Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
File:                     XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json)
Hash identifier:          MsMKLZUVMznW1L7+qKlee82XND2TqAnDiPtuMq3LB/A=
Subject key identifier:   7A:CF:DB:77:0D:3C:B8:15:F2:9F:29:71:0E:BC:31:52:43:55:82:02
Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A
Certificate issuer:       /CN=5e5214158af310ffa9c315298343f4c3e66aec9a
Certificate serial:       019D33082E17CAA10BE3B7BF43D35D701DE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
Manifest number:          08D8
Signing time:             Sat 28 Mar 2026 06:01:07 +0000
Manifest this update:     Sat 28 Mar 2026 06:01:07 +0000
Manifest next update:     Sun 29 Mar 2026 06:01:07 +0000
Files and hashes:         1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: 9MPb/yucpyAjJm4rntITHh/MYR8Nko/TBwAr3/0cYjc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:08:2e:17:ca:a1:0b:e3:b7:bf:43:d3:5d:70:1d:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a
        Validity
            Not Before: Mar 28 06:01:07 2026 GMT
            Not After : Mar 29 06:01:07 2026 GMT
        Subject: CN=7acfdb770d3cb815f29f29710ebc315243558202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:79:0a:97:a3:56:b4:27:17:c6:e1:01:12:c6:
                    f6:47:76:16:54:06:8e:ef:ff:84:c7:a1:ad:5c:92:
                    cc:4b:f2:fd:f0:4b:b9:77:9e:71:5d:2c:61:c6:ed:
                    3d:55:48:82:99:e3:96:c3:a6:1e:53:c2:68:01:ab:
                    bd:b2:87:57:dd:34:23:44:c0:58:75:67:ad:0e:36:
                    74:2c:96:bb:51:92:52:85:4b:e0:e1:d6:1e:4b:04:
                    02:26:fa:a4:65:c1:38:97:1a:2b:22:76:4e:9b:92:
                    dd:4b:b0:9f:bb:59:b3:71:7d:87:75:83:34:7d:27:
                    ed:fb:21:3d:a5:3b:71:68:4a:74:4a:29:f3:44:4e:
                    7a:61:a8:bf:f6:66:06:f5:05:55:76:59:8a:4f:82:
                    b8:1b:2e:3e:ce:e8:09:df:dc:fc:19:29:0e:0e:5e:
                    6d:1d:22:fc:df:4a:ae:9e:92:de:f2:6e:b8:9b:8d:
                    05:38:5f:38:21:fe:d6:62:a1:72:e9:b8:61:60:00:
                    3b:10:9f:7c:eb:82:35:a0:93:6e:a9:ef:f4:e1:04:
                    cc:08:07:15:ae:1c:e2:d1:13:29:bd:b3:bd:83:39:
                    23:e7:5b:1c:83:1e:2f:00:75:b7:02:f9:93:49:b2:
                    76:33:a6:2b:35:36:e7:96:fe:07:f0:bb:4b:d0:d3:
                    59:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:CF:DB:77:0D:3C:B8:15:F2:9F:29:71:0E:BC:31:52:43:55:82:02
            X509v3 Authority Key Identifier:
                keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:d8:b8:82:5e:14:0a:da:63:fa:c3:83:2c:b8:bf:a5:e4:58:
         dc:70:9a:66:35:77:47:fd:c8:99:6e:17:1b:fa:b3:14:84:41:
         7f:77:3c:90:63:dd:13:58:ce:f4:c5:db:97:b5:0d:9a:2f:a3:
         41:93:b0:5f:7a:61:fb:78:9a:a9:5f:f2:bd:55:e8:3c:eb:16:
         1e:7d:a6:f9:79:bb:de:79:59:df:c0:ca:87:ed:56:bc:7c:43:
         e0:9b:85:de:fb:9e:79:a6:39:e3:c1:46:83:8d:51:5c:eb:c8:
         6a:40:4c:9f:58:88:f2:8e:57:ca:a7:f7:8d:b0:2b:1b:4b:cc:
         40:99:ca:e1:0a:8e:ba:2d:12:95:32:a2:f7:02:6c:25:86:e8:
         b0:c7:7c:43:4d:c6:25:73:e3:5b:e1:52:df:f1:14:1e:10:34:
         eb:89:4b:17:54:c8:0c:09:96:9f:0a:27:ff:04:42:c1:d8:e5:
         55:df:7d:1a:77:02:75:c5:e3:5a:07:91:2b:3c:1d:f6:59:80:
         43:39:f9:14:45:66:05:fc:6f:79:b9:12:30:1b:2c:a7:3d:24:
         56:f3:35:f8:5e:19:b6:3c:78:df:f1:41:03:72:bd:d1:4c:5c:
         e6:db:6a:34:5c:84:9d:ed:c6:f3:ae:0c:1a:9e:db:f5:b9:98:
         c7:9f:ae:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zCC4XyqEL47e/Q9NdcB3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2
YWVjOWEwHhcNMjYwMzI4MDYwMTA3WhcNMjYwMzI5MDYwMTA3WjAzMTEwLwYDVQQD
Eyg3YWNmZGI3NzBkM2NiODE1ZjI5ZjI5NzEwZWJjMzE1MjQzNTU4MjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23kKl6NWtCcXxuEBEsb2R3YWVAaO
7/+Ex6GtXJLMS/L98Eu5d55xXSxhxu09VUiCmeOWw6YeU8JoAau9sodX3TQjRMBY
dWetDjZ0LJa7UZJShUvg4dYeSwQCJvqkZcE4lxorInZOm5LdS7Cfu1mzcX2HdYM0
fSft+yE9pTtxaEp0SinzRE56Yai/9mYG9QVVdlmKT4K4Gy4+zugJ39z8GSkODl5t
HSL830qunpLe8m64m40FOF84If7WYqFy6bhhYAA7EJ9864I1oJNuqe/04QTMCAcV
rhzi0RMpvbO9gzkj51scgx4vAHW3AvmTSbJ2M6YrNTbnlv4H8LtL0NNZTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrP23cNPLgV8p8pcQ68MVJDVYICMB8GA1UdIwQY
MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt
Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4
LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmNi4gl4U
Ctpj+sODLLi/peRY3HCaZjV3R/3ImW4XG/qzFIRBf3c8kGPdE1jO9MXbl7UNmi+j
QZOwX3ph+3iaqV/yvVXoPOsWHn2m+Xm73nlZ38DKh+1WvHxD4JuF3vueeaY548FG
g41RXOvIakBMn1iI8o5Xyqf3jbArG0vMQJnK4QqOui0SlTKi9wJsJYbosMd8Q03G
JXPjW+FS3/EUHhA064lLF1TIDAmWnwon/wRCwdjlVd99GncCdcXjWgeRKzwd9lmA
Qzn5FEVmBfxvebkSMBsspz0kVvM1+F4Ztjx43/FBA3K90Uxc5ttqNFyEne3G864M
Gp7b9bmYx5+uQw==
-----END CERTIFICATE-----