Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
File:                     a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json)
Hash identifier:          emtSZ8mih46YY6qBpWLDht+01J6zusMa51Aqc6h5O1Q=
Subject key identifier:   5A:1B:50:C6:D2:DC:D8:F7:8A:46:36:9C:11:53:AE:BB:0B:A2:B6:CB
Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66
Certificate issuer:       /CN=6be051fb93e015a9b761bb45afe109dbbe347c66
Certificate serial:       019D3752D9825B7BB89C36E53FF659085426
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
Manifest number:          083F
Signing time:             Sun 29 Mar 2026 02:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:09 +0000
Files and hashes:         1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: ybnIQ8hOcaDdWGYwxBjSXn2mtCdlBVkAXwDbyLVHGoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:d9:82:5b:7b:b8:9c:36:e5:3f:f6:59:08:54:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66
        Validity
            Not Before: Mar 29 02:01:09 2026 GMT
            Not After : Mar 30 02:01:09 2026 GMT
        Subject: CN=5a1b50c6d2dcd8f78a46369c1153aebb0ba2b6cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:7b:e7:d8:df:e1:26:3d:30:6e:d1:47:91:61:
                    27:60:e6:69:5b:23:96:d2:9f:60:9a:aa:69:4e:79:
                    88:40:08:b7:f7:6d:5a:53:21:cc:12:cf:52:87:09:
                    5a:ab:7f:5d:ca:4d:e5:b4:88:e8:af:d8:ee:9e:d4:
                    9d:e7:bd:ff:ad:33:da:37:d2:11:07:00:b2:ed:76:
                    18:fe:12:9c:9c:76:82:fe:81:7e:bc:5a:3d:4c:2a:
                    bb:45:be:d6:69:35:ed:18:cd:bb:8a:9d:e9:27:9f:
                    78:cd:25:9f:da:a7:4f:4a:07:b6:3c:6e:4f:18:07:
                    45:d9:25:95:7a:fb:ed:31:3f:ef:ba:fe:65:32:23:
                    da:c1:08:2e:1f:b4:16:2b:c5:43:7f:f5:50:93:6c:
                    dc:90:e9:5b:8b:78:cc:5c:7e:8b:0a:9a:11:39:d4:
                    a5:5a:9f:62:cb:8c:90:bb:c9:93:22:0a:f3:48:60:
                    1a:6e:ef:4a:5f:24:7c:f4:2a:f1:ee:95:39:71:94:
                    6c:90:b6:b4:bf:fd:e1:d7:62:a5:be:1e:a7:8d:30:
                    ed:28:ee:4c:3d:a7:ca:65:3f:a8:de:55:e2:4a:95:
                    12:8b:80:78:fc:22:96:61:eb:47:55:7a:a8:0d:2f:
                    55:03:c7:88:b7:7b:8b:dc:be:4d:61:e0:2e:84:11:
                    df:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:1B:50:C6:D2:DC:D8:F7:8A:46:36:9C:11:53:AE:BB:0B:A2:B6:CB
            X509v3 Authority Key Identifier:
                keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:00:14:71:4b:94:d9:a5:f8:d0:bb:8b:15:7c:e1:62:45:d9:
         2d:05:07:d5:42:23:b3:00:f5:4d:f1:7a:ed:b1:95:4c:ba:5f:
         4f:46:48:a1:5c:08:dd:c5:80:4f:b3:b8:5d:3f:a2:0e:76:07:
         11:49:8e:b2:c4:00:38:a8:51:b6:79:a9:b0:fe:31:e9:a6:c9:
         3d:58:2e:96:10:f3:67:dd:42:32:33:c8:2a:b5:22:11:15:32:
         ce:9b:e2:0e:ca:3e:8c:6e:e2:bd:4c:45:78:73:69:0e:ea:4c:
         1f:ce:3c:fa:ff:f4:4d:d7:d9:45:f4:64:90:60:bf:fe:3a:d6:
         c9:a4:80:8b:63:b5:7d:ec:a4:81:84:b9:40:b5:91:15:fb:83:
         b8:da:ba:32:5e:34:bc:a8:de:ae:3e:66:77:4d:50:6f:94:2f:
         24:6b:f0:31:89:86:42:56:f0:5d:a9:76:6c:8c:6c:5b:34:07:
         73:03:98:9d:f6:f2:7b:7a:48:4a:6e:4b:be:4c:d1:8a:5e:2d:
         48:fe:d6:4d:3e:62:1a:58:d1:c4:c2:34:7c:1f:a4:25:e2:77:
         57:de:1d:66:19:39:bf:a8:72:bb:f2:e2:ef:c1:f7:7e:02:b4:
         cf:aa:80:61:49:a9:e9:5b:11:be:34:99:de:76:e2:e5:c5:cb:
         6e:1a:86:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UtmCW3u4nDblP/ZZCFQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz
NDdjNjYwHhcNMjYwMzI5MDIwMTA5WhcNMjYwMzMwMDIwMTA5WjAzMTEwLwYDVQQD
Eyg1YTFiNTBjNmQyZGNkOGY3OGE0NjM2OWMxMTUzYWViYjBiYTJiNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnvn2N/hJj0wbtFHkWEnYOZpWyOW
0p9gmqppTnmIQAi3921aUyHMEs9Shwlaq39dyk3ltIjor9juntSd573/rTPaN9IR
BwCy7XYY/hKcnHaC/oF+vFo9TCq7Rb7WaTXtGM27ip3pJ594zSWf2qdPSge2PG5P
GAdF2SWVevvtMT/vuv5lMiPawQguH7QWK8VDf/VQk2zckOlbi3jMXH6LCpoROdSl
Wp9iy4yQu8mTIgrzSGAabu9KXyR89Crx7pU5cZRskLa0v/3h12Klvh6njTDtKO5M
PafKZT+o3lXiSpUSi4B4/CKWYetHVXqoDS9VA8eIt3uL3L5NYeAuhBHfEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFobUMbS3Nj3ikY2nBFTrrsLorbLMB8GA1UdIwQY
MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt
ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh
LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdgAUcUuU
2aX40LuLFXzhYkXZLQUH1UIjswD1TfF67bGVTLpfT0ZIoVwI3cWAT7O4XT+iDnYH
EUmOssQAOKhRtnmpsP4x6abJPVgulhDzZ91CMjPIKrUiERUyzpviDso+jG7ivUxF
eHNpDupMH848+v/0TdfZRfRkkGC//jrWyaSAi2O1feykgYS5QLWRFfuDuNq6Ml40
vKjerj5md01Qb5QvJGvwMYmGQlbwXal2bIxsWzQHcwOYnfbye3pISm5LvkzRil4t
SP7WTT5iGljRxMI0fB+kJeJ3V94dZhk5v6hyu/Li78H3fgK0z6qAYUmp6VsRvjSZ
3nbi5cXLbhqG6A==
-----END CERTIFICATE-----