Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft
File:                     CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft (raw, json)
Hash identifier:          HBzkEaUWrTIzjpthZZBjvMtBRy+NHcAjg91WEfosM6M=
Subject key identifier:   F8:09:32:54:9B:31:7B:6A:6E:54:9E:AA:58:E0:92:87:04:62:70:CF
Authority key identifier: 0A:85:D3:79:72:6C:8F:C0:96:D2:7E:88:FD:A1:17:B3:B2:65:4E:59
Certificate issuer:       /CN=0a85d379726c8fc096d27e88fda117b3b2654e59
Certificate serial:       019D273B4171FE83D654679E222211FC9142
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CoXTeXJsj8CW0n6I_aEXs7JlTlk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft
Manifest number:          0682
Signing time:             Wed 25 Mar 2026 23:01:27 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:27 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:27 +0000
Files and hashes:         1: CoXTeXJsj8CW0n6I_aEXs7JlTlk.crl (hash: qctmZi/1eN8LSlNVXg+XTRfLqvAlzQfE4FhWY1XvbpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CoXTeXJsj8CW0n6I_aEXs7JlTlk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3b:41:71:fe:83:d6:54:67:9e:22:22:11:fc:91:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a85d379726c8fc096d27e88fda117b3b2654e59
        Validity
            Not Before: Mar 25 23:01:27 2026 GMT
            Not After : Mar 26 23:01:27 2026 GMT
        Subject: CN=f80932549b317b6a6e549eaa58e09287046270cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:58:f9:71:6e:af:5b:bf:d4:1e:4a:e3:28:c7:
                    0c:35:d0:8a:5f:d7:97:b0:43:d4:14:5e:4a:78:9c:
                    ef:99:e2:06:8e:24:93:0f:d1:31:bd:e7:b3:4f:23:
                    db:40:32:0e:b5:93:82:2a:3d:0d:4a:47:a4:62:48:
                    75:96:55:0f:d2:34:c3:d8:4a:bc:2c:22:14:6b:51:
                    d2:d5:83:46:d0:ad:b5:d8:35:b5:1c:97:e6:6f:7e:
                    ea:31:52:09:1e:7a:a7:a4:d6:d1:3a:07:54:f2:6c:
                    dd:93:94:bb:b5:37:72:3d:92:f4:95:d5:68:cb:a4:
                    f1:6d:62:ff:f0:1f:31:1b:fd:ad:7b:ce:c4:df:cd:
                    2d:a5:87:3d:ab:ed:f3:3b:15:b6:20:a4:7c:49:5b:
                    81:69:27:92:a7:7e:9b:cb:7f:59:64:c9:1d:33:44:
                    8e:cd:f8:a3:97:1d:1e:d1:a7:f0:d4:27:e5:5c:29:
                    2f:13:32:2a:a9:2f:71:f5:3b:b9:8e:98:e3:50:a1:
                    1c:77:68:7f:4b:3d:65:f3:59:03:9b:c2:a5:cd:03:
                    7d:04:ba:2b:6e:ae:bd:0c:af:fc:71:40:74:e4:c9:
                    a1:37:25:53:17:21:05:36:37:8f:e6:24:ce:ac:dd:
                    79:26:1e:6d:87:5f:b1:d8:1a:91:bd:be:f3:22:10:
                    30:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:09:32:54:9B:31:7B:6A:6E:54:9E:AA:58:E0:92:87:04:62:70:CF
            X509v3 Authority Key Identifier:
                keyid:0A:85:D3:79:72:6C:8F:C0:96:D2:7E:88:FD:A1:17:B3:B2:65:4E:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoXTeXJsj8CW0n6I_aEXs7JlTlk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/23d560-253b-4fe1-9c9d-5e92f4755904/1/CoXTeXJsj8CW0n6I_aEXs7JlTlk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:17:c8:ea:11:a3:ce:27:65:95:56:e9:f1:df:67:7f:d3:89:
         61:d6:7b:34:d1:48:1f:c9:8b:bc:a6:dd:61:79:10:2a:ad:51:
         03:c3:00:d5:d0:27:15:87:7d:7c:3e:dc:55:7d:b7:56:98:56:
         59:34:c8:da:75:97:b3:1d:e1:ae:08:0c:64:16:1e:a5:96:44:
         b9:e3:6e:a0:e7:ab:df:3c:9b:fb:fd:21:81:82:44:48:1e:ed:
         02:55:2c:e2:05:c0:b9:54:3c:ac:c5:5d:e3:0f:d0:f1:98:db:
         da:69:ef:56:90:a3:03:a8:58:ec:73:23:f5:0c:3b:90:fb:df:
         1d:6d:13:8a:14:c9:39:93:cf:a3:a3:38:2e:64:68:a5:16:9a:
         0c:2f:09:21:7c:94:1d:a4:65:2a:6f:5c:87:24:97:d2:fe:4e:
         89:67:c2:23:12:57:3f:83:3b:ef:fa:17:a8:f6:35:08:b0:95:
         80:34:4a:f4:17:f9:d0:11:e0:aa:df:88:13:14:9f:88:55:15:
         2c:4b:63:ee:35:d7:8d:ec:eb:57:9b:86:89:04:93:b4:45:3a:
         03:c2:00:ee:bf:da:2b:c1:a6:f6:cd:74:cc:11:4e:8d:2b:ff:
         58:19:ec:c1:f0:c4:37:08:ae:f1:47:f1:78:89:f0:84:68:bb:
         91:78:01:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nO0Fx/oPWVGeeIiIR/JFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODVkMzc5NzI2YzhmYzA5NmQyN2U4OGZkYTExN2IzYjI2
NTRlNTkwHhcNMjYwMzI1MjMwMTI3WhcNMjYwMzI2MjMwMTI3WjAzMTEwLwYDVQQD
EyhmODA5MzI1NDliMzE3YjZhNmU1NDllYWE1OGUwOTI4NzA0NjI3MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFj5cW6vW7/UHkrjKMcMNdCKX9eX
sEPUFF5KeJzvmeIGjiSTD9ExveezTyPbQDIOtZOCKj0NSkekYkh1llUP0jTD2Eq8
LCIUa1HS1YNG0K212DW1HJfmb37qMVIJHnqnpNbROgdU8mzdk5S7tTdyPZL0ldVo
y6TxbWL/8B8xG/2te87E380tpYc9q+3zOxW2IKR8SVuBaSeSp36by39ZZMkdM0SO
zfijlx0e0afw1CflXCkvEzIqqS9x9Tu5jpjjUKEcd2h/Sz1l81kDm8KlzQN9BLor
bq69DK/8cUB05MmhNyVTFyEFNjeP5iTOrN15Jh5th1+x2BqRvb7zIhAwqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgJMlSbMXtqblSeqljgkocEYnDPMB8GA1UdIwQY
MBaAFAqF03lybI/AltJ+iP2hF7OyZU5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29YVGVYSnNqOENXMG42SV9hRVhzN0psVGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yM2Q1NjAtMjUzYi00ZmUxLTljOWQt
NWU5MmY0NzU1OTA0LzEvQ29YVGVYSnNqOENXMG42SV9hRVhzN0psVGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yM2Q1NjAtMjUzYi00ZmUxLTljOWQtNWU5MmY0NzU1OTA0
LzEvQ29YVGVYSnNqOENXMG42SV9hRVhzN0psVGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUxfI6hGj
zidllVbp8d9nf9OJYdZ7NNFIH8mLvKbdYXkQKq1RA8MA1dAnFYd9fD7cVX23VphW
WTTI2nWXsx3hrggMZBYepZZEueNuoOer3zyb+/0hgYJESB7tAlUs4gXAuVQ8rMVd
4w/Q8Zjb2mnvVpCjA6hY7HMj9Qw7kPvfHW0TihTJOZPPo6M4LmRopRaaDC8JIXyU
HaRlKm9chySX0v5OiWfCIxJXP4M77/oXqPY1CLCVgDRK9Bf50BHgqt+IExSfiFUV
LEtj7jXXjezrV5uGiQSTtEU6A8IA7r/aK8Gm9s10zBFOjSv/WBnswfDENwiu8Ufx
eInwhGi7kXgBKg==
-----END CERTIFICATE-----