Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
File:                     Ad0iu63J75fJwaOGG21rTE3dhoc.mft (raw, json)
Hash identifier:          9gRgNJgwQVV3cg5ZsNMmihKZMWezIJWS4+fJyW9L478=
Subject key identifier:   5D:CB:AE:CB:9E:9A:41:E2:EF:A7:04:A1:E2:44:B4:09:EE:96:34:A7
Authority key identifier: 01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87
Certificate issuer:       /CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
Certificate serial:       019D386587E7510A1CDCC7C2138C02A260CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
Manifest number:          1280
Signing time:             Sun 29 Mar 2026 07:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:11 +0000
Files and hashes:         1: Ad0iu63J75fJwaOGG21rTE3dhoc.crl (hash: NhKGxhzuSR26vSgSIs4ZZrQUn6cwr16MOD9P6yoMQzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:87:e7:51:0a:1c:dc:c7:c2:13:8c:02:a2:60:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
        Validity
            Not Before: Mar 29 07:01:11 2026 GMT
            Not After : Mar 30 07:01:11 2026 GMT
        Subject: CN=5dcbaecb9e9a41e2efa704a1e244b409ee9634a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:dd:3c:0d:8b:75:75:06:d7:1f:45:28:9a:66:
                    7a:fb:89:e2:45:2a:59:be:6c:cb:5b:03:b7:e5:f9:
                    3a:d9:1e:73:fc:be:64:ef:7b:cf:a7:80:da:80:80:
                    34:ac:bc:49:64:fe:bf:b7:14:55:93:6d:6f:19:cf:
                    08:87:f4:08:ec:5d:17:36:f6:46:8f:1d:8e:7f:17:
                    e8:7e:f7:55:7b:01:61:53:6b:90:f8:b1:a0:0f:85:
                    8a:b3:a5:24:14:03:8e:49:78:d4:e7:47:3b:81:02:
                    a1:a5:05:cf:03:60:39:a5:bb:18:61:20:58:6d:22:
                    c3:85:d5:a8:ac:1b:01:18:71:33:2a:68:e9:21:b9:
                    86:e3:52:3b:e8:c6:7e:62:ff:41:35:f0:ec:9c:87:
                    07:a6:0d:e7:c9:43:da:ac:48:a9:89:37:73:86:4c:
                    31:45:80:18:ce:de:f5:5d:f3:ce:73:4a:3c:c6:80:
                    8f:5f:69:34:f6:bb:43:ae:7b:bb:51:07:b7:92:5b:
                    fe:5b:a0:f4:ce:2b:dc:09:61:d8:81:8b:ec:e4:25:
                    8d:f3:99:c1:5f:41:68:0e:e7:d0:e7:d5:fd:f0:0d:
                    b8:fb:76:c9:15:15:84:b6:e7:74:ff:40:3b:e7:3d:
                    dd:b7:81:33:96:92:3e:17:31:98:ec:60:36:d9:f9:
                    c6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CB:AE:CB:9E:9A:41:E2:EF:A7:04:A1:E2:44:B4:09:EE:96:34:A7
            X509v3 Authority Key Identifier:
                keyid:01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:84:20:68:05:f0:65:2f:e8:c2:4c:9e:94:b4:3b:a0:59:32:
         b3:70:ee:42:e5:27:63:ea:59:fb:78:95:c5:ae:10:5f:be:f3:
         29:3d:5d:61:d6:1e:92:08:ad:2b:0e:2c:25:16:01:fd:52:f4:
         e0:50:46:d2:31:81:e3:57:15:6f:71:5d:60:9b:64:60:7f:d0:
         19:ec:0c:27:ad:9a:53:ed:db:ce:15:90:97:c0:88:b5:65:57:
         71:6c:21:61:a2:c0:1c:59:de:3d:39:9f:62:35:75:99:a8:65:
         69:ea:e1:69:85:4c:b2:bf:f5:42:10:61:06:ce:e1:0b:90:92:
         ea:27:6d:ab:bb:25:32:08:e0:39:a3:f5:5e:d6:72:c0:26:3e:
         e5:19:f4:5f:a3:03:99:ec:c8:d2:c1:3f:14:3d:2e:23:c8:64:
         87:33:ed:4e:3d:d2:ff:f9:c9:2d:fa:fb:75:54:de:0e:ae:b9:
         c5:bc:f8:9e:3b:49:0f:7a:64:42:c4:c1:e1:32:36:1d:6d:21:
         20:68:04:da:d7:2d:a5:8b:ad:00:9a:b8:a7:9e:4b:33:2b:af:
         cc:59:dc:c7:1a:15:25:86:42:cf:54:c7:62:eb:04:fb:4d:3e:
         4e:c9:ff:b5:f9:03:bf:89:7d:2c:45:14:64:76:43:5f:60:6e:
         a1:07:02:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYfnUQoc3MfCE4wComDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZGQyMmJiYWRjOWVmOTdjOWMxYTM4NjFiNmQ2YjRjNGRk
ZDg2ODcwHhcNMjYwMzI5MDcwMTExWhcNMjYwMzMwMDcwMTExWjAzMTEwLwYDVQQD
Eyg1ZGNiYWVjYjllOWE0MWUyZWZhNzA0YTFlMjQ0YjQwOWVlOTYzNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst08DYt1dQbXH0UommZ6+4niRSpZ
vmzLWwO35fk62R5z/L5k73vPp4DagIA0rLxJZP6/txRVk21vGc8Ih/QI7F0XNvZG
jx2OfxfofvdVewFhU2uQ+LGgD4WKs6UkFAOOSXjU50c7gQKhpQXPA2A5pbsYYSBY
bSLDhdWorBsBGHEzKmjpIbmG41I76MZ+Yv9BNfDsnIcHpg3nyUParEipiTdzhkwx
RYAYzt71XfPOc0o8xoCPX2k09rtDrnu7UQe3klv+W6D0zivcCWHYgYvs5CWN85nB
X0FoDufQ59X98A24+3bJFRWEtud0/0A75z3dt4EzlpI+FzGY7GA22fnGdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3LrsuemkHi76cEoeJEtAnuljSnMB8GA1UdIwQY
MBaAFAHdIrutye+XycGjhhtta0xN3YaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYt
NzA3ZGIyNTI0ZTZiLzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYtNzA3ZGIyNTI0ZTZi
LzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoQgaAXw
ZS/owkyelLQ7oFkys3DuQuUnY+pZ+3iVxa4QX77zKT1dYdYekgitKw4sJRYB/VL0
4FBG0jGB41cVb3FdYJtkYH/QGewMJ62aU+3bzhWQl8CItWVXcWwhYaLAHFnePTmf
YjV1mahlaerhaYVMsr/1QhBhBs7hC5CS6idtq7slMgjgOaP1XtZywCY+5Rn0X6MD
mezI0sE/FD0uI8hkhzPtTj3S//nJLfr7dVTeDq65xbz4njtJD3pkQsTB4TI2HW0h
IGgE2tctpYutAJq4p55LMyuvzFncxxoVJYZCz1THYusE+00+Tsn/tfkDv4l9LEUU
ZHZDX2BuoQcCgw==
-----END CERTIFICATE-----