Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
File:                     xRlGjFXmvnFcDagFzvta7IXTKSY.mft (raw, json)
Hash identifier:          ikeFt3Bz2Ve61ThF8GudZ1rJG2/FllCLQ7FS++ipTTo=
Subject key identifier:   88:4D:DB:DE:CD:CF:20:CA:54:C9:E3:94:F5:98:C6:79:E1:81:AE:F0
Authority key identifier: C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26
Certificate issuer:       /CN=c519468c55e6be715c0da805cefb5aec85d32926
Certificate serial:       019D2703F0F072DF3A631DED80D60788DF2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
Manifest number:          117F
Signing time:             Wed 25 Mar 2026 22:01:02 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:02 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:02 +0000
Files and hashes:         1: xRlGjFXmvnFcDagFzvta7IXTKSY.crl (hash: GjM4lsNeK7iRr8oaEdZig3BmIWXfq5+VaADP48/1xoQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:f0:f0:72:df:3a:63:1d:ed:80:d6:07:88:df:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c519468c55e6be715c0da805cefb5aec85d32926
        Validity
            Not Before: Mar 25 22:01:02 2026 GMT
            Not After : Mar 26 22:01:02 2026 GMT
        Subject: CN=884ddbdecdcf20ca54c9e394f598c679e181aef0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a5:2c:e1:86:c2:96:bb:2c:66:9e:6d:2a:93:
                    36:b5:86:32:b1:42:83:ff:27:fb:99:da:ba:ba:27:
                    26:5a:31:00:27:58:0e:10:68:ae:52:f2:c5:eb:ee:
                    c0:7b:31:54:9c:20:9b:e4:ad:d3:b9:b1:cf:ce:71:
                    ae:7c:61:55:cd:c4:d1:52:8b:26:4e:50:8c:0d:34:
                    d7:af:0b:06:6f:64:4a:ff:c8:bd:ff:0a:9f:91:f1:
                    84:71:d9:a2:32:84:43:88:3c:c9:26:16:ad:fc:59:
                    f4:e6:23:9a:86:16:11:5a:c6:ac:33:0f:56:0f:3a:
                    f6:96:cb:e0:c7:0b:c7:26:cd:47:4c:2c:2d:fe:d3:
                    55:b5:ed:6e:70:62:53:66:17:63:0a:df:2e:93:06:
                    80:8a:33:2b:7a:64:99:3f:b6:dd:88:a0:e0:72:a3:
                    80:da:f6:2b:7e:5f:d9:23:af:8e:0a:44:be:86:6d:
                    cf:38:57:4a:fe:68:ed:58:83:9a:c1:04:c9:b7:98:
                    a5:05:b1:df:c7:bd:6f:90:09:32:6c:c7:08:79:c4:
                    69:e6:aa:93:da:bc:47:09:08:55:13:b8:04:10:93:
                    3f:58:a2:37:c7:32:8c:3c:c4:63:bb:f5:8f:fe:e0:
                    7d:be:43:f7:1a:bf:6e:4f:0f:03:81:80:41:0b:33:
                    3d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:4D:DB:DE:CD:CF:20:CA:54:C9:E3:94:F5:98:C6:79:E1:81:AE:F0
            X509v3 Authority Key Identifier:
                keyid:C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:fa:5a:b6:d2:d2:d0:36:e9:40:40:b6:a1:9c:cb:7f:6c:d4:
         a5:67:78:19:28:79:8a:79:f1:72:c6:67:d4:9c:c2:26:6d:fa:
         2e:54:01:96:6c:6e:b9:3a:6d:e5:37:6a:4c:cc:54:29:d9:65:
         8a:4b:aa:18:20:cc:96:b6:f0:ca:61:61:70:3e:86:d3:dc:52:
         10:e0:ab:ed:ca:39:37:e6:59:f6:b3:0e:bf:7c:49:6f:d5:e8:
         9f:59:bb:39:a8:51:f0:72:09:0b:d2:4a:75:bc:ba:b8:c4:bd:
         3b:46:57:0d:e7:8d:fc:5d:c9:f1:08:31:30:c4:97:56:2c:53:
         31:92:0a:f1:7c:79:f0:17:7a:d9:15:a3:96:dd:17:8f:08:de:
         a4:39:28:1b:e8:ab:90:08:0d:9b:82:0d:ac:36:4c:37:a2:e3:
         89:99:f1:e4:3e:f1:be:e3:4d:c6:60:e3:e8:9b:ce:a3:bb:0d:
         e8:f8:93:30:ca:61:83:3a:f8:c4:89:ca:a9:c8:41:88:19:cf:
         59:69:a5:5e:3b:69:37:04:be:10:0a:75:a8:32:17:50:4d:0b:
         72:9e:c8:21:3d:10:ad:c0:02:ca:77:2c:6a:ab:03:c6:f2:7e:
         82:b4:42:a3:57:68:cf:ca:96:d6:96:56:92:18:29:f2:3e:dd:
         91:f5:9f:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/Dwct86Yx3tgNYHiN8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTk0NjhjNTVlNmJlNzE1YzBkYTgwNWNlZmI1YWVjODVk
MzI5MjYwHhcNMjYwMzI1MjIwMTAyWhcNMjYwMzI2MjIwMTAyWjAzMTEwLwYDVQQD
Eyg4ODRkZGJkZWNkY2YyMGNhNTRjOWUzOTRmNTk4YzY3OWUxODFhZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKUs4YbClrssZp5tKpM2tYYysUKD
/yf7mdq6uicmWjEAJ1gOEGiuUvLF6+7AezFUnCCb5K3TubHPznGufGFVzcTRUosm
TlCMDTTXrwsGb2RK/8i9/wqfkfGEcdmiMoRDiDzJJhat/Fn05iOahhYRWsasMw9W
Dzr2lsvgxwvHJs1HTCwt/tNVte1ucGJTZhdjCt8ukwaAijMremSZP7bdiKDgcqOA
2vYrfl/ZI6+OCkS+hm3POFdK/mjtWIOawQTJt5ilBbHfx71vkAkybMcIecRp5qqT
2rxHCQhVE7gEEJM/WKI3xzKMPMRju/WP/uB9vkP3Gr9uTw8DgYBBCzM9YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhN297NzyDKVMnjlPWYxnnhga7wMB8GA1UdIwQY
MBaAFMUZRoxV5r5xXA2oBc77WuyF0ykmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2Ut
NmE3MWI4NDRhZDY2LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2UtNmE3MWI4NDRhZDY2
LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADPpattLS
0DbpQEC2oZzLf2zUpWd4GSh5innxcsZn1JzCJm36LlQBlmxuuTpt5TdqTMxUKdll
ikuqGCDMlrbwymFhcD6G09xSEOCr7co5N+ZZ9rMOv3xJb9Xon1m7OahR8HIJC9JK
dby6uMS9O0ZXDeeN/F3J8QgxMMSXVixTMZIK8Xx58Bd62RWjlt0XjwjepDkoG+ir
kAgNm4INrDZMN6LjiZnx5D7xvuNNxmDj6JvOo7sN6PiTMMphgzr4xInKqchBiBnP
WWmlXjtpNwS+EAp1qDIXUE0Lcp7IIT0QrcACyncsaqsDxvJ+grRCo1doz8qW1pZW
khgp8j7dkfWftA==
-----END CERTIFICATE-----