Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
File:                     chgSXs-7IR7fwt4EcvlkqobL6Z4.mft (raw, json)
Hash identifier:          v3S3d3SsfPJfZTdaAyFkHdjdttE6ZednQsqyi4Bcr4A=
Subject key identifier:   1A:92:0C:E8:85:5C:7B:56:D5:FC:48:42:98:F5:03:52:F5:22:87:B2
Authority key identifier: 72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E
Certificate issuer:       /CN=7218125ecfbb211edfc2de0472f964aa86cbe99e
Certificate serial:       019D2703AA3D875719ED7D832A7803A948AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
Manifest number:          0F6B
Signing time:             Wed 25 Mar 2026 22:00:44 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:44 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:44 +0000
Files and hashes:         1: chgSXs-7IR7fwt4EcvlkqobL6Z4.crl (hash: 8YiTlDuE1BRRDR5KzRSRwMViK+2xg0N3v4reG+6k3/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:aa:3d:87:57:19:ed:7d:83:2a:78:03:a9:48:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7218125ecfbb211edfc2de0472f964aa86cbe99e
        Validity
            Not Before: Mar 25 22:00:44 2026 GMT
            Not After : Mar 26 22:00:44 2026 GMT
        Subject: CN=1a920ce8855c7b56d5fc484298f50352f52287b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c7:5b:af:08:e2:a6:d3:51:d0:2f:ad:34:45:
                    ab:db:bf:62:1d:bb:9c:1b:96:e9:8a:8e:bc:1a:95:
                    63:a5:aa:1e:6e:b7:5f:11:f5:b5:7e:0b:48:9c:06:
                    b3:ce:c4:29:12:90:fa:c2:4c:64:0a:97:7c:42:39:
                    cb:76:de:2f:ae:ef:f5:b8:89:17:f3:4a:15:b8:69:
                    4d:dd:79:88:45:c1:e5:6a:4d:2e:80:ea:ea:c8:1d:
                    b8:93:31:83:32:e6:4b:27:95:59:27:0a:d5:b1:03:
                    89:18:6c:f4:0f:b0:a5:40:cf:b4:f7:14:70:05:c4:
                    6e:4c:67:73:b3:5f:61:a0:c3:d2:73:ed:9f:31:cb:
                    83:38:41:d1:61:74:80:82:79:67:31:9d:9a:9a:b1:
                    0c:c3:ff:8c:e1:ea:76:db:33:f4:cb:8d:f5:d3:fb:
                    bd:eb:9b:4b:d9:39:9f:bc:e9:f1:ee:d0:06:08:a0:
                    45:dc:fb:a9:c0:a1:6d:42:16:56:5d:37:49:60:ea:
                    d1:8f:c3:ab:89:20:63:ba:6d:a7:55:81:c1:ec:14:
                    ec:e1:d8:d1:66:e2:23:2a:7d:a6:6e:40:e5:95:0d:
                    69:4f:4e:81:4b:84:d6:36:86:f2:dc:1d:e2:bf:ba:
                    d3:a7:48:3f:27:bc:14:89:3b:42:a9:57:a3:e5:17:
                    0a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:92:0C:E8:85:5C:7B:56:D5:FC:48:42:98:F5:03:52:F5:22:87:B2
            X509v3 Authority Key Identifier:
                keyid:72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:f4:6a:94:d1:ff:dd:6d:a9:b8:34:d0:a0:07:bb:a4:19:b2:
         b1:34:1c:f2:26:a8:89:c8:90:50:e5:07:db:c7:7f:d9:78:de:
         2f:78:2d:6a:0c:5a:d9:30:8b:d5:07:df:cb:1e:b7:f4:bd:48:
         f8:44:3e:bd:d8:a0:98:d8:32:9d:6a:19:2a:76:74:02:47:d2:
         36:65:c7:41:2b:07:49:c8:00:38:90:68:96:43:bf:ab:bb:9a:
         75:1f:86:bc:dd:e6:11:2d:d4:38:b9:b0:77:8d:45:31:6b:42:
         d0:0b:c8:bf:fe:b4:7f:91:51:99:2a:70:1d:50:06:09:ad:f3:
         87:88:5f:f2:b9:86:78:cb:0d:49:c2:50:84:e7:76:7e:91:5b:
         a5:55:46:e9:71:ca:64:02:51:08:73:12:fe:b9:cf:2f:b7:41:
         e0:8f:24:6c:fb:98:41:e8:57:81:01:d0:b4:d2:84:55:6c:1f:
         26:c5:69:de:e5:e1:08:79:44:24:84:5d:4f:f4:fd:63:eb:82:
         b4:b7:95:dd:40:1c:5e:3b:fd:5a:10:5c:14:67:f0:a1:b9:3f:
         c7:f4:a5:ef:06:4e:7c:21:f3:19:e4:7a:2d:47:64:ce:73:79:
         40:2f:e8:4e:40:ee:17:59:84:c1:46:08:06:f8:5f:62:d2:c1:
         8a:20:a5:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6o9h1cZ7X2DKngDqUiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMTgxMjVlY2ZiYjIxMWVkZmMyZGUwNDcyZjk2NGFhODZj
YmU5OWUwHhcNMjYwMzI1MjIwMDQ0WhcNMjYwMzI2MjIwMDQ0WjAzMTEwLwYDVQQD
EygxYTkyMGNlODg1NWM3YjU2ZDVmYzQ4NDI5OGY1MDM1MmY1MjI4N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsdbrwjiptNR0C+tNEWr279iHbuc
G5bpio68GpVjpaoebrdfEfW1fgtInAazzsQpEpD6wkxkCpd8QjnLdt4vru/1uIkX
80oVuGlN3XmIRcHlak0ugOrqyB24kzGDMuZLJ5VZJwrVsQOJGGz0D7ClQM+09xRw
BcRuTGdzs19hoMPSc+2fMcuDOEHRYXSAgnlnMZ2amrEMw/+M4ep22zP0y4310/u9
65tL2TmfvOnx7tAGCKBF3PupwKFtQhZWXTdJYOrRj8OriSBjum2nVYHB7BTs4djR
ZuIjKn2mbkDllQ1pT06BS4TWNoby3B3iv7rTp0g/J7wUiTtCqVej5RcKbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqSDOiFXHtW1fxIQpj1A1L1IoeyMB8GA1UdIwQY
MBaAFHIYEl7PuyEe38LeBHL5ZKqGy+meMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWIt
MGRiMGZkNzRkYjMyLzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWItMGRiMGZkNzRkYjMy
LzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMvRqlNH/
3W2puDTQoAe7pBmysTQc8iaoiciQUOUH28d/2XjeL3gtagxa2TCL1Qffyx639L1I
+EQ+vdigmNgynWoZKnZ0AkfSNmXHQSsHScgAOJBolkO/q7uadR+GvN3mES3UOLmw
d41FMWtC0AvIv/60f5FRmSpwHVAGCa3zh4hf8rmGeMsNScJQhOd2fpFbpVVG6XHK
ZAJRCHMS/rnPL7dB4I8kbPuYQehXgQHQtNKEVWwfJsVp3uXhCHlEJIRdT/T9Y+uC
tLeV3UAcXjv9WhBcFGfwobk/x/Sl7wZOfCHzGeR6LUdkznN5QC/oTkDuF1mEwUYI
BvhfYtLBiiClFg==
-----END CERTIFICATE-----