Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
File:                     T5mJlOtWGejymrO956sq0U6r_P0.mft (raw, json)
Hash identifier:          k5fMll0BuuOFE1B11YFOakZEci2InAd+33Sg1Lx1Y/k=
Subject key identifier:   25:62:97:02:AA:A6:11:73:C3:A2:D7:12:E1:06:DF:64:08:23:79:F1
Authority key identifier: 4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD
Certificate issuer:       /CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
Certificate serial:       019D39AF43A9EE67CD5B2AAB456AC1BC7CE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 13:01:20 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:20 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:20 +0000
Files and hashes:         1: T5mJlOtWGejymrO956sq0U6r_P0.crl (hash: OGnWQ31u7u9aAMVOC4zzMEhk+Rlhbj9mn7x5Jlgh8/E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:43:a9:ee:67:cd:5b:2a:ab:45:6a:c1:bc:7c:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
        Validity
            Not Before: Mar 29 13:01:20 2026 GMT
            Not After : Mar 30 13:01:20 2026 GMT
        Subject: CN=25629702aaa61173c3a2d712e106df64082379f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a9:34:db:9b:47:3a:a5:e2:f9:81:02:b3:08:
                    6f:7a:64:37:13:06:88:2c:b1:a1:96:67:58:ea:35:
                    04:e1:58:71:54:b9:22:cd:f6:2e:8e:8e:bb:e6:7a:
                    57:1b:23:5a:62:05:4d:7c:7d:c2:84:53:f6:73:6e:
                    8c:b4:31:f7:76:57:f0:49:6d:bd:14:7c:dc:09:9b:
                    0b:d1:bf:79:aa:8e:84:98:50:58:09:15:99:cc:63:
                    ca:61:10:0c:58:f0:23:f5:49:45:85:e5:36:07:2d:
                    0e:75:12:3d:7f:93:91:1e:26:65:4b:e9:a2:f1:8f:
                    84:16:03:66:1c:a9:af:0e:c3:bd:bb:55:44:cd:28:
                    a0:7d:8e:40:19:10:64:22:a7:67:8a:3e:48:f1:17:
                    33:f8:c0:06:15:01:2c:73:a8:2d:e5:72:08:f2:e8:
                    08:03:f8:96:4b:ab:a4:ec:33:9e:c3:58:97:11:3f:
                    27:86:65:3d:1b:05:b4:0b:fa:fd:3f:cc:c3:ef:d3:
                    5c:08:a8:76:df:15:11:50:ac:c1:2c:9c:3d:03:29:
                    8d:67:68:86:60:f0:67:44:f8:32:1a:0c:cb:58:b2:
                    e6:a6:af:f4:bf:91:c3:4a:66:7d:d1:cb:01:55:07:
                    7e:6c:40:ee:e8:e1:63:9b:4b:d6:95:e9:73:21:3e:
                    ce:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:62:97:02:AA:A6:11:73:C3:A2:D7:12:E1:06:DF:64:08:23:79:F1
            X509v3 Authority Key Identifier:
                keyid:4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:11:4b:29:fc:10:30:ef:7e:b8:fc:51:d9:6c:3b:88:a2:2d:
         9e:5a:88:ac:79:07:df:22:3c:76:0d:94:d1:51:27:f7:12:bc:
         e2:f0:39:5c:61:3f:ea:62:f1:ec:f0:cb:0a:8f:be:c8:35:1a:
         1f:7e:c2:55:d3:55:7c:7b:e5:e4:fb:75:0d:e2:dd:c9:22:aa:
         7c:c2:7f:93:e2:ac:21:29:01:43:59:38:2a:1d:34:29:12:40:
         3d:80:47:7d:56:2e:f4:cb:fa:3a:b9:7b:b5:c5:2c:67:b0:76:
         c9:84:4f:80:dd:36:fc:55:61:a7:a6:f4:1e:13:63:29:fb:01:
         64:7a:bc:b7:d5:f4:ac:12:8d:97:a7:3f:b0:8b:2b:f9:06:e4:
         55:a3:ce:b5:ac:ec:20:20:ae:87:7b:dc:80:14:cb:ac:9d:bb:
         ec:d1:6f:3d:8e:a6:ee:32:79:d3:4f:56:f3:4b:99:ea:ea:ee:
         e0:b4:cb:09:0a:79:62:7f:7a:2a:c1:b7:d5:aa:df:fe:c3:b6:
         6c:1a:df:3b:ef:d1:d3:7c:19:78:1f:b9:2f:04:33:2e:67:f3:
         91:b2:20:e8:b2:f7:53:01:39:50:b2:e7:0d:72:94:d0:c0:48:
         88:fd:0b:8d:58:8d:11:19:96:82:d7:38:e1:1b:c4:dc:85:bd:
         47:c5:0d:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r0Op7mfNWyqrRWrBvHzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTk4OTk0ZWI1NjE5ZThmMjlhYjNiZGU3YWIyYWQxNGVh
YmZjZmQwHhcNMjYwMzI5MTMwMTIwWhcNMjYwMzMwMTMwMTIwWjAzMTEwLwYDVQQD
EygyNTYyOTcwMmFhYTYxMTczYzNhMmQ3MTJlMTA2ZGY2NDA4MjM3OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6k025tHOqXi+YECswhvemQ3EwaI
LLGhlmdY6jUE4VhxVLkizfYujo675npXGyNaYgVNfH3ChFP2c26MtDH3dlfwSW29
FHzcCZsL0b95qo6EmFBYCRWZzGPKYRAMWPAj9UlFheU2By0OdRI9f5ORHiZlS+mi
8Y+EFgNmHKmvDsO9u1VEzSigfY5AGRBkIqdnij5I8Rcz+MAGFQEsc6gt5XII8ugI
A/iWS6uk7DOew1iXET8nhmU9GwW0C/r9P8zD79NcCKh23xURUKzBLJw9AymNZ2iG
YPBnRPgyGgzLWLLmpq/0v5HDSmZ90csBVQd+bEDu6OFjm0vWlelzIT7OewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVilwKqphFzw6LXEuEG32QII3nxMB8GA1UdIwQY
MBaAFE+ZiZTrVhno8pqzveerKtFOq/z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgt
NDQ2OGQxMmYzMjJiLzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgtNDQ2OGQxMmYzMjJi
LzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAERFLKfwQ
MO9+uPxR2Ww7iKItnlqIrHkH3yI8dg2U0VEn9xK84vA5XGE/6mLx7PDLCo++yDUa
H37CVdNVfHvl5Pt1DeLdySKqfMJ/k+KsISkBQ1k4Kh00KRJAPYBHfVYu9Mv6Orl7
tcUsZ7B2yYRPgN02/FVhp6b0HhNjKfsBZHq8t9X0rBKNl6c/sIsr+QbkVaPOtazs
ICCuh3vcgBTLrJ277NFvPY6m7jJ5009W80uZ6uru4LTLCQp5Yn96KsG31arf/sO2
bBrfO+/R03wZeB+5LwQzLmfzkbIg6LL3UwE5ULLnDXKU0MBIiP0LjViNERmWgtc4
4RvE3IW9R8UNWQ==
-----END CERTIFICATE-----