Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          wNwyEG9TvrtrDKRY3BddwbFvUU+sNozErTV5W0THUL4=
Subject key identifier:   6A:F8:E4:5A:51:8F:05:99:2A:A0:4D:DA:63:03:06:CA:1A:8B:E9:CA
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019F189EEFD8008B68C6CEFA230E278D401A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          1065
Signing time:             Tue 30 Jun 2026 13:01:36 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:36 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:36 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: PEOwFMACB/TfFIBehE5UF7OETaxH55DZGyGJV1v7z+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:ef:d8:00:8b:68:c6:ce:fa:23:0e:27:8d:40:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Jun 30 13:01:36 2026 GMT
            Not After : Jul  1 13:01:36 2026 GMT
        Subject: CN=6af8e45a518f05992aa04dda630306ca1a8be9ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:67:ba:96:ae:5e:e0:65:c8:32:ef:f3:e8:3a:
                    c6:c0:89:8a:b1:2d:c4:49:83:4e:3b:3c:9e:ce:b1:
                    ac:8b:8b:ac:a7:a6:4c:0a:c4:65:79:b1:4b:48:eb:
                    83:c6:a4:66:91:be:3f:29:c5:bf:63:6f:5f:8d:d8:
                    c3:f7:c7:9e:d7:5c:7b:a1:26:4a:6a:d6:1b:6a:63:
                    70:61:09:a0:6f:60:77:74:a0:61:75:d6:70:f3:95:
                    2e:b3:b1:37:97:82:0e:c4:de:71:5e:7d:e9:45:89:
                    6d:1f:54:90:7a:e1:9c:75:9a:f0:c9:5b:84:4f:21:
                    f7:b2:0d:b3:51:5d:9d:93:61:76:fb:b9:a2:4a:89:
                    2b:cc:eb:18:54:a2:15:0a:b7:b3:92:71:03:b6:fe:
                    c7:5e:e7:58:99:5c:0a:fa:e3:fa:0a:53:2b:d2:59:
                    71:39:39:cf:fb:47:ad:c2:67:60:82:78:56:5a:f0:
                    b2:40:c2:4e:c7:93:6f:0f:c2:16:35:78:22:32:ef:
                    8d:92:e7:73:ca:89:0a:f2:da:ce:81:59:00:ba:c1:
                    e0:c4:4c:d4:39:62:61:a8:5f:6e:fd:cf:d5:fc:fe:
                    27:36:e1:db:00:75:13:11:2f:cb:75:32:d1:9f:5b:
                    f5:da:22:bd:e4:70:03:d2:35:96:4e:9d:3d:5b:36:
                    ce:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F8:E4:5A:51:8F:05:99:2A:A0:4D:DA:63:03:06:CA:1A:8B:E9:CA
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:49:95:07:ba:d4:23:8c:56:63:e1:d0:5b:a3:a2:f2:de:04:
         3f:e9:ea:43:62:d6:67:bf:0a:ba:f3:17:06:b4:31:82:28:f7:
         ac:51:39:ae:45:6f:89:1a:6f:d8:15:b0:c4:a3:54:49:f7:77:
         d9:e2:59:54:a2:48:f7:fb:94:5a:be:1f:14:84:e3:6b:0e:e7:
         c8:be:49:0e:e5:41:54:f4:4f:73:be:d6:23:b2:7d:8d:2e:ec:
         89:22:82:47:ea:c3:88:b5:44:ba:6a:0f:3d:c3:76:73:5e:c9:
         d3:59:54:0d:b3:e2:93:6f:ab:a1:1f:37:db:94:d2:e7:89:10:
         7e:6c:ce:33:b4:77:75:65:6a:63:cd:1a:08:e7:6a:2e:2b:44:
         d6:7c:0b:a4:33:28:cf:d7:8a:0e:f4:5e:99:dd:67:f7:6e:40:
         87:10:5d:43:ff:2e:28:18:c2:9d:be:a8:2c:50:64:29:ea:b4:
         e8:66:68:91:fb:8e:19:3c:ea:28:2e:aa:93:2d:81:7a:2f:b4:
         c5:e4:21:6d:6b:10:60:7b:7c:65:d8:89:da:a9:88:50:83:a4:
         c7:02:f8:dd:0f:11:ba:50:c8:48:11:7f:d2:97:e2:95:cb:4b:
         49:f1:4a:e3:9c:27:b4:e7:f9:56:c7:75:bc:d7:bb:7b:15:bf:
         5c:e8:8c:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynu/YAItoxs76Iw4njUAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjYwNjMwMTMwMTM2WhcNMjYwNzAxMTMwMTM2WjAzMTEwLwYDVQQD
Eyg2YWY4ZTQ1YTUxOGYwNTk5MmFhMDRkZGE2MzAzMDZjYTFhOGJlOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGe6lq5e4GXIMu/z6DrGwImKsS3E
SYNOOzyezrGsi4usp6ZMCsRlebFLSOuDxqRmkb4/KcW/Y29fjdjD98ee11x7oSZK
atYbamNwYQmgb2B3dKBhddZw85Uus7E3l4IOxN5xXn3pRYltH1SQeuGcdZrwyVuE
TyH3sg2zUV2dk2F2+7miSokrzOsYVKIVCrezknEDtv7HXudYmVwK+uP6ClMr0llx
OTnP+0etwmdggnhWWvCyQMJOx5NvD8IWNXgiMu+NkudzyokK8trOgVkAusHgxEzU
OWJhqF9u/c/V/P4nNuHbAHUTES/LdTLRn1v12iK95HAD0jWWTp09WzbObQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGr45FpRjwWZKqBN2mMDBsoai+nKMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkmVB7rU
I4xWY+HQW6Oi8t4EP+nqQ2LWZ78KuvMXBrQxgij3rFE5rkVviRpv2BWwxKNUSfd3
2eJZVKJI9/uUWr4fFITjaw7nyL5JDuVBVPRPc77WI7J9jS7siSKCR+rDiLVEumoP
PcN2c17J01lUDbPik2+roR8325TS54kQfmzOM7R3dWVqY80aCOdqLitE1nwLpDMo
z9eKDvRemd1n925AhxBdQ/8uKBjCnb6oLFBkKeq06GZokfuOGTzqKC6qky2Bei+0
xeQhbWsQYHt8ZdiJ2qmIUIOkxwL43Q8RulDISBF/0pfilctLSfFK45wntOf5Vsd1
vNe7exW/XOiMsA==
-----END CERTIFICATE-----