Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File:                     xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier:          OGGm12UO3Z3dtJShhnQwnvJdMN3Vb4ZYkehDMQBCkng=
Subject key identifier:   0F:E7:18:B5:8D:86:6E:1C:D0:59:6F:64:CE:64:AA:F7:CE:A8:B0:7F
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer:       /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial:       019D25F1C23C6980E5F922FF996D20038681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number:          15BF
Signing time:             Wed 25 Mar 2026 17:01:34 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:34 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:34 +0000
Files and hashes:         1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: vY66OOk4j2deh2Uv0358Ug3tqOyBVsiThIa68VVHdqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 17:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:c2:3c:69:80:e5:f9:22:ff:99:6d:20:03:86:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
        Validity
            Not Before: Mar 25 17:01:34 2026 GMT
            Not After : Mar 26 17:01:34 2026 GMT
        Subject: CN=0fe718b58d866e1cd0596f64ce64aaf7cea8b07f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9b:64:7e:be:2c:40:d1:4a:d4:6f:87:24:92:
                    fa:70:3b:3e:cd:ea:6b:97:1c:86:a4:44:0d:3e:dd:
                    09:21:c0:9c:90:6a:5a:f4:84:9d:ec:05:9e:83:71:
                    0a:b6:f0:78:ef:44:cb:ae:9a:06:5c:ee:94:c5:a6:
                    d6:08:f3:7a:36:d0:c5:64:48:7c:58:65:cb:70:b9:
                    c0:31:37:cc:0e:ae:06:76:25:70:fc:99:4f:25:64:
                    1f:c1:53:c4:ee:ac:60:f1:e6:a8:9d:bc:09:71:2e:
                    d1:43:b2:83:30:15:9a:a2:e1:af:c2:90:0e:67:ee:
                    2f:ea:60:41:90:e0:74:1a:e9:61:ed:ab:54:24:69:
                    98:fd:99:04:f6:36:c5:cc:68:5c:34:bd:b7:a4:a8:
                    be:76:14:70:84:c5:ed:b6:4f:9f:f8:5c:63:e4:33:
                    16:9d:1f:c7:0f:d2:28:e2:0e:d6:95:8e:3b:76:c3:
                    32:74:5e:39:14:fc:be:69:dd:94:80:71:59:8c:46:
                    03:4a:f8:2c:a6:ec:cc:ff:e5:a0:28:7f:8f:7d:bc:
                    7c:93:2d:3d:48:3e:14:22:81:4d:84:e2:05:a5:39:
                    1b:c9:6c:cc:54:e1:5c:b4:bc:83:3b:df:fc:de:7d:
                    1c:a8:99:b3:e6:c6:b8:3d:d7:14:ec:29:a3:66:db:
                    2d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:E7:18:B5:8D:86:6E:1C:D0:59:6F:64:CE:64:AA:F7:CE:A8:B0:7F
            X509v3 Authority Key Identifier:
                keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:6f:b4:38:92:39:b7:16:c8:43:69:95:3d:44:e8:17:7e:5c:
         44:6c:b1:37:5f:92:83:fa:f5:ba:e7:d8:32:5c:76:f8:0f:f0:
         76:f0:59:e7:b9:84:bb:e6:ce:26:10:21:70:94:16:06:1d:84:
         66:7f:ce:92:a9:a5:fd:c8:4a:67:66:aa:3c:0a:c8:69:dc:8e:
         31:f2:a0:24:c3:9f:4d:a3:9c:cc:fd:f7:2a:03:81:59:80:ed:
         44:b2:9c:03:7d:5e:4d:10:25:c4:91:98:b4:e5:fe:e6:fb:7b:
         b5:9c:26:ff:13:e4:fb:a6:ae:6d:91:48:17:cb:c8:9a:33:19:
         45:af:60:be:05:74:1a:a4:6d:5d:b2:42:99:fb:ce:5e:fd:f4:
         42:6c:86:49:2f:c0:ca:fe:c5:20:b2:11:18:68:94:ae:66:73:
         06:09:a6:95:52:d6:46:79:b4:9f:46:4d:4b:59:6c:1d:8a:34:
         48:ed:6f:90:dc:e2:bc:59:59:8e:d8:af:a4:79:6c:f9:30:b3:
         98:59:7d:f8:52:04:03:3f:0f:c3:1b:c4:a3:66:56:3e:be:12:
         f5:83:d5:d4:52:20:3d:d7:7d:eb:f6:14:87:f0:3b:7e:3d:24:
         ca:1b:f1:27:bc:7e:b4:3a:a8:e6:31:fc:1d:6f:78:99:71:8f:
         67:03:b7:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8cI8aYDl+SL/mW0gA4aBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjYwMzI1MTcwMTM0WhcNMjYwMzI2MTcwMTM0WjAzMTEwLwYDVQQD
EygwZmU3MThiNThkODY2ZTFjZDA1OTZmNjRjZTY0YWFmN2NlYThiMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5tkfr4sQNFK1G+HJJL6cDs+zepr
lxyGpEQNPt0JIcCckGpa9ISd7AWeg3EKtvB470TLrpoGXO6UxabWCPN6NtDFZEh8
WGXLcLnAMTfMDq4GdiVw/JlPJWQfwVPE7qxg8eaonbwJcS7RQ7KDMBWaouGvwpAO
Z+4v6mBBkOB0Gulh7atUJGmY/ZkE9jbFzGhcNL23pKi+dhRwhMXttk+f+Fxj5DMW
nR/HD9Io4g7WlY47dsMydF45FPy+ad2UgHFZjEYDSvgspuzM/+WgKH+Pfbx8ky09
SD4UIoFNhOIFpTkbyWzMVOFctLyDO9/83n0cqJmz5sa4PdcU7CmjZtstcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/nGLWNhm4c0FlvZM5kqvfOqLB/MB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQW+0OJI5
txbIQ2mVPUToF35cRGyxN1+Sg/r1uufYMlx2+A/wdvBZ57mEu+bOJhAhcJQWBh2E
Zn/Okqml/chKZ2aqPArIadyOMfKgJMOfTaOczP33KgOBWYDtRLKcA31eTRAlxJGY
tOX+5vt7tZwm/xPk+6aubZFIF8vImjMZRa9gvgV0GqRtXbJCmfvOXv30QmyGSS/A
yv7FILIRGGiUrmZzBgmmlVLWRnm0n0ZNS1lsHYo0SO1vkNzivFlZjtivpHls+TCz
mFl9+FIEAz8PwxvEo2ZWPr4S9YPV1FIgPdd96/YUh/A7fj0kyhvxJ7x+tDqo5jH8
HW94mXGPZwO3xQ==
-----END CERTIFICATE-----