Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
File:                     p_555OY70WvEI3WStoTQBDPL0PY.mft (raw, json)
Hash identifier:          Sz+nqHVHsEbVQBbYriSBS52gbub1fyPDwhK9pVjJ5+E=
Subject key identifier:   5F:09:B1:91:D5:69:A9:D7:56:2C:BD:78:E5:50:FC:3F:DE:9E:2C:D9
Authority key identifier: A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6
Certificate issuer:       /CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6
Certificate serial:       019D386561985574AD478DF67827A91974E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
Manifest number:          09D1
Signing time:             Sun 29 Mar 2026 07:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:01 +0000
Files and hashes:         1: p_555OY70WvEI3WStoTQBDPL0PY.crl (hash: eDxtdu6PCcpIJ0Bq+QmGaTWnFao9G+/e3vuXEPnZJUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:61:98:55:74:ad:47:8d:f6:78:27:a9:19:74:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6
        Validity
            Not Before: Mar 29 07:01:01 2026 GMT
            Not After : Mar 30 07:01:01 2026 GMT
        Subject: CN=5f09b191d569a9d7562cbd78e550fc3fde9e2cd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:67:64:18:f8:d1:fb:f7:fd:36:41:88:e1:bd:
                    70:7e:48:7f:78:9e:35:3a:f8:90:94:f1:37:79:f7:
                    95:e6:52:2c:b0:70:04:e2:79:c7:2c:bc:91:ab:53:
                    da:a4:fd:73:c9:c5:34:d3:be:1c:a5:75:ca:17:ea:
                    d8:da:7e:2d:a2:57:29:16:e2:00:eb:7e:8c:50:2d:
                    4d:9b:97:1b:40:cc:ff:b8:96:90:81:86:e0:49:50:
                    4c:a3:de:6e:a0:37:a2:19:30:18:39:5f:b5:78:ab:
                    c8:38:b7:37:36:86:9b:d7:1d:0f:ab:40:50:75:ae:
                    03:91:a9:7e:21:3b:f0:7f:20:d8:6e:22:60:c9:c5:
                    ec:8a:d2:8f:5f:b5:1a:4c:ed:84:ee:f4:8d:95:56:
                    f9:fa:06:39:e5:e1:f2:2f:f8:c1:77:b5:a8:94:45:
                    59:c1:af:84:7c:d8:18:b0:e9:6c:a7:59:c8:1d:fb:
                    94:6e:19:b3:a3:6c:08:4a:13:eb:02:5d:a6:a4:0c:
                    9b:36:92:7b:3c:89:81:1e:8d:4f:92:7f:cb:0b:c5:
                    27:68:a9:0b:f7:82:e1:eb:e6:db:be:e5:b8:bf:36:
                    d4:14:9d:ec:a2:0f:3e:81:4c:80:18:98:95:25:a9:
                    3a:29:d8:f3:d5:09:58:b0:7a:38:fb:10:38:a7:04:
                    29:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:09:B1:91:D5:69:A9:D7:56:2C:BD:78:E5:50:FC:3F:DE:9E:2C:D9
            X509v3 Authority Key Identifier:
                keyid:A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:b3:77:6d:a5:09:da:26:a5:88:55:42:a2:38:ed:ff:e0:39:
         0b:dc:1c:73:9a:78:e5:ef:84:34:dc:28:8d:68:25:fc:98:4c:
         e6:be:0a:15:3e:05:63:83:45:e2:9c:21:bf:66:c8:e8:74:7d:
         fd:a8:e4:45:3d:35:7e:1f:de:27:7f:8f:ba:bb:88:30:e5:59:
         b0:f8:a9:db:8a:b4:54:3d:d5:c2:40:82:ba:c0:8f:31:33:eb:
         20:87:9e:62:1f:9f:12:7a:c1:fc:a0:5a:48:26:9b:dd:5d:7c:
         0e:41:46:8b:57:e9:9d:7a:0f:05:9c:c6:6a:93:6c:42:15:a9:
         a7:cf:f2:b0:3a:6c:1e:92:49:e5:66:97:05:80:73:4d:75:ef:
         40:65:29:87:4d:8b:73:53:97:5e:a2:cc:c4:ac:97:14:a2:6b:
         02:5c:03:20:46:e7:cd:22:ee:8d:3d:3c:4e:a3:c9:23:d4:6f:
         38:1d:d2:f9:69:aa:cc:31:21:04:c6:17:7b:a8:8b:1a:05:3b:
         0d:8d:a0:f0:71:6a:83:43:0b:bc:94:6c:67:c8:7b:5a:1b:87:
         66:4c:3a:78:7e:22:1d:c8:3f:51:a6:43:dc:60:e7:26:3a:d3:
         3f:ac:a8:ac:06:12:01:3d:e4:81:ab:ff:08:cc:0b:d6:e1:f4:
         18:18:a3:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWGYVXStR432eCepGXTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmU3OWU0ZTYzYmQxNmJjNDIzNzU5MmI2ODRkMDA0MzNj
YmQwZjYwHhcNMjYwMzI5MDcwMTAxWhcNMjYwMzMwMDcwMTAxWjAzMTEwLwYDVQQD
Eyg1ZjA5YjE5MWQ1NjlhOWQ3NTYyY2JkNzhlNTUwZmMzZmRlOWUyY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGdkGPjR+/f9NkGI4b1wfkh/eJ41
OviQlPE3efeV5lIssHAE4nnHLLyRq1PapP1zycU0074cpXXKF+rY2n4tolcpFuIA
636MUC1Nm5cbQMz/uJaQgYbgSVBMo95uoDeiGTAYOV+1eKvIOLc3Noab1x0Pq0BQ
da4Dkal+ITvwfyDYbiJgycXsitKPX7UaTO2E7vSNlVb5+gY55eHyL/jBd7WolEVZ
wa+EfNgYsOlsp1nIHfuUbhmzo2wIShPrAl2mpAybNpJ7PImBHo1Pkn/LC8UnaKkL
94Lh6+bbvuW4vzbUFJ3sog8+gUyAGJiVJak6Kdjz1QlYsHo4+xA4pwQpDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8JsZHVaanXViy9eOVQ/D/enizZMB8GA1UdIwQY
MBaAFKf+eeTmO9FrxCN1kraE0AQzy9D2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAt
MjUxYTdiMTNjMTE4LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAtMjUxYTdiMTNjMTE4
LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArLN3baUJ
2ialiFVCojjt/+A5C9wcc5p45e+ENNwojWgl/JhM5r4KFT4FY4NF4pwhv2bI6HR9
/ajkRT01fh/eJ3+PuruIMOVZsPip24q0VD3VwkCCusCPMTPrIIeeYh+fEnrB/KBa
SCab3V18DkFGi1fpnXoPBZzGapNsQhWpp8/ysDpsHpJJ5WaXBYBzTXXvQGUph02L
c1OXXqLMxKyXFKJrAlwDIEbnzSLujT08TqPJI9RvOB3S+WmqzDEhBMYXe6iLGgU7
DY2g8HFqg0MLvJRsZ8h7WhuHZkw6eH4iHcg/UaZD3GDnJjrTP6yorAYSAT3kgav/
CMwL1uH0GBij1g==
-----END CERTIFICATE-----