Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          RoJU5vzOIviTyHvhzF6L043Y/UVeaPKBdfdZAEoDAUk=
Subject key identifier:   70:3A:99:F5:89:8F:AC:BF:B4:A1:CD:95:B3:9A:A5:83:BE:51:04:78
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       019D26289379CDA4C7A8B006D50A42A7415C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          04CD
Signing time:             Wed 25 Mar 2026 18:01:26 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:26 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:26 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: YIJsQsbm+jEpbsR4tT/fZTBq72sus7bYLiHYleaykqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:93:79:cd:a4:c7:a8:b0:06:d5:0a:42:a7:41:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Mar 25 18:01:26 2026 GMT
            Not After : Mar 26 18:01:26 2026 GMT
        Subject: CN=703a99f5898facbfb4a1cd95b39aa583be510478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:fd:f1:e4:f9:ee:d7:42:13:e0:1c:ab:45:c2:
                    52:8a:0f:62:af:c7:20:ce:2a:ff:42:98:2a:81:09:
                    16:4b:b6:73:b1:9a:65:b3:7c:97:49:42:4d:4e:cb:
                    43:b2:57:c3:b9:6b:c2:5f:79:61:90:f1:85:ed:e4:
                    22:9e:6d:1c:a0:f4:de:2e:c1:26:02:9a:7b:f7:cb:
                    37:3b:a8:72:ee:70:62:ce:3b:78:50:c4:8b:3f:54:
                    87:e5:4b:10:44:37:e1:07:63:0f:e5:41:f9:87:1a:
                    9e:05:eb:84:87:0d:91:df:01:cd:0d:f2:e1:fa:97:
                    8a:74:9c:13:17:64:47:15:b1:eb:6f:b2:59:19:9b:
                    e1:16:c2:f2:67:3f:e1:80:a4:4d:bd:2c:c4:3b:a5:
                    ad:0f:d6:1c:cf:ef:50:ad:d4:ba:0f:d0:8b:c2:ab:
                    f6:f9:37:18:7a:8c:c9:c4:b9:8f:41:75:31:66:20:
                    fc:53:67:2d:e5:3e:d4:b2:be:89:25:4f:dc:fb:07:
                    58:84:4d:ef:15:56:eb:c0:17:94:a2:12:38:e4:92:
                    b4:6a:d9:69:0b:7a:a6:96:46:7a:6e:25:73:01:5f:
                    27:dc:e1:a0:1d:13:64:06:ed:85:b1:93:9e:47:71:
                    65:aa:b6:77:d1:ed:38:4d:99:f4:03:a3:69:c3:58:
                    e4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:3A:99:F5:89:8F:AC:BF:B4:A1:CD:95:B3:9A:A5:83:BE:51:04:78
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fc:86:79:9e:5b:49:19:a0:a0:bb:f3:6d:3e:a0:ad:41:3e:
         ac:a3:be:f5:a0:e6:3a:0f:ae:49:b3:fa:ea:48:bd:84:7d:31:
         b5:47:c3:4e:9f:2f:bf:66:4f:ec:c6:84:0b:46:af:02:17:c4:
         2b:8b:a6:fe:3d:37:85:42:d0:54:b9:69:93:80:04:5a:10:71:
         08:1b:d2:9d:a4:be:20:52:82:ac:94:66:e6:f8:75:29:9d:a8:
         5b:32:a1:0e:6c:69:37:c4:6b:87:b7:a2:3a:90:0d:bc:9c:af:
         24:a8:49:00:1d:76:4b:b8:ed:ba:12:b9:11:23:06:c9:4c:0f:
         4e:ab:95:ac:d3:45:49:da:b7:75:15:e7:45:0d:44:ac:42:32:
         98:e8:d6:0e:8c:48:77:07:e7:6c:e5:6f:af:56:af:11:fb:12:
         17:81:00:28:00:18:23:7e:b7:3b:1b:ef:fe:9c:cb:db:50:b7:
         3b:14:41:df:9d:7c:4b:e2:4e:0b:86:12:6c:03:bf:9d:2b:cc:
         9d:4e:e4:28:2b:0e:ae:0e:dc:0c:16:dc:34:67:cd:5e:dd:7f:
         4c:13:73:0b:c7:ee:ef:e4:de:83:26:51:18:66:bc:d5:09:7e:
         8b:3b:41:1f:7d:17:b6:27:90:09:97:dd:4f:89:85:ae:2d:92:
         d3:d1:e2:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKJN5zaTHqLAG1QpCp0FcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjYwMzI1MTgwMTI2WhcNMjYwMzI2MTgwMTI2WjAzMTEwLwYDVQQD
Eyg3MDNhOTlmNTg5OGZhY2JmYjRhMWNkOTViMzlhYTU4M2JlNTEwNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf3x5Pnu10IT4ByrRcJSig9ir8cg
zir/QpgqgQkWS7ZzsZpls3yXSUJNTstDslfDuWvCX3lhkPGF7eQinm0coPTeLsEm
App798s3O6hy7nBizjt4UMSLP1SH5UsQRDfhB2MP5UH5hxqeBeuEhw2R3wHNDfLh
+peKdJwTF2RHFbHrb7JZGZvhFsLyZz/hgKRNvSzEO6WtD9Ycz+9QrdS6D9CLwqv2
+TcYeozJxLmPQXUxZiD8U2ct5T7Usr6JJU/c+wdYhE3vFVbrwBeUohI45JK0atlp
C3qmlkZ6biVzAV8n3OGgHRNkBu2FsZOeR3FlqrZ30e04TZn0A6Npw1jkeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHA6mfWJj6y/tKHNlbOapYO+UQR4MB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivyGeZ5b
SRmgoLvzbT6grUE+rKO+9aDmOg+uSbP66ki9hH0xtUfDTp8vv2ZP7MaEC0avAhfE
K4um/j03hULQVLlpk4AEWhBxCBvSnaS+IFKCrJRm5vh1KZ2oWzKhDmxpN8Rrh7ei
OpANvJyvJKhJAB12S7jtuhK5ESMGyUwPTquVrNNFSdq3dRXnRQ1ErEIymOjWDoxI
dwfnbOVvr1avEfsSF4EAKAAYI363Oxvv/pzL21C3OxRB3518S+JOC4YSbAO/nSvM
nU7kKCsOrg7cDBbcNGfNXt1/TBNzC8fu7+TegyZRGGa81Ql+iztBH30XtieQCZfd
T4mFri2S09Hi0g==
-----END CERTIFICATE-----