Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          PjXoWxd7cchoXLAaA9bNWIWhtpJLoVHrfK/1Q8nLPp4=
Subject key identifier:   E6:1C:8F:D0:9E:CA:66:AE:FF:92:8E:0A:48:41:76:0F:07:6A:45:DE
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       019D2703A205A7101BAA477174F5E458237B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:00:42 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:42 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:42 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: NUCfGo+ktjzRPXTE0MNFkv+1n2/6XVqbKjhlgkHhSU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:a2:05:a7:10:1b:aa:47:71:74:f5:e4:58:23:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Mar 25 22:00:42 2026 GMT
            Not After : Mar 26 22:00:42 2026 GMT
        Subject: CN=e61c8fd09eca66aeff928e0a4841760f076a45de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:62:c8:20:78:ff:96:74:31:e4:f1:1e:d3:4a:
                    91:04:4c:47:68:34:bd:84:e7:56:fd:ef:5a:10:24:
                    82:3f:50:6b:11:fa:71:f0:a1:35:4c:29:55:50:c2:
                    ea:26:63:1b:e1:50:da:4c:1a:ed:18:87:c0:31:fe:
                    b3:42:33:7e:e0:64:81:81:f5:16:e8:d2:26:3d:75:
                    e5:b9:ce:f6:c1:f2:77:79:8d:7d:37:82:41:69:c3:
                    cc:74:59:0f:cf:23:03:10:c9:1c:7d:b7:35:c7:7a:
                    af:c5:47:7e:a8:4e:23:4d:45:37:ee:62:78:9b:1d:
                    e5:c3:dd:f6:bb:46:cf:69:43:bd:d8:62:2d:4c:09:
                    59:be:84:6b:f7:a2:a9:34:f2:4d:d8:c4:c2:4f:36:
                    37:52:60:b8:22:71:7d:24:7e:cd:78:fe:75:93:30:
                    8c:56:2f:9e:bc:96:24:d6:f2:6a:57:98:fd:83:b4:
                    4a:bc:54:61:d3:36:d3:9b:af:b2:bb:0d:78:0c:30:
                    9a:8c:8f:9a:01:3d:5a:3b:52:73:5e:cd:59:f8:19:
                    fb:0e:5c:06:41:8f:b6:14:b7:5b:84:8f:77:e6:4b:
                    dc:cd:b8:f8:27:56:8c:7c:e3:90:09:65:d9:32:30:
                    34:44:bb:83:73:ac:fb:6c:39:ff:23:29:1b:7a:7f:
                    87:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:1C:8F:D0:9E:CA:66:AE:FF:92:8E:0A:48:41:76:0F:07:6A:45:DE
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:93:8f:87:7f:61:6d:fb:f3:a2:b2:c4:83:f8:f2:04:ed:d3:
         5e:02:1d:5c:21:aa:9b:ba:4e:2a:ba:35:4e:91:b4:5d:ad:99:
         73:86:22:6f:5b:c2:52:30:d0:0f:30:87:32:29:ff:21:ac:0e:
         a3:22:df:38:8d:91:ed:88:8c:f1:50:2d:53:05:24:91:86:b7:
         6d:f5:c5:26:98:2a:ec:0d:3b:d8:19:e2:80:2c:ff:ed:81:ad:
         43:d4:58:80:98:db:cf:cf:f6:bd:96:61:87:dc:6e:c4:cd:97:
         f2:d3:f8:b3:36:2b:79:e0:b4:d8:fe:8c:37:c8:10:1e:79:83:
         a6:17:c8:1a:5a:7a:75:ad:6e:87:8e:a7:d2:ed:21:37:a1:33:
         06:cb:d5:b3:f7:41:ce:cc:25:62:8b:10:13:5f:b1:b6:8e:c5:
         77:c8:61:ae:d2:06:38:0d:d4:e2:81:77:80:d5:1e:1e:e5:f3:
         55:b6:20:43:a8:46:b9:61:d2:23:34:c0:e6:29:e3:60:d9:c1:
         59:c6:12:b3:32:64:4f:bd:5b:b0:76:5e:b2:6f:73:46:3a:b9:
         8d:b6:ea:50:a2:51:bd:c0:9e:94:07:04:a3:44:90:dc:3a:31:
         1b:91:44:6b:e8:46:94:5f:e3:3b:86:c5:14:5f:09:e5:c0:75:
         b3:90:f3:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6IFpxAbqkdxdPXkWCN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjYwMzI1MjIwMDQyWhcNMjYwMzI2MjIwMDQyWjAzMTEwLwYDVQQD
EyhlNjFjOGZkMDllY2E2NmFlZmY5MjhlMGE0ODQxNzYwZjA3NmE0NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmLIIHj/lnQx5PEe00qRBExHaDS9
hOdW/e9aECSCP1BrEfpx8KE1TClVUMLqJmMb4VDaTBrtGIfAMf6zQjN+4GSBgfUW
6NImPXXluc72wfJ3eY19N4JBacPMdFkPzyMDEMkcfbc1x3qvxUd+qE4jTUU37mJ4
mx3lw932u0bPaUO92GItTAlZvoRr96KpNPJN2MTCTzY3UmC4InF9JH7NeP51kzCM
Vi+evJYk1vJqV5j9g7RKvFRh0zbTm6+yuw14DDCajI+aAT1aO1JzXs1Z+Bn7DlwG
QY+2FLdbhI935kvczbj4J1aMfOOQCWXZMjA0RLuDc6z7bDn/Iykben+HBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYcj9Ceymau/5KOCkhBdg8HakXeMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAJOPh39h
bfvzorLEg/jyBO3TXgIdXCGqm7pOKro1TpG0Xa2Zc4Yib1vCUjDQDzCHMin/IawO
oyLfOI2R7YiM8VAtUwUkkYa3bfXFJpgq7A072BnigCz/7YGtQ9RYgJjbz8/2vZZh
h9xuxM2X8tP4szYreeC02P6MN8gQHnmDphfIGlp6da1uh46n0u0hN6EzBsvVs/dB
zswlYosQE1+xto7Fd8hhrtIGOA3U4oF3gNUeHuXzVbYgQ6hGuWHSIzTA5injYNnB
WcYSszJkT71bsHZesm9zRjq5jbbqUKJRvcCelAcEo0SQ3DoxG5FEa+hGlF/jO4bF
FF8J5cB1s5DznQ==
-----END CERTIFICATE-----