Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
File:                     5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft (raw, json)
Hash identifier:          yEj+tNWd85dbwYAwK0WMqB7wuH9bE3fqSshSlOY8vtc=
Subject key identifier:   46:B6:BF:96:B1:04:A5:D1:CF:79:4D:51:4A:1F:05:AD:11:A2:E3:6D
Authority key identifier: E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9
Certificate issuer:       /CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
Certificate serial:       019D38660B3A212FDAC1261ED21AF148048F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
Manifest number:          0673
Signing time:             Sun 29 Mar 2026 07:01:44 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:44 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:44 +0000
Files and hashes:         1: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl (hash: TUBWRVTgEYZ/Os+DqGVQiqqf50xDvfg+CNPTx+yfUnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:0b:3a:21:2f:da:c1:26:1e:d2:1a:f1:48:04:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
        Validity
            Not Before: Mar 29 07:01:44 2026 GMT
            Not After : Mar 30 07:01:44 2026 GMT
        Subject: CN=46b6bf96b104a5d1cf794d514a1f05ad11a2e36d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6c:c7:79:a4:c3:06:5a:24:13:c6:5d:28:78:
                    19:58:95:2e:ca:07:ed:3b:50:52:6e:7d:61:25:6f:
                    71:2d:23:88:42:b6:bc:17:d2:28:64:88:f8:35:8d:
                    8d:8a:66:3d:d9:a7:98:bd:8f:ec:5e:ee:03:42:5c:
                    49:5c:5a:de:e7:8c:51:f2:91:3a:31:46:bb:58:c1:
                    62:5b:51:d6:54:30:d1:56:fb:08:4b:a2:ef:20:d0:
                    dc:d9:9a:d3:57:44:41:e4:22:89:1d:a9:25:59:c7:
                    4b:33:61:21:18:74:ba:da:72:71:3b:1f:19:c9:40:
                    20:1e:04:97:5d:34:bd:2e:78:bc:f5:b5:b6:39:9f:
                    c9:d1:99:3e:8d:d9:cd:12:06:e3:1b:fd:fd:ea:39:
                    27:a4:31:5f:84:39:8b:0b:18:fd:72:57:e2:1d:d8:
                    53:c6:50:b5:54:9e:14:e1:5a:92:26:bb:4d:12:46:
                    f8:d4:7b:8d:5c:6c:6e:13:04:7e:d5:7f:29:80:cf:
                    4f:11:f4:fe:6b:2e:f1:79:50:1f:5e:d4:d7:3e:26:
                    8d:ee:56:42:54:98:67:56:03:ed:5f:0e:75:69:ac:
                    af:d7:16:4e:2d:6f:59:fb:d4:59:9b:41:c4:8c:c6:
                    85:de:19:fb:35:18:61:6b:3c:4e:3e:eb:53:18:01:
                    2b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:B6:BF:96:B1:04:A5:D1:CF:79:4D:51:4A:1F:05:AD:11:A2:E3:6D
            X509v3 Authority Key Identifier:
                keyid:E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:ec:72:b4:e3:6a:5a:c2:06:c4:c7:f7:2d:be:da:1f:61:0f:
         9c:31:01:ff:34:c5:5c:1c:12:21:33:45:72:56:10:ca:ed:73:
         eb:e6:b8:2c:c0:27:07:28:4e:ff:77:e2:2e:45:ad:d7:7b:55:
         ec:0c:94:db:f2:6f:a0:8c:b5:34:42:34:b4:63:d7:21:3a:df:
         93:0c:e5:4e:c4:a9:e8:3d:21:cd:0e:8a:13:b6:c0:45:ad:db:
         47:b0:c3:ca:6c:b1:ef:0b:96:5b:f2:a9:ed:74:60:ba:41:90:
         d6:50:73:44:42:e3:b1:65:3a:65:c6:81:47:27:e3:09:e3:1a:
         59:9a:45:fb:99:05:76:b7:3d:d9:a9:c2:44:e1:fb:eb:cc:fd:
         1c:90:86:1b:47:c8:ec:8b:ec:d1:2f:67:a7:a7:3c:6f:a5:14:
         c7:b1:df:40:ba:5c:db:e6:7a:26:9b:66:b3:ec:74:ac:b5:e8:
         89:4c:01:3b:98:e0:9f:42:c1:fe:85:b8:e9:e8:05:ee:77:e9:
         bf:69:42:c1:f2:ad:80:d3:0c:88:7e:88:e4:05:ab:2d:7b:61:
         b6:7c:2e:44:fc:63:d3:0a:7a:a2:10:ad:21:ef:57:1b:c9:af:
         d0:18:62:b4:f2:40:24:4f:cd:56:c7:2b:b5:be:34:e3:4b:d3:
         51:ac:36:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zgs6IS/awSYe0hrxSASPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MThjZGRjMzlkMzQ3NTYzYzZkYzFlNWVjNWU1OTYyMWU0
MGU0ZDkwHhcNMjYwMzI5MDcwMTQ0WhcNMjYwMzMwMDcwMTQ0WjAzMTEwLwYDVQQD
Eyg0NmI2YmY5NmIxMDRhNWQxY2Y3OTRkNTE0YTFmMDVhZDExYTJlMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmzHeaTDBlokE8ZdKHgZWJUuygft
O1BSbn1hJW9xLSOIQra8F9IoZIj4NY2NimY92aeYvY/sXu4DQlxJXFre54xR8pE6
MUa7WMFiW1HWVDDRVvsIS6LvINDc2ZrTV0RB5CKJHaklWcdLM2EhGHS62nJxOx8Z
yUAgHgSXXTS9Lni89bW2OZ/J0Zk+jdnNEgbjG/396jknpDFfhDmLCxj9clfiHdhT
xlC1VJ4U4VqSJrtNEkb41HuNXGxuEwR+1X8pgM9PEfT+ay7xeVAfXtTXPiaN7lZC
VJhnVgPtXw51aayv1xZOLW9Z+9RZm0HEjMaF3hn7NRhhazxOPutTGAErtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEa2v5axBKXRz3lNUUofBa0RouNtMB8GA1UdIwQY
MBaAFOQYzdw500dWPG3B5exeWWIeQOTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMt
Nzc3ZTZjYTRlZmY2LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMtNzc3ZTZjYTRlZmY2
LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkOxytONq
WsIGxMf3Lb7aH2EPnDEB/zTFXBwSITNFclYQyu1z6+a4LMAnByhO/3fiLkWt13tV
7AyU2/JvoIy1NEI0tGPXITrfkwzlTsSp6D0hzQ6KE7bARa3bR7DDymyx7wuWW/Kp
7XRgukGQ1lBzRELjsWU6ZcaBRyfjCeMaWZpF+5kFdrc92anCROH768z9HJCGG0fI
7Ivs0S9np6c8b6UUx7HfQLpc2+Z6Jptms+x0rLXoiUwBO5jgn0LB/oW46egF7nfp
v2lCwfKtgNMMiH6I5AWrLXthtnwuRPxj0wp6ohCtIe9XG8mv0BhitPJAJE/NVscr
tb4040vTUaw25g==
-----END CERTIFICATE-----