4MjWfyMpx7h
ZsczfHiIyDjJT+DW8C1PxO3rYVyJMVVwZOGqA7fpz1xtkFPO/6wMc+SJM/bTMaCK
lD5ITFBRnfr2IzIENU9ltWM+Z9McLys/Xs4fJfX8Ii4sG/a+zdQeEnyoH25XsNyi
gfeyGXzlPyk1+c9xv71gT4qI1u3b54Ds10KqhZwYpYwCwr8No8/bdyC14qkBfnCQ
vKkJ61VuXB+eGWPy+h9xS2S01bJwzWbxr+T0/R/Un2GR+8bBuwSznymk8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSlcVZ4EJYUmFJZ2ukEpz58s9QrMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDmWaFBP
7mwWRmbqnBwM8YguwHRVnZpFPUIdWfGHZNl3gLbUF53nN/tgGxcHK6x21tjr7FyZ
DHvrvJl+lwn1zRk72k7c87c80V5RrG+KcpwUolNh39szU4JEwvYkX6+LqaNj5SNb
/H8uzjcg+Llx+Ss37hf7bC/OMCNOCY+JusNtK3T9eDMxsimuQw68aawYgnlXWpLx
D/IBlzOw91RCMgr6rBWgDoTnUjK/rc3ZSkqOeq++O/bI6ZPY+u13CIYXUHAzga6N
w6+tY210uy04pMFstSDSxLV/PXkEp4VA2U/+iTsUfKel/4XPB9M9Fs7A4pDhzVLx
3Gxi2nB+ZImmpQ==
-----END CERTIFICATE-----