Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          n9NzJa+6xrh3NvA7RrR2pc5WMQWt4ktlTD4uJo7EZzA=
Subject key identifier:   04:BD:00:A8:70:A9:B1:AB:80:1A:AE:E6:7E:CF:B6:B9:E5:AD:3E:AF
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019D3376755FB1BD72D0B366218308808963
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          0927
Signing time:             Sat 28 Mar 2026 08:01:34 +0000
Manifest this update:     Sat 28 Mar 2026 08:01:34 +0000
Manifest next update:     Sun 29 Mar 2026 08:01:34 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: jlRhj6kVIUi9pS6tWUHDfcrfCrR+Kps+Q2dmIaK3ltY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:76:75:5f:b1:bd:72:d0:b3:66:21:83:08:80:89:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Mar 28 08:01:34 2026 GMT
            Not After : Mar 29 08:01:34 2026 GMT
        Subject: CN=04bd00a870a9b1ab801aaee67ecfb6b9e5ad3eaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ad:8b:5e:d1:a8:8f:f9:1b:14:36:07:bb:77:
                    41:d9:9c:fe:bc:70:f6:b2:ec:fa:9b:16:55:32:2b:
                    83:a1:c0:a8:bf:72:49:f5:83:8a:d3:dd:46:26:ea:
                    40:b1:d5:92:ad:e7:fe:d6:39:8a:21:86:ca:d3:df:
                    de:51:c6:d5:59:a1:85:5b:8c:9a:5e:f9:8a:1b:3a:
                    a6:35:0f:30:c2:64:fe:08:f3:68:dd:32:27:70:c1:
                    ac:b1:f8:4e:27:30:96:9e:5a:d5:3e:d5:3b:93:8d:
                    6e:e7:74:6d:f0:d1:78:77:12:e1:56:9d:b2:b2:93:
                    d4:90:9e:53:34:da:a3:35:dc:0a:76:52:85:18:92:
                    60:16:79:d6:44:9b:58:ae:96:4f:64:ba:fb:99:8d:
                    7d:9e:13:f0:98:ec:00:9a:df:9d:e4:62:33:0a:1b:
                    37:34:18:c0:50:5f:e8:a2:f9:3f:4f:99:a9:71:58:
                    5e:a7:db:21:41:31:74:65:83:6e:67:83:c5:7b:28:
                    38:fb:36:cd:81:0c:aa:20:66:83:92:b1:b8:6e:f5:
                    7f:11:b6:e5:c0:a7:83:84:e5:67:d4:07:4e:a8:0c:
                    32:94:c6:f5:98:25:da:e9:47:3e:6a:d1:9a:12:19:
                    d8:07:45:12:a6:69:89:71:1a:23:aa:39:4a:ab:fe:
                    e3:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:BD:00:A8:70:A9:B1:AB:80:1A:AE:E6:7E:CF:B6:B9:E5:AD:3E:AF
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:e2:50:e5:dc:b9:c3:5d:36:0f:43:be:98:8f:aa:f5:07:aa:
         11:9d:a6:7e:53:05:88:d2:13:3a:cf:66:d3:11:7f:a2:b7:4d:
         b2:4b:57:8f:3d:bd:ce:3c:6a:ca:41:7e:0a:ef:f4:95:bb:75:
         3d:10:9d:fd:16:06:93:1f:47:f2:08:2a:cc:85:29:9c:9b:fd:
         8b:b6:d2:fb:70:3b:53:b4:93:f5:08:da:d7:e0:b5:6f:df:bf:
         0f:35:8a:61:3d:90:56:c3:64:fe:aa:d2:2e:1e:7a:7e:d3:5d:
         d4:bc:a8:67:34:9c:0d:95:10:84:20:68:5b:a2:2a:d2:b5:c0:
         3b:f4:c6:29:6e:6c:a8:93:10:16:e9:0e:5b:30:d8:27:e8:1e:
         78:72:8f:2e:60:20:e2:46:09:d5:b5:e1:70:b3:87:3f:6d:ee:
         5a:59:a4:3c:a0:12:b8:8a:7a:56:71:56:eb:f0:bb:b0:07:fe:
         31:2d:e0:34:7e:4e:bf:28:ae:44:40:68:62:12:a4:cc:1a:df:
         f7:34:b8:8f:69:ef:93:45:9e:6c:c2:28:41:65:b1:d4:10:d6:
         2d:58:c2:5b:66:b6:a3:a7:88:be:6e:5b:60:e5:5e:6e:8b:ef:
         dd:e2:cb:81:7f:b4:c5:a4:b5:2d:f8:02:80:32:8d:b6:6c:a6:
         28:9d:22:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zdnVfsb1y0LNmIYMIgIljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjYwMzI4MDgwMTM0WhcNMjYwMzI5MDgwMTM0WjAzMTEwLwYDVQQD
EygwNGJkMDBhODcwYTliMWFiODAxYWFlZTY3ZWNmYjZiOWU1YWQzZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa2LXtGoj/kbFDYHu3dB2Zz+vHD2
suz6mxZVMiuDocCov3JJ9YOK091GJupAsdWSref+1jmKIYbK09/eUcbVWaGFW4ya
XvmKGzqmNQ8wwmT+CPNo3TIncMGssfhOJzCWnlrVPtU7k41u53Rt8NF4dxLhVp2y
spPUkJ5TNNqjNdwKdlKFGJJgFnnWRJtYrpZPZLr7mY19nhPwmOwAmt+d5GIzChs3
NBjAUF/oovk/T5mpcVhep9shQTF0ZYNuZ4PFeyg4+zbNgQyqIGaDkrG4bvV/Ebbl
wKeDhOVn1AdOqAwylMb1mCXa6Uc+atGaEhnYB0USpmmJcRojqjlKq/7jYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAS9AKhwqbGrgBqu5n7PtrnlrT6vMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzeJQ5dy5
w102D0O+mI+q9QeqEZ2mflMFiNITOs9m0xF/ordNsktXjz29zjxqykF+Cu/0lbt1
PRCd/RYGkx9H8ggqzIUpnJv9i7bS+3A7U7ST9Qja1+C1b9+/DzWKYT2QVsNk/qrS
Lh56ftNd1LyoZzScDZUQhCBoW6Iq0rXAO/TGKW5sqJMQFukOWzDYJ+geeHKPLmAg
4kYJ1bXhcLOHP23uWlmkPKASuIp6VnFW6/C7sAf+MS3gNH5OvyiuREBoYhKkzBrf
9zS4j2nvk0WebMIoQWWx1BDWLVjCW2a2o6eIvm5bYOVebovv3eLLgX+0xaS1LfgC
gDKNtmymKJ0iTg==
-----END CERTIFICATE-----