Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          PefxAirxkW7dAOjybVOQeFu05T3BOOqft4fftC9Q3Cs=
Subject key identifier:   0D:A4:99:20:09:24:D0:AD:C4:00:54:60:71:69:7F:B4:B0:32:1B:F5
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019D37C0A8CD3B8CEE704E29F039AB8A2CB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0F6C
Signing time:             Sun 29 Mar 2026 04:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:06 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: JGYxlSHrblpkAefLa4jI93zkasGNGGv8zaf6ocC1HVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:a8:cd:3b:8c:ee:70:4e:29:f0:39:ab:8a:2c:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Mar 29 04:01:06 2026 GMT
            Not After : Mar 30 04:01:06 2026 GMT
        Subject: CN=0da499200924d0adc400546071697fb4b0321bf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c7:ce:4d:14:92:81:17:3a:23:5a:f1:f0:4d:
                    29:5d:51:31:c7:e5:d3:81:cc:f5:db:fe:d6:98:6c:
                    fc:55:60:78:cc:43:a1:90:9d:f9:d2:53:4e:78:1c:
                    38:2b:2f:5f:21:48:7f:4f:1d:12:a0:f4:ec:ab:ad:
                    54:d1:79:83:1a:1b:9e:f7:7c:18:b9:4b:80:fa:00:
                    01:fc:7a:ab:eb:ec:61:31:2b:28:d6:fe:dd:bf:d7:
                    a3:03:16:2e:06:89:d8:e1:60:65:ce:30:ad:76:5f:
                    3a:56:9f:df:b8:95:cd:5f:46:6c:f7:66:03:72:93:
                    f0:7d:33:41:cd:c0:12:62:fd:f4:04:a3:81:fe:2c:
                    a0:22:52:4d:85:ed:70:81:8c:37:64:a5:26:dd:c3:
                    ab:a4:2b:a9:1f:5a:e8:30:87:31:bc:5c:c4:e4:b1:
                    35:6e:fb:f7:16:54:af:d0:e0:60:ef:fb:4a:63:43:
                    32:2b:1c:50:ea:8b:64:ab:19:7b:f9:5d:23:34:42:
                    8a:05:5d:f5:88:29:1b:3d:c6:e3:08:d9:69:9c:99:
                    a8:4b:d4:a4:eb:89:4a:83:f9:16:c5:8c:b1:d3:c9:
                    45:f3:4c:02:ce:86:2b:72:72:66:c6:e3:a0:b0:a1:
                    9b:57:65:40:03:39:dd:78:42:26:4f:c7:c5:6c:98:
                    6e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A4:99:20:09:24:D0:AD:C4:00:54:60:71:69:7F:B4:B0:32:1B:F5
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:ea:96:47:cb:58:e7:d2:7f:bc:8a:63:35:fb:a8:93:e4:08:
         98:da:b8:61:f5:db:01:7f:c2:b4:81:6f:4e:21:c9:b0:77:08:
         30:3a:b8:b4:19:5b:dc:8a:dd:42:1a:11:32:39:e3:da:4e:93:
         8f:83:04:66:84:4e:3c:9a:8f:af:ac:a7:f8:20:75:7a:7b:b7:
         73:88:fc:1d:4e:93:c3:38:03:6f:35:53:1d:62:b7:e2:3d:78:
         09:3d:83:6a:7e:c9:f2:ff:2d:a7:05:ec:ff:87:57:a5:46:2a:
         b5:c9:3e:a2:fb:8e:5a:76:88:51:71:bd:29:4b:1f:5e:f1:d2:
         13:0e:f1:56:d3:af:7b:7f:24:ab:b7:46:6b:63:1f:49:a9:f8:
         3d:f4:49:31:80:20:e4:7f:05:3d:68:3f:fb:ed:45:7f:4f:6a:
         c7:b3:68:9d:39:b6:97:4f:15:aa:30:ba:23:1c:b9:eb:13:2b:
         15:11:58:96:ee:38:10:d5:3f:a5:09:9b:d7:65:9f:93:9c:1d:
         7c:ca:e3:52:ff:b4:39:d1:f5:28:8d:3a:e6:ec:a0:e6:a2:e6:
         e1:3c:7a:19:9c:bf:cf:f9:f7:40:82:ff:c1:81:2b:25:e0:21:
         d2:94:10:35:72:93:5c:19:8f:d8:4a:d3:6e:c3:39:48:1c:38:
         82:f0:4b:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wKjNO4zucE4p8DmriiyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjYwMzI5MDQwMTA2WhcNMjYwMzMwMDQwMTA2WjAzMTEwLwYDVQQD
EygwZGE0OTkyMDA5MjRkMGFkYzQwMDU0NjA3MTY5N2ZiNGIwMzIxYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMfOTRSSgRc6I1rx8E0pXVExx+XT
gcz12/7WmGz8VWB4zEOhkJ350lNOeBw4Ky9fIUh/Tx0SoPTsq61U0XmDGhue93wY
uUuA+gAB/Hqr6+xhMSso1v7dv9ejAxYuBonY4WBlzjCtdl86Vp/fuJXNX0Zs92YD
cpPwfTNBzcASYv30BKOB/iygIlJNhe1wgYw3ZKUm3cOrpCupH1roMIcxvFzE5LE1
bvv3FlSv0OBg7/tKY0MyKxxQ6otkqxl7+V0jNEKKBV31iCkbPcbjCNlpnJmoS9Sk
64lKg/kWxYyx08lF80wCzoYrcnJmxuOgsKGbV2VAAzndeEImT8fFbJhuIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2kmSAJJNCtxABUYHFpf7SwMhv1MB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeOqWR8tY
59J/vIpjNfuok+QImNq4YfXbAX/CtIFvTiHJsHcIMDq4tBlb3IrdQhoRMjnj2k6T
j4MEZoROPJqPr6yn+CB1enu3c4j8HU6TwzgDbzVTHWK34j14CT2Dan7J8v8tpwXs
/4dXpUYqtck+ovuOWnaIUXG9KUsfXvHSEw7xVtOve38kq7dGa2MfSan4PfRJMYAg
5H8FPWg/++1Ff09qx7NonTm2l08VqjC6Ixy56xMrFRFYlu44ENU/pQmb12Wfk5wd
fMrjUv+0OdH1KI065uyg5qLm4Tx6GZy/z/n3QIL/wYErJeAh0pQQNXKTXBmP2ErT
bsM5SBw4gvBLOA==
-----END CERTIFICATE-----