Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
File:                     mXFUBuche_wTgSpHBMYq4JnnyP8.mft (raw, json)
Hash identifier:          To/jMFkiIcvYi+Pl5X3ajtFQ24k7N1OXbxDsQ33LPIw=
Subject key identifier:   37:FF:3A:F5:51:96:26:4A:8B:33:39:DC:97:E4:CE:EF:A2:0B:2F:9C
Authority key identifier: 99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF
Certificate issuer:       /CN=99715406e7217bfc13812a4704c62ae099e7c8ff
Certificate serial:       019D2A3C2568A0321EF3216CBBE4F9BBB4BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
Manifest number:          05A5
Signing time:             Thu 26 Mar 2026 13:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 13:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 13:01:17 +0000
Files and hashes:         1: mXFUBuche_wTgSpHBMYq4JnnyP8.crl (hash: 0pXiledAqeGClE5voEPZYPdmUwZ6ji6/y6lTDxFayOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 13:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3c:25:68:a0:32:1e:f3:21:6c:bb:e4:f9:bb:b4:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99715406e7217bfc13812a4704c62ae099e7c8ff
        Validity
            Not Before: Mar 26 13:01:17 2026 GMT
            Not After : Mar 27 13:01:17 2026 GMT
        Subject: CN=37ff3af55196264a8b3339dc97e4ceefa20b2f9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2e:c4:93:d1:e8:71:70:ac:65:6b:c1:bd:c0:
                    11:bd:79:b4:ae:cd:6d:5c:bc:22:bc:44:6f:4b:cd:
                    f0:51:34:7c:31:7f:ad:91:b5:11:15:b6:69:47:f7:
                    81:fa:25:db:a9:2d:74:b3:34:73:b4:42:12:ee:b9:
                    8d:08:52:5e:2e:92:4e:fa:2b:03:57:1b:6d:39:f4:
                    e7:82:6f:2d:f4:ed:81:eb:b9:7f:5e:38:6a:30:26:
                    fa:33:cd:7a:51:1e:4b:4d:80:4e:83:f5:f9:a8:f5:
                    da:bd:cf:c6:dd:7b:32:af:25:6d:fa:1c:09:52:1e:
                    bc:fd:31:a6:7b:dc:80:9d:42:9c:41:05:fd:df:29:
                    84:ea:72:17:28:36:13:49:e0:5b:0d:fd:79:40:2a:
                    6c:26:f7:66:78:69:db:f2:54:44:68:32:4b:6c:b3:
                    bd:0c:7f:a3:cf:d3:3c:0c:50:31:37:4c:87:79:70:
                    d4:3f:2d:18:25:d7:70:4f:3f:4e:7d:e8:0a:c9:dd:
                    dc:a5:8d:8b:e8:82:65:22:d1:4e:6e:96:7e:6b:08:
                    69:bc:cd:50:e5:23:6b:03:80:1f:dc:b3:87:bc:6e:
                    ff:6a:a7:4d:cb:09:97:6c:0a:25:a1:5a:ca:9b:f3:
                    ef:8b:66:9e:f2:49:3c:c0:86:f1:ac:3b:bd:d8:da:
                    51:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:FF:3A:F5:51:96:26:4A:8B:33:39:DC:97:E4:CE:EF:A2:0B:2F:9C
            X509v3 Authority Key Identifier:
                keyid:99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:fc:38:b7:ac:06:78:c9:1a:6e:11:f6:a9:54:60:6b:05:13:
         bc:95:1c:7e:6a:5f:5f:91:14:cf:32:7f:cd:8f:2d:2e:b5:9f:
         e3:43:2c:1b:3a:1e:7c:c0:9a:70:12:61:57:0b:b8:6f:55:f8:
         c4:32:6d:39:3b:86:58:1d:69:97:f8:82:41:74:f0:d8:a3:45:
         3d:93:70:0e:a5:ed:3f:44:bb:14:e4:9c:23:c5:86:b3:cc:74:
         72:ed:13:7b:44:8c:01:69:40:c9:a8:8f:2a:2e:3c:d5:0d:e6:
         cd:99:14:6c:78:4f:ea:61:03:b1:0f:5a:c8:0d:f2:5e:57:2b:
         00:e4:90:46:9c:97:a3:74:78:5f:a6:e8:84:d9:77:31:16:4e:
         79:9c:21:6e:fb:1c:61:26:35:56:41:f9:ff:48:23:21:76:46:
         b0:34:a2:8e:d5:5e:96:a9:7e:99:2b:ec:00:0b:57:00:78:e1:
         a8:21:de:b4:6f:6d:f9:80:b7:3d:6e:b0:36:cb:59:df:53:44:
         c0:31:e5:e1:c1:f8:ad:88:be:d8:06:03:ea:67:80:b0:91:10:
         0b:03:4d:62:76:7c:85:7a:dc:0b:c0:3b:d5:17:43:bf:45:c9:
         0c:5f:84:e7:91:03:5d:1c:c6:83:11:d3:21:1d:9c:c2:3c:d8:
         ce:24:b1:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPCVooDIe8yFsu+T5u7S9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzE1NDA2ZTcyMTdiZmMxMzgxMmE0NzA0YzYyYWUwOTll
N2M4ZmYwHhcNMjYwMzI2MTMwMTE3WhcNMjYwMzI3MTMwMTE3WjAzMTEwLwYDVQQD
EygzN2ZmM2FmNTUxOTYyNjRhOGIzMzM5ZGM5N2U0Y2VlZmEyMGIyZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC7Ek9HocXCsZWvBvcARvXm0rs1t
XLwivERvS83wUTR8MX+tkbURFbZpR/eB+iXbqS10szRztEIS7rmNCFJeLpJO+isD
VxttOfTngm8t9O2B67l/XjhqMCb6M816UR5LTYBOg/X5qPXavc/G3XsyryVt+hwJ
Uh68/TGme9yAnUKcQQX93ymE6nIXKDYTSeBbDf15QCpsJvdmeGnb8lREaDJLbLO9
DH+jz9M8DFAxN0yHeXDUPy0YJddwTz9OfegKyd3cpY2L6IJlItFObpZ+awhpvM1Q
5SNrA4Af3LOHvG7/aqdNywmXbAoloVrKm/Pvi2ae8kk8wIbxrDu92NpRFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDf/OvVRliZKizM53Jfkzu+iCy+cMB8GA1UdIwQY
MBaAFJlxVAbnIXv8E4EqRwTGKuCZ58j/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTkt
MTUxNmI2ZDgyZTJkLzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTktMTUxNmI2ZDgyZTJk
LzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjfw4t6wG
eMkabhH2qVRgawUTvJUcfmpfX5EUzzJ/zY8tLrWf40MsGzoefMCacBJhVwu4b1X4
xDJtOTuGWB1pl/iCQXTw2KNFPZNwDqXtP0S7FOScI8WGs8x0cu0Te0SMAWlAyaiP
Ki481Q3mzZkUbHhP6mEDsQ9ayA3yXlcrAOSQRpyXo3R4X6bohNl3MRZOeZwhbvsc
YSY1VkH5/0gjIXZGsDSijtVelql+mSvsAAtXAHjhqCHetG9t+YC3PW6wNstZ31NE
wDHl4cH4rYi+2AYD6meAsJEQCwNNYnZ8hXrcC8A71RdDv0XJDF+E55EDXRzGgxHT
IR2cwjzYziSxOg==
-----END CERTIFICATE-----