Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
File:                     XTsXLoFhyBzo6VSv01pzsvrQuzo.mft (raw, json)
Hash identifier:          ow4pyzvU3+t6MUXC7r9POupyfJUJIaXwuO+8SYhF/Oo=
Subject key identifier:   7E:23:35:71:12:BE:77:E2:E4:BF:67:8D:4D:6C:91:9C:B4:A3:EA:B5
Authority key identifier: 5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A
Certificate issuer:       /CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
Certificate serial:       019D27040C4C60F36A2BF95CA6E0D258F8BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
Manifest number:          0B14
Signing time:             Wed 25 Mar 2026 22:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:09 +0000
Files and hashes:         1: XTsXLoFhyBzo6VSv01pzsvrQuzo.crl (hash: nKr/M8fszDIP/SxkZxaRva0JIKv8l9GY2VZTjJk4YCA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:0c:4c:60:f3:6a:2b:f9:5c:a6:e0:d2:58:f8:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
        Validity
            Not Before: Mar 25 22:01:09 2026 GMT
            Not After : Mar 26 22:01:09 2026 GMT
        Subject: CN=7e23357112be77e2e4bf678d4d6c919cb4a3eab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:60:3b:06:4f:2b:a2:cc:30:eb:a8:f5:83:a6:
                    7c:cf:0c:41:ee:06:2c:ba:59:f2:95:39:eb:32:b6:
                    de:d7:82:95:2c:e1:9d:78:e5:31:57:73:77:e7:90:
                    3e:25:5a:61:eb:10:7a:c4:3b:3f:1b:37:28:67:11:
                    56:5d:a5:00:25:ef:ad:df:a1:e3:73:34:3b:a6:d7:
                    00:f8:36:20:75:e8:b8:44:a5:e9:8d:89:5d:2c:62:
                    84:b1:a3:f9:7e:eb:23:d4:e7:1a:37:dd:2e:c7:77:
                    08:ce:94:2b:0b:84:a5:87:fb:49:38:f4:77:72:ed:
                    03:5c:e2:0f:99:55:45:8d:9b:c7:93:51:75:95:94:
                    54:53:3f:e1:d3:52:8e:a3:5f:4d:26:39:2e:2f:ee:
                    96:03:b3:97:76:79:f2:64:1b:c0:58:f0:1a:3e:04:
                    32:08:ed:16:38:f8:94:b0:e7:c6:ae:08:16:dd:8c:
                    9a:a3:9e:ba:ba:67:8e:c0:d9:a0:23:71:e2:7c:92:
                    25:79:40:02:96:d3:47:2d:4b:f1:65:89:91:3c:56:
                    9e:7e:79:a3:cc:11:aa:4b:d0:89:d5:a2:12:de:c3:
                    07:c8:21:57:76:d3:ca:a5:71:60:82:4d:1e:ba:ed:
                    d9:76:60:26:6a:30:69:0a:1d:79:81:8c:31:72:1c:
                    13:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:23:35:71:12:BE:77:E2:E4:BF:67:8D:4D:6C:91:9C:B4:A3:EA:B5
            X509v3 Authority Key Identifier:
                keyid:5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:92:01:b0:6e:cd:e9:57:68:bc:5d:79:47:f4:f9:63:4a:ef:
         0e:e8:5b:54:6c:86:0a:64:8d:87:96:9b:c1:91:ef:d1:b1:be:
         29:a3:e6:dc:55:7c:6b:fe:3f:ec:09:a5:f1:73:c0:f3:4d:a1:
         c1:28:2a:af:9a:30:c5:59:47:b9:55:e5:2b:3a:fa:24:87:55:
         9c:b5:d3:d3:37:ee:70:31:fa:d6:57:21:1e:32:08:1b:89:10:
         f9:aa:1e:ae:f8:48:f3:bd:6f:44:4c:1d:a8:e6:7b:48:6c:bd:
         67:c1:1e:9d:bf:28:79:fe:42:cd:d2:0b:18:3c:44:06:69:12:
         54:7a:ea:f5:83:f5:6f:a8:fd:fa:0b:fd:f6:da:e1:19:15:01:
         86:54:f6:c4:c5:62:24:52:a2:72:f7:74:26:3d:ac:04:c3:fc:
         1a:70:74:14:07:f5:66:9e:15:c3:9b:c7:64:7c:1d:6b:5a:a8:
         53:17:ab:10:38:b7:84:c8:69:1a:26:f4:10:b1:9d:5a:39:a9:
         34:ea:d0:15:db:f1:ae:eb:c0:a7:ee:85:c7:15:61:4a:d6:fc:
         da:df:96:39:a9:2f:86:ac:89:b6:7c:41:cb:2b:b0:9b:60:fc:
         57:6f:5b:27:06:f6:c0:df:1d:5b:19:90:3d:57:5b:f5:1d:ba:
         c6:4f:a2:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAxMYPNqK/lcpuDSWPi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2IxNzJlODE2MWM4MWNlOGU5NTRhZmQzNWE3M2IyZmFk
MGJiM2EwHhcNMjYwMzI1MjIwMTA5WhcNMjYwMzI2MjIwMTA5WjAzMTEwLwYDVQQD
Eyg3ZTIzMzU3MTEyYmU3N2UyZTRiZjY3OGQ0ZDZjOTE5Y2I0YTNlYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2A7Bk8rosww66j1g6Z8zwxB7gYs
ulnylTnrMrbe14KVLOGdeOUxV3N355A+JVph6xB6xDs/GzcoZxFWXaUAJe+t36Hj
czQ7ptcA+DYgdei4RKXpjYldLGKEsaP5fusj1OcaN90ux3cIzpQrC4Slh/tJOPR3
cu0DXOIPmVVFjZvHk1F1lZRUUz/h01KOo19NJjkuL+6WA7OXdnnyZBvAWPAaPgQy
CO0WOPiUsOfGrggW3Yyao566umeOwNmgI3HifJIleUACltNHLUvxZYmRPFaefnmj
zBGqS9CJ1aIS3sMHyCFXdtPKpXFggk0euu3ZdmAmajBpCh15gYwxchwTrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4jNXESvnfi5L9njU1skZy0o+q1MB8GA1UdIwQY
MBaAFF07Fy6BYcgc6OlUr9Nac7L60Ls6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEt
MzJjNjEzZjczNjYxLzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEtMzJjNjEzZjczNjYx
LzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK5IBsG7N
6VdovF15R/T5Y0rvDuhbVGyGCmSNh5abwZHv0bG+KaPm3FV8a/4/7Aml8XPA802h
wSgqr5owxVlHuVXlKzr6JIdVnLXT0zfucDH61lchHjIIG4kQ+aoervhI871vREwd
qOZ7SGy9Z8Eenb8oef5CzdILGDxEBmkSVHrq9YP1b6j9+gv99trhGRUBhlT2xMVi
JFKicvd0Jj2sBMP8GnB0FAf1Zp4Vw5vHZHwda1qoUxerEDi3hMhpGib0ELGdWjmp
NOrQFdvxruvAp+6FxxVhStb82t+WOakvhqyJtnxByyuwm2D8V29bJwb2wN8dWxmQ
PVdb9R26xk+idA==
-----END CERTIFICATE-----