Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft
File:                     xRvfUzN6yxiydpUsNX6RmAvMWww.mft (raw, json)
Hash identifier:          vUPpKGSaRad7w6uMKq9F+l8xf8/kx1Ppe68/oqvXzrs=
Subject key identifier:   03:FA:70:B2:05:62:97:C7:EB:09:D8:9C:7C:10:A6:A9:9A:7B:F7:5F
Authority key identifier: C5:1B:DF:53:33:7A:CB:18:B2:76:95:2C:35:7E:91:98:0B:CC:5B:0C
Certificate issuer:       /CN=c51bdf53337acb18b276952c357e91980bcc5b0c
Certificate serial:       019D2703A51A8976D288CBA85B50574398AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft
Manifest number:          0C95
Signing time:             Wed 25 Mar 2026 22:00:43 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:43 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:43 +0000
Files and hashes:         1: xRvfUzN6yxiydpUsNX6RmAvMWww.crl (hash: fNRyqHX/tl/NW/39eISe5JZl8zy2hMgHQopQJv6zk1M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:a5:1a:89:76:d2:88:cb:a8:5b:50:57:43:98:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c51bdf53337acb18b276952c357e91980bcc5b0c
        Validity
            Not Before: Mar 25 22:00:43 2026 GMT
            Not After : Mar 26 22:00:43 2026 GMT
        Subject: CN=03fa70b2056297c7eb09d89c7c10a6a99a7bf75f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e3:2f:81:ca:8e:ae:e5:34:36:7b:ab:bb:cd:
                    2c:64:1f:6c:92:43:79:34:1e:8c:dd:f1:c8:f4:1e:
                    bc:8e:2b:5f:13:e1:8a:b9:52:4e:ee:15:93:59:dd:
                    b7:71:c2:9b:26:9c:37:0b:83:0c:a7:1a:9b:11:8c:
                    59:7e:f1:ea:e3:b3:64:73:bb:89:3b:dc:2c:de:ed:
                    67:ea:d5:1e:5f:a4:c1:13:86:da:42:a6:41:71:a5:
                    2d:f3:4f:8e:a8:27:33:93:60:ec:02:92:58:c8:19:
                    b9:a3:b1:a7:cb:36:98:0a:ec:11:28:69:7d:04:c1:
                    12:9a:33:2e:03:49:6c:aa:92:a5:4d:19:c5:bf:b9:
                    23:fb:ba:2e:57:60:3d:19:1d:db:a6:43:65:26:72:
                    c2:a1:d6:cf:95:8a:26:89:a2:5d:9f:66:2f:50:07:
                    5d:55:23:f2:26:34:33:de:82:89:8f:32:4d:2b:b5:
                    1b:e4:2e:62:55:c8:f4:77:25:84:96:6a:14:83:75:
                    2d:20:de:bf:0b:67:ac:ad:59:5a:08:a5:e7:b3:cf:
                    ef:03:5f:ef:af:54:97:1c:c3:9a:cd:02:e1:47:7c:
                    a3:cd:4e:65:99:8a:c4:f3:19:d7:6a:2c:be:c5:a8:
                    d4:a0:e8:b9:4d:eb:85:aa:3b:63:dd:f5:cc:6a:c0:
                    18:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:FA:70:B2:05:62:97:C7:EB:09:D8:9C:7C:10:A6:A9:9A:7B:F7:5F
            X509v3 Authority Key Identifier:
                keyid:C5:1B:DF:53:33:7A:CB:18:B2:76:95:2C:35:7E:91:98:0B:CC:5B:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:fe:73:52:bb:45:41:79:f1:7b:84:75:c0:db:c2:7e:d8:9b:
         75:63:96:3c:13:01:81:9f:9d:ed:ec:aa:cb:eb:cb:e2:58:a1:
         42:f5:16:ea:03:ba:45:44:50:53:72:8e:c7:74:20:ab:12:0c:
         18:7e:09:91:25:c8:44:7f:4d:a7:45:cf:f1:3a:9b:6d:ed:65:
         12:4c:ae:54:c0:98:31:b2:c1:24:a8:8c:9b:f3:fa:3c:ad:42:
         3d:ac:3f:ce:b8:38:15:63:f7:04:3d:64:6a:e6:46:b4:36:4f:
         47:ef:ee:cb:0a:06:4d:30:09:1a:b2:1e:ec:89:f6:fa:6c:3c:
         02:64:e5:8a:f6:a7:c3:69:1e:72:04:33:87:a9:9f:7d:e5:0a:
         4b:a7:b3:f3:70:77:6a:78:55:c4:66:51:a3:89:35:70:cb:e6:
         a3:93:45:25:80:6f:d0:21:18:47:c5:74:ef:73:1c:32:fd:22:
         62:73:e8:2e:47:a5:d0:c0:ad:bc:f2:3a:d4:fe:ce:01:20:c9:
         54:df:75:f7:8b:1e:e1:14:68:c8:4e:8f:4e:b6:d3:04:ae:2d:
         66:c1:12:03:07:57:22:b8:54:07:dd:d4:bb:f1:7c:fe:53:e4:
         98:56:01:d3:8a:b7:0f:ea:ce:98:37:02:4d:87:59:f9:74:3a:
         f4:1a:35:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6UaiXbSiMuoW1BXQ5iqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MWJkZjUzMzM3YWNiMThiMjc2OTUyYzM1N2U5MTk4MGJj
YzViMGMwHhcNMjYwMzI1MjIwMDQzWhcNMjYwMzI2MjIwMDQzWjAzMTEwLwYDVQQD
EygwM2ZhNzBiMjA1NjI5N2M3ZWIwOWQ4OWM3YzEwYTZhOTlhN2JmNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOMvgcqOruU0Nnuru80sZB9skkN5
NB6M3fHI9B68jitfE+GKuVJO7hWTWd23ccKbJpw3C4MMpxqbEYxZfvHq47Nkc7uJ
O9ws3u1n6tUeX6TBE4baQqZBcaUt80+OqCczk2DsApJYyBm5o7GnyzaYCuwRKGl9
BMESmjMuA0lsqpKlTRnFv7kj+7ouV2A9GR3bpkNlJnLCodbPlYomiaJdn2YvUAdd
VSPyJjQz3oKJjzJNK7Ub5C5iVcj0dyWElmoUg3UtIN6/C2esrVlaCKXns8/vA1/v
r1SXHMOazQLhR3yjzU5lmYrE8xnXaiy+xajUoOi5TeuFqjtj3fXMasAYDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAP6cLIFYpfH6wnYnHwQpqmae/dfMB8GA1UdIwQY
MBaAFMUb31MzessYsnaVLDV+kZgLzFsMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84M2U1ZWEtOWZlNC00ODE0LTgzYzYt
MWJiNDMwNjA2NTM1LzEveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84M2U1ZWEtOWZlNC00ODE0LTgzYzYtMWJiNDMwNjA2NTM1
LzEveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoP5zUrtF
QXnxe4R1wNvCftibdWOWPBMBgZ+d7eyqy+vL4lihQvUW6gO6RURQU3KOx3QgqxIM
GH4JkSXIRH9Np0XP8Tqbbe1lEkyuVMCYMbLBJKiMm/P6PK1CPaw/zrg4FWP3BD1k
auZGtDZPR+/uywoGTTAJGrIe7In2+mw8AmTlivanw2kecgQzh6mffeUKS6ez83B3
anhVxGZRo4k1cMvmo5NFJYBv0CEYR8V073McMv0iYnPoLkel0MCtvPI61P7OASDJ
VN9194se4RRoyE6PTrbTBK4tZsESAwdXIrhUB93Uu/F8/lPkmFYB04q3D+rOmDcC
TYdZ+XQ69Bo1KA==
-----END CERTIFICATE-----