Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          YtBDo0vesFNIklJbnvr0HEqk+dBRFu/jWNw6rzw3Ex8=
Subject key identifier:   70:AD:B7:97:5B:BD:2F:6E:D1:98:EF:1E:6D:8B:BB:FF:F1:ED:32:44
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       019D29CE66900ED5F35919F989133776A491
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          1733
Signing time:             Thu 26 Mar 2026 11:01:25 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:25 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:25 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: gnNY8XiGf56NE3qmtukqD2pqwcOkQRAJIuCdiUgy3CM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:66:90:0e:d5:f3:59:19:f9:89:13:37:76:a4:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Mar 26 11:01:25 2026 GMT
            Not After : Mar 27 11:01:25 2026 GMT
        Subject: CN=70adb7975bbd2f6ed198ef1e6d8bbbfff1ed3244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a2:61:18:16:52:7e:7a:b1:ba:29:d1:4f:46:
                    d3:2d:09:94:42:04:92:a4:d0:ab:32:50:00:ce:a5:
                    06:9e:8d:97:fd:08:1c:c1:85:3e:55:84:7d:77:fd:
                    85:8e:9f:9b:e2:d6:4a:b3:70:f0:ac:55:c1:44:4c:
                    bc:c5:a8:3b:f6:8d:94:8d:ba:fc:96:41:d4:14:4b:
                    75:4d:99:6b:ed:a4:9b:4b:0a:59:da:d0:9c:da:f1:
                    42:6c:1c:5a:de:17:42:2f:c8:85:43:df:ed:08:80:
                    1f:65:40:b9:45:08:02:33:70:ee:9f:9f:61:2e:3b:
                    2f:31:01:56:9f:cc:b5:f2:23:b7:71:bb:66:e6:3b:
                    ae:99:79:94:29:9c:c8:7e:8a:4e:2e:4f:ad:92:85:
                    4d:a9:6a:92:a0:e0:7b:e7:40:cb:dd:b8:13:aa:d9:
                    7b:b2:11:38:29:06:30:a3:35:7f:48:f0:75:2d:56:
                    6e:63:ec:1d:91:d3:53:f8:1f:c2:0a:d2:f3:42:5e:
                    82:90:f9:21:48:3d:b9:1e:18:e2:43:d6:8b:dc:55:
                    81:2e:51:3e:a3:9c:b3:54:6a:65:d4:01:3d:e0:9a:
                    67:25:00:f7:30:6e:65:e6:67:1d:ab:60:2e:f3:19:
                    f3:a6:6e:63:2c:3b:20:25:39:79:1d:bb:d0:f4:5b:
                    91:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:AD:B7:97:5B:BD:2F:6E:D1:98:EF:1E:6D:8B:BB:FF:F1:ED:32:44
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:68:b1:21:14:51:df:7e:a9:95:7b:46:22:f2:73:ee:ab:84:
         00:4a:88:5a:25:0e:8b:c1:ba:dd:9a:95:b4:61:07:15:c5:0e:
         c3:45:9c:88:7e:3d:1f:b5:f7:24:8a:89:ee:aa:04:fa:8e:01:
         80:44:85:c4:bb:00:ff:8e:4f:5d:89:08:2c:60:91:e4:c1:dd:
         c5:92:83:31:a1:47:b9:48:2e:46:07:02:e4:27:6c:e2:cb:69:
         5d:8d:53:88:e6:d0:5a:42:ee:d7:b5:00:85:74:3e:ac:5b:a7:
         ad:e0:3b:b6:b6:d5:b4:ce:f3:42:68:38:fd:ad:0d:01:ad:c9:
         67:b3:d8:35:2a:0c:d8:df:bc:b1:8c:74:78:05:6a:1e:bd:9b:
         5b:35:35:c5:a0:4d:b6:9c:c3:ec:36:89:da:ce:2a:00:10:6a:
         d4:f5:1a:fc:36:9d:d2:a6:14:8f:04:38:98:bd:c1:51:e5:b4:
         cd:c0:af:a7:d6:3d:45:0f:22:8a:8f:69:dd:fb:bd:87:9d:96:
         ed:5f:a0:a4:5a:5b:b6:9f:1a:e4:36:74:dc:c3:c8:6c:1b:7f:
         d6:3f:ff:f8:23:e2:9d:6e:d1:98:e4:62:c3:91:19:b3:06:a8:
         98:c5:aa:4a:66:e3:13:c1:96:ec:95:5f:b4:7e:b0:f4:a3:bb:
         da:4f:a3:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzmaQDtXzWRn5iRM3dqSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjYwMzI2MTEwMTI1WhcNMjYwMzI3MTEwMTI1WjAzMTEwLwYDVQQD
Eyg3MGFkYjc5NzViYmQyZjZlZDE5OGVmMWU2ZDhiYmJmZmYxZWQzMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6JhGBZSfnqxuinRT0bTLQmUQgSS
pNCrMlAAzqUGno2X/QgcwYU+VYR9d/2Fjp+b4tZKs3DwrFXBREy8xag79o2Ujbr8
lkHUFEt1TZlr7aSbSwpZ2tCc2vFCbBxa3hdCL8iFQ9/tCIAfZUC5RQgCM3Dun59h
LjsvMQFWn8y18iO3cbtm5juumXmUKZzIfopOLk+tkoVNqWqSoOB750DL3bgTqtl7
shE4KQYwozV/SPB1LVZuY+wdkdNT+B/CCtLzQl6CkPkhSD25HhjiQ9aL3FWBLlE+
o5yzVGpl1AE94JpnJQD3MG5l5mcdq2Au8xnzpm5jLDsgJTl5HbvQ9FuRvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCtt5dbvS9u0ZjvHm2Lu//x7TJEMB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI2ixIRRR
336plXtGIvJz7quEAEqIWiUOi8G63ZqVtGEHFcUOw0WciH49H7X3JIqJ7qoE+o4B
gESFxLsA/45PXYkILGCR5MHdxZKDMaFHuUguRgcC5Cds4stpXY1TiObQWkLu17UA
hXQ+rFunreA7trbVtM7zQmg4/a0NAa3JZ7PYNSoM2N+8sYx0eAVqHr2bWzU1xaBN
tpzD7DaJ2s4qABBq1PUa/Dad0qYUjwQ4mL3BUeW0zcCvp9Y9RQ8iio9p3fu9h52W
7V+gpFpbtp8a5DZ03MPIbBt/1j//+CPinW7RmORiw5EZswaomMWqSmbjE8GW7JVf
tH6w9KO72k+jcg==
-----END CERTIFICATE-----