Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
File:                     t5im6ZG5VaKTURGf9312hksNOEo.mft (raw, json)
Hash identifier:          W3Au6tPK7tRkbs0uXaBn2dHqs8Kh/WMmr5MCIUSJhus=
Subject key identifier:   13:1B:C6:55:F6:B6:93:6F:DF:68:27:C8:03:D1:C1:1D:03:A4:07:CF
Authority key identifier: B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A
Certificate issuer:       /CN=b798a6e991b955a29351119ff77d76864b0d384a
Certificate serial:       019D38661DA355B3E6DCB896BF802BF5EA69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
Manifest number:          0FB2
Signing time:             Sun 29 Mar 2026 07:01:49 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:49 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:49 +0000
Files and hashes:         1: t5im6ZG5VaKTURGf9312hksNOEo.crl (hash: Xb5WhGTErUPiULCqgSf+SfH2+Pjpyi54GxBhJIi0798=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:1d:a3:55:b3:e6:dc:b8:96:bf:80:2b:f5:ea:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b798a6e991b955a29351119ff77d76864b0d384a
        Validity
            Not Before: Mar 29 07:01:49 2026 GMT
            Not After : Mar 30 07:01:49 2026 GMT
        Subject: CN=131bc655f6b6936fdf6827c803d1c11d03a407cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:13:74:ad:68:59:1e:af:2e:1b:dc:e8:08:b4:
                    a5:2f:dd:41:01:5f:70:34:78:d6:59:19:2f:b6:1f:
                    cd:0d:f2:6b:12:02:51:1f:bd:da:bc:cb:6f:ca:b1:
                    ff:a3:af:c3:c0:0e:2d:dd:f1:83:b4:11:de:a5:f5:
                    f4:b6:b2:ff:59:f0:ef:1a:bd:74:32:5f:73:93:3a:
                    24:aa:99:21:cd:a5:41:ae:54:8e:d4:bd:7a:5c:3d:
                    b0:92:bc:8a:67:e4:f7:f8:0b:19:ce:6f:ea:56:80:
                    1b:58:c8:1e:75:f0:f4:aa:d2:21:51:54:72:47:d2:
                    98:df:3a:f0:48:ce:64:fb:80:46:68:ac:5c:f1:4d:
                    05:20:8a:86:8d:b5:25:d6:7f:cd:0f:5d:13:f9:10:
                    38:7c:0f:c1:00:31:c7:6f:bc:ad:83:ca:91:d3:43:
                    41:36:94:63:88:f6:ce:c4:a5:20:18:0f:9c:75:8c:
                    3b:68:4a:3a:68:73:d2:f8:c4:08:14:15:db:e4:09:
                    66:88:27:d7:24:46:74:c8:a3:e4:08:be:fc:47:7a:
                    93:a7:98:a6:42:a2:e7:17:57:61:b3:4f:d1:ad:1c:
                    1a:a3:99:dd:0d:62:de:4c:b9:0e:0f:f6:3b:3d:d5:
                    f3:65:dd:20:1d:3c:5a:ab:52:c4:a8:08:90:16:d8:
                    f8:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1B:C6:55:F6:B6:93:6F:DF:68:27:C8:03:D1:C1:1D:03:A4:07:CF
            X509v3 Authority Key Identifier:
                keyid:B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:4d:33:ac:b4:f0:38:c6:f1:1a:16:45:4f:64:4d:06:6f:c5:
         70:8b:61:b9:e6:8d:c5:fe:ce:a8:40:22:df:9a:92:0a:e0:11:
         8a:62:8d:38:50:12:08:4c:df:37:d6:7a:8b:47:97:34:57:cb:
         8e:81:95:f4:27:7c:24:53:d7:c4:67:8c:2b:72:dd:08:c0:2f:
         47:b3:a7:61:b0:4a:e7:e4:07:4a:9e:c2:17:92:2d:2a:e6:f4:
         dd:c6:5a:f5:e5:30:62:81:0b:be:57:39:8b:c1:22:69:14:4a:
         f7:2f:84:24:de:3f:36:6d:ae:2f:5b:10:1a:f1:95:3a:98:32:
         dc:06:13:af:3f:8a:cb:78:6a:fe:f6:e7:05:d8:75:ec:46:b8:
         df:16:0b:6b:f3:5c:9f:56:10:54:82:16:24:93:90:04:cb:14:
         2d:4d:c1:54:9e:68:5c:9e:f0:79:93:b1:96:53:67:07:ec:1e:
         75:7b:22:ae:03:c8:7f:81:29:6a:dc:f4:be:88:01:26:fb:fb:
         66:47:67:0c:da:db:63:5d:e2:e2:e9:dd:03:2a:f7:cf:ed:aa:
         03:ff:5c:51:d5:96:fa:1d:e0:be:fe:ae:2e:29:66:6e:20:98:
         e3:12:f6:31:22:6a:69:73:29:ff:68:a3:61:75:74:09:64:ba:
         91:68:4e:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zh2jVbPm3LiWv4Ar9eppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OThhNmU5OTFiOTU1YTI5MzUxMTE5ZmY3N2Q3Njg2NGIw
ZDM4NGEwHhcNMjYwMzI5MDcwMTQ5WhcNMjYwMzMwMDcwMTQ5WjAzMTEwLwYDVQQD
EygxMzFiYzY1NWY2YjY5MzZmZGY2ODI3YzgwM2QxYzExZDAzYTQwN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxN0rWhZHq8uG9zoCLSlL91BAV9w
NHjWWRkvth/NDfJrEgJRH73avMtvyrH/o6/DwA4t3fGDtBHepfX0trL/WfDvGr10
Ml9zkzokqpkhzaVBrlSO1L16XD2wkryKZ+T3+AsZzm/qVoAbWMgedfD0qtIhUVRy
R9KY3zrwSM5k+4BGaKxc8U0FIIqGjbUl1n/ND10T+RA4fA/BADHHb7ytg8qR00NB
NpRjiPbOxKUgGA+cdYw7aEo6aHPS+MQIFBXb5AlmiCfXJEZ0yKPkCL78R3qTp5im
QqLnF1dhs0/RrRwao5ndDWLeTLkOD/Y7PdXzZd0gHTxaq1LEqAiQFtj4swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMbxlX2tpNv32gnyAPRwR0DpAfPMB8GA1UdIwQY
MBaAFLeYpumRuVWik1ERn/d9doZLDThKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMt
NjljNzJmMTY4Njg5LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMtNjljNzJmMTY4Njg5
LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAik0zrLTw
OMbxGhZFT2RNBm/FcIthueaNxf7OqEAi35qSCuARimKNOFASCEzfN9Z6i0eXNFfL
joGV9Cd8JFPXxGeMK3LdCMAvR7OnYbBK5+QHSp7CF5ItKub03cZa9eUwYoELvlc5
i8EiaRRK9y+EJN4/Nm2uL1sQGvGVOpgy3AYTrz+Ky3hq/vbnBdh17Ea43xYLa/Nc
n1YQVIIWJJOQBMsULU3BVJ5oXJ7weZOxllNnB+wedXsirgPIf4Epatz0vogBJvv7
ZkdnDNrbY13i4undAyr3z+2qA/9cUdWW+h3gvv6uLilmbiCY4xL2MSJqaXMp/2ij
YXV0CWS6kWhOuQ==
-----END CERTIFICATE-----