Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          3kMR8G6xw8GMOcq+clE0YtKGD7aMNIBsnLUBcNW4kFc=
Subject key identifier:   04:32:C6:A4:0B:54:DF:B6:83:DC:4A:ED:6E:F1:26:E0:A0:3E:5E:04
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       019D25F1B6B07A4D4F427A71A2E02598D3F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0E5A
Signing time:             Wed 25 Mar 2026 17:01:31 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:31 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:31 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: pKkTLwkWDzZHs1IHhmVcfGPPq6IJVrFEt0f5pAGfVxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:b6:b0:7a:4d:4f:42:7a:71:a2:e0:25:98:d3:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Mar 25 17:01:31 2026 GMT
            Not After : Mar 26 17:01:31 2026 GMT
        Subject: CN=0432c6a40b54dfb683dc4aed6ef126e0a03e5e04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e3:c6:60:9a:a6:81:0f:98:bc:9e:96:d2:9d:
                    7b:d6:ea:a2:f6:b0:1b:ac:a0:fd:cc:36:78:bc:d5:
                    7b:77:d1:f1:b4:bf:37:40:46:be:3b:85:6e:c9:a5:
                    63:95:a0:9a:45:da:06:60:82:fc:6d:58:12:4e:0b:
                    52:b9:25:0a:dc:d2:9e:44:7c:fd:5f:5f:0c:25:b7:
                    b7:ec:15:06:0a:99:d5:a7:0d:fa:73:9f:d2:c4:b8:
                    99:f9:0f:55:14:89:fa:c8:63:6d:6b:be:91:5d:97:
                    90:29:31:a0:f4:f7:6c:a8:4f:74:cb:48:1c:33:13:
                    25:f4:5e:7c:49:c1:90:e2:55:87:ac:af:47:dc:92:
                    33:29:a7:fd:9e:af:e3:57:77:08:c2:28:ac:68:a9:
                    4e:27:65:de:a0:7b:ba:88:a6:0a:b4:74:34:4e:e6:
                    e9:02:4e:67:48:93:32:82:93:84:5e:6d:2b:f8:73:
                    6b:de:6f:77:c0:a7:42:0b:ef:0f:b6:5a:50:1f:29:
                    c3:56:47:66:c6:6f:9f:05:20:52:79:d4:82:54:70:
                    1e:d6:d1:34:5b:b8:aa:db:f6:bf:ce:bd:5a:0a:1a:
                    d2:5f:9c:c4:d8:8b:53:db:98:bb:83:25:a8:04:62:
                    64:bb:e4:f2:ff:46:ca:24:76:89:40:67:7b:2e:4d:
                    d5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:32:C6:A4:0B:54:DF:B6:83:DC:4A:ED:6E:F1:26:E0:A0:3E:5E:04
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:96:e6:a2:3d:04:77:97:31:f0:ee:8d:d7:a6:7c:2c:28:38:
         04:03:c0:57:10:8d:ac:31:30:c3:ff:71:53:5d:80:b2:46:76:
         94:7e:57:5d:7a:fe:a2:f8:ce:4c:e1:24:d6:cc:de:a4:b9:6e:
         60:53:16:08:5a:5a:8e:5e:5e:08:fa:43:6e:0c:b1:66:d6:78:
         46:f0:21:77:13:a2:a7:84:bf:7d:c1:ec:9b:e1:1f:10:02:aa:
         2d:78:47:1e:34:e0:dc:93:04:31:7c:e2:92:71:b6:56:aa:b3:
         35:c0:32:43:61:12:79:17:80:7e:78:bb:19:99:c8:f9:2c:10:
         6a:1c:84:ab:81:ee:8f:72:15:58:05:79:20:a3:1a:76:4b:95:
         bf:a7:7f:19:e0:d4:df:2b:a2:d6:81:df:01:50:d6:59:cf:10:
         df:e3:08:e8:bf:39:22:cf:fa:38:93:37:90:a6:25:4c:7c:f1:
         8c:5b:1f:a7:cf:2b:e7:c5:93:2e:d7:41:14:b1:7e:a2:6f:d7:
         fb:ff:d2:09:cd:0a:70:c7:40:dc:98:18:fe:42:da:65:05:b0:
         65:64:96:94:27:51:30:28:37:2b:21:4d:e3:d0:18:ab:18:97:
         e8:19:37:23:13:3d:11:12:f8:05:bf:ec:9f:32:a9:f0:fd:30:
         4f:af:a6:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8bawek1PQnpxouAlmNP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjYwMzI1MTcwMTMxWhcNMjYwMzI2MTcwMTMxWjAzMTEwLwYDVQQD
EygwNDMyYzZhNDBiNTRkZmI2ODNkYzRhZWQ2ZWYxMjZlMGEwM2U1ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOPGYJqmgQ+YvJ6W0p171uqi9rAb
rKD9zDZ4vNV7d9HxtL83QEa+O4VuyaVjlaCaRdoGYIL8bVgSTgtSuSUK3NKeRHz9
X18MJbe37BUGCpnVpw36c5/SxLiZ+Q9VFIn6yGNta76RXZeQKTGg9PdsqE90y0gc
MxMl9F58ScGQ4lWHrK9H3JIzKaf9nq/jV3cIwiisaKlOJ2XeoHu6iKYKtHQ0Tubp
Ak5nSJMygpOEXm0r+HNr3m93wKdCC+8PtlpQHynDVkdmxm+fBSBSedSCVHAe1tE0
W7iq2/a/zr1aChrSX5zE2ItT25i7gyWoBGJku+Ty/0bKJHaJQGd7Lk3VGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQyxqQLVN+2g9xK7W7xJuCgPl4EMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJbmoj0E
d5cx8O6N16Z8LCg4BAPAVxCNrDEww/9xU12AskZ2lH5XXXr+ovjOTOEk1szepLlu
YFMWCFpajl5eCPpDbgyxZtZ4RvAhdxOip4S/fcHsm+EfEAKqLXhHHjTg3JMEMXzi
knG2VqqzNcAyQ2ESeReAfni7GZnI+SwQahyEq4Huj3IVWAV5IKMadkuVv6d/GeDU
3yui1oHfAVDWWc8Q3+MI6L85Is/6OJM3kKYlTHzxjFsfp88r58WTLtdBFLF+om/X
+//SCc0KcMdA3JgY/kLaZQWwZWSWlCdRMCg3KyFN49AYqxiX6Bk3IxM9ERL4Bb/s
nzKp8P0wT6+mcA==
-----END CERTIFICATE-----