Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
File:                     xorAnHI17TE4Ph_ThzkY3RgzNCo.mft (raw, json)
Hash identifier:          5nbKZvTAcuwexWuHo6yMFM3WKGP/OXvU/71hKLzjejs=
Subject key identifier:   88:01:06:93:0F:3F:5D:70:54:FA:09:1C:A4:28:06:A4:47:5C:DD:F4
Authority key identifier: C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A
Certificate issuer:       /CN=c68ac09c7235ed31383e1fd3873918dd1833342a
Certificate serial:       019D2816D440582641730D3B8431B684328B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
Manifest number:          0856
Signing time:             Thu 26 Mar 2026 03:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:17 +0000
Files and hashes:         1: xorAnHI17TE4Ph_ThzkY3RgzNCo.crl (hash: j0pjwft3arym3y8L2aEgrCVzXs3SAaUYOZ4Qnr6w6iA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:d4:40:58:26:41:73:0d:3b:84:31:b6:84:32:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68ac09c7235ed31383e1fd3873918dd1833342a
        Validity
            Not Before: Mar 26 03:01:17 2026 GMT
            Not After : Mar 27 03:01:17 2026 GMT
        Subject: CN=880106930f3f5d7054fa091ca42806a4475cddf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d8:88:4d:d4:42:d9:c7:50:43:63:41:b8:de:
                    73:f6:fb:1d:71:bd:60:0b:0f:cb:21:77:05:fc:86:
                    ee:55:40:5a:8c:47:63:2f:6e:77:6f:01:97:01:95:
                    8e:99:11:e2:be:4d:bb:63:df:18:1f:fb:da:11:5c:
                    41:c7:40:d0:5e:cd:37:ed:16:83:99:e4:fa:00:cb:
                    35:4c:9c:d4:de:fd:51:c4:a4:cb:24:7d:10:72:f2:
                    b6:fa:d2:0b:62:3f:7c:fc:28:b9:bb:c3:18:ed:5e:
                    9b:d7:5a:a5:3a:04:5a:75:c0:2b:f6:80:9b:bf:22:
                    61:96:51:b0:10:39:39:71:e1:6e:85:3b:14:6c:02:
                    af:4c:c2:cc:d3:f4:8a:07:60:2c:ff:a7:f1:d4:ec:
                    a4:e5:4a:48:46:04:b7:ed:b9:2d:c5:2b:89:5c:9d:
                    2b:58:fe:39:01:90:28:57:21:fe:16:76:99:63:42:
                    00:d3:6b:cd:74:b2:2b:a2:a2:37:18:6e:6f:48:87:
                    51:a3:2d:37:25:30:3e:49:a1:c8:ff:cf:5e:44:67:
                    9c:62:93:b4:1e:8f:8d:67:ec:9e:76:1b:51:de:57:
                    1c:39:44:07:0e:e9:dc:08:cb:66:b8:22:e9:f4:c2:
                    78:2f:df:4c:f9:8d:4a:75:82:53:00:83:92:da:5b:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:01:06:93:0F:3F:5D:70:54:FA:09:1C:A4:28:06:A4:47:5C:DD:F4
            X509v3 Authority Key Identifier:
                keyid:C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:e0:3b:12:59:11:0c:8c:fe:ea:49:61:e4:39:3e:84:07:91:
         d6:90:5d:e7:7b:8c:f1:fa:dd:4f:7a:ff:5f:5a:d3:9b:d5:ca:
         f7:31:fc:55:99:8d:db:47:18:43:de:d5:c8:89:64:29:f5:74:
         04:47:89:64:69:cf:ba:93:93:b3:d2:aa:4e:ae:0f:0f:47:b0:
         a9:5a:f7:e3:ab:20:6f:27:27:a5:7a:5b:5f:04:82:58:78:7a:
         08:ff:ce:60:16:4a:bf:d1:42:62:4d:97:c6:bd:8e:d5:bb:11:
         56:77:12:07:80:e0:65:87:66:91:68:e5:23:75:99:9b:5b:7a:
         47:b9:0f:36:d3:2c:56:c6:54:54:85:ce:8f:3c:8d:89:8f:07:
         35:40:39:6d:29:3d:d1:9b:63:a0:86:72:e1:3a:1a:fb:9f:aa:
         8f:11:2a:4e:74:8b:57:73:af:9e:85:e8:84:9f:5a:6e:3a:1a:
         2a:1b:1d:9e:9e:a7:14:19:5d:72:9d:21:10:a8:bd:b6:85:cc:
         47:0e:44:59:f0:69:79:35:ef:ca:3d:07:71:c8:54:33:0b:e3:
         f4:0d:f4:1f:1d:85:5a:27:5b:6d:74:a8:eb:13:fc:81:9b:76:
         67:93:33:5c:76:40:a1:88:98:95:eb:b2:2c:36:79:07:30:53:
         ef:77:a5:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFtRAWCZBcw07hDG2hDKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGFjMDljNzIzNWVkMzEzODNlMWZkMzg3MzkxOGRkMTgz
MzM0MmEwHhcNMjYwMzI2MDMwMTE3WhcNMjYwMzI3MDMwMTE3WjAzMTEwLwYDVQQD
Eyg4ODAxMDY5MzBmM2Y1ZDcwNTRmYTA5MWNhNDI4MDZhNDQ3NWNkZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldiITdRC2cdQQ2NBuN5z9vsdcb1g
Cw/LIXcF/IbuVUBajEdjL253bwGXAZWOmRHivk27Y98YH/vaEVxBx0DQXs037RaD
meT6AMs1TJzU3v1RxKTLJH0QcvK2+tILYj98/Ci5u8MY7V6b11qlOgRadcAr9oCb
vyJhllGwEDk5ceFuhTsUbAKvTMLM0/SKB2As/6fx1Oyk5UpIRgS37bktxSuJXJ0r
WP45AZAoVyH+FnaZY0IA02vNdLIroqI3GG5vSIdRoy03JTA+SaHI/89eRGecYpO0
Ho+NZ+yedhtR3lccOUQHDuncCMtmuCLp9MJ4L99M+Y1KdYJTAIOS2lvfoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgBBpMPP11wVPoJHKQoBqRHXN30MB8GA1UdIwQY
MBaAFMaKwJxyNe0xOD4f04c5GN0YMzQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80OTJiZDAtOTkzYi00NzZlLThmYWMt
OWRlNDhkNDNiMWRiLzEveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80OTJiZDAtOTkzYi00NzZlLThmYWMtOWRlNDhkNDNiMWRi
LzEveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAruA7ElkR
DIz+6klh5Dk+hAeR1pBd53uM8frdT3r/X1rTm9XK9zH8VZmN20cYQ97VyIlkKfV0
BEeJZGnPupOTs9KqTq4PD0ewqVr346sgbycnpXpbXwSCWHh6CP/OYBZKv9FCYk2X
xr2O1bsRVncSB4DgZYdmkWjlI3WZm1t6R7kPNtMsVsZUVIXOjzyNiY8HNUA5bSk9
0ZtjoIZy4Toa+5+qjxEqTnSLV3OvnoXohJ9abjoaKhsdnp6nFBldcp0hEKi9toXM
Rw5EWfBpeTXvyj0HcchUMwvj9A30Hx2FWidbbXSo6xP8gZt2Z5MzXHZAoYiYleuy
LDZ5BzBT73elaQ==
-----END CERTIFICATE-----